Enterprise DLP
Protect all sensitive data across your business landscape

Precision AI

Precision AI® leverages machine learning, deep learning and generative AI to analyze rich and diverse threat data to deliver real-time protection for the entire network.

Key Capabilities

Easy to Deploy, Update, and Scale

Our Enterprise DLP deploys and scales across the entire enterprise in minutes, not months, because it’s natively integrated into our existing firewalls. Delivered from the cloud across network inline, SaaS at rest, SaaS inline, and infrastructure as a service (IaaS), we ensure that new protections and product updates are applied instantaneously across the security stack

Highly Reliable Detection

Automatically identify sensitive information within unstructured conversations on collaboration apps like Slack with our advanced optical character recognition (OCR). Purposely built for DLP, OCR better preserves the context of documents to find sensitive content in PDFs, images, and screenshots compared to standardized OCR engines.

Holistically detect documents and document types based on each unique structure and fingerprint with our Deep Neural Net (DNN) models. Our advanced machine learning-based methods focus on data security over compliance and include detection of ID cards, credit card images, legal documents, and financial documents, among others. This goes above and beyond traditional DLP, which relies on fixed patterns and regular expressions to detect specific information

The DNS Security service predicts and stops malicious domains with instant enforcement through the NGFW, protecting you against automated attacks. Our ML-enabled detection engines (see table 2) solve key emerging DNS-based attacks, such as ultra-slow DNS tunneling, dangling DNS, and DNS rebinding. DNS Security can even predict new malicious domains right after their registration, before they can be used against you. DNS Security’s comprehensive, market-leading protections provide you with the most effective security regardless of DNS settings, configurations, and deployment model.

Comprehensive Data Protection

Our comprehensive DLP solution covers every network and web transmission for all users, regardless of their location. It protects multiple SaaS applications and public clouds while eliminating blind spots across on-premises and multicloud environments.

• Embedded in a next-generation firewall (NGFW) as a cloud-delivered service that inspects web traffic over HTTP and HTTPS, Enterprise DLP automatically detects sensitive content in motion via machine learning-based data classification, hundreds of data patterns, and business context—all without disrupting business users.
• Enterprise DLP in our VM-Series Virtual NGFWs automatically discovers, monitors, and protects
• Enterprise DLP in Prisma Access automatically discovers, monitors, and protects sensitive data in motion across branch offices and mobile users. Natively integrated into secure access service edge (SASE), it allows organizations to stay ahead of their digital transformation.
• Natively integrated into our Next-Gen CASB and greatly expanded to address more contemporary data loss scenarios, including the growing threat of sensitive data being shared within collaboration apps such as Slack or Teams
• Enterprise DLP in Prisma Cloud discovers, monitors, and protects sensitive data at rest in public cloud storage, such as Amazon S3 buckets. We offer Enterprise DLP in Prisma Cloud as Prisma Cloud Data Security in combination with our WildFire malware prevention service.
• Email DLP identifies sensitive data using machine learning, protects data when sent to varying domains, and ensures data safety regardless of the device or email client. It provides organizations with consistent data security, leveraging extensive data detection methods, and offers global insights into data risks.
• Data Security for Generative AI Apps includes comprehensive app usage visibility, specific SaaS application controls, and advanced data security employing ML for data classification and leakage prevention.

Identify and Quarantine Infected Systems

Use automation to prevent the spread of infection. Automate dynamic response to find infected machines and quickly respond in policy. When attacks using DNS are identified, security administrators can automate the process of sinkholing malicious domains on the NGFW to cut off C2, rapidly identify infected users on the network, and even isolate them. Combining malicious domain sinkholing, Dynamic Address Groups (DAGs), and logging actions enables automation of detection and response workflows, saving analysts time by removing the slow and manual processes other solutions require.

Get Insight from DNS Analytics

Give your security personnel the context they need to take action. Threat reporting capabilities allow deeper insights into threats than ever before, delivering full visibility into DNS traffic with:

• Give your security personnel the context they need to take action. Threat reporting capabilities allow deeper insights into threats than ever before, delivering full visibility into DNS traffic with:
• Context around DNS events that will show you what kind of domains are being queried and with what frequency, time stamps, passive DNS information for each domain, WHOIS information, and any associated malware tags.
• Security hygiene to keep track of what security capabilities are enabled by your NGFWs across your estate, allowing you to quickly eliminate any blind spots.

The Power of Palo Alto Networks Security Subscriptions

Today, cyberattacks have increased in volume and sophistication, using advanced techniques to bypass network security devices and tools. This challenges organizations to protect their networks without increasing workloads for security teams or hindering business productivity. Seamlessly integrated with the industry’s first ML-Powered NGFW platform, our Cloud-Delivered Security Services coordinate intelligence and provide protections across all attack vectors, providing best-inclass functionality while eliminating the coverage gaps disparate network security tools create. Take advantage of market-leading capabilities with the consistent experience of a platform, and secure your organization against even the most advanced and evasive threats. Benefit from Enterprise DLP or any of the following security subscriptions

• Advanced Threat Prevention: Stop known exploits, malware, spyware, and command-andcontrol (C2) threats while utilizing industry-first prevention of zero-day attacks. Prevent 60% more unknown injection attacks and 48% more highly evasive command-and-control traffic than traditional IPS solutions
• Advanced WildFire malware prevention: Ensure files are safe by automatically preventing known, unknown, and highly evasive malware 60X faster with the industry’s largest threat intelligence and malware prevention engine.
• Advanced URL Filtering: Ensure safe access to the internet and prevent 40% more web-based attacks with the industry’s first real-time prevention of known and unknown threats, stopping 88% of malicious URLs at least 48 hours before other vendors.
• DNS Security: Gain 40% more threat coverage and stop 85% of malware that abuses DNS for command and control and data theft without requiring changes to your infrastructure.
• Enterprise DLP: Minimize the risk of a data breach, stop out-of-policy data transfers, and enablecompliance consistently across your enterprise, with 2X greater coverage than any cloud-delivered enterprise DLP
• SaaS Security: The industry’s only Next-Generation CASB natively integrated into the Palo Alto Networks SASE offers proactive SaaS visibility, comprehensive protection against misconfigurations, real-time data protection, and best-in-class security.
• IoT Security: Safeguard every “thing” and implement Zero Trust device security 20X faster with the industry’s smartest security for smart devices
• AIOps: AIOps for NGFW redefines firewall operational experience by empowering security teams to proactively strengthen security posture and resolve firewall disruptions.

Best-in-class IPS

Decrease risk by 45% and get a return on spend in six months versus stand-alone network threat protection.

Documentation:

Download the Advanced DNS Security Datasheet (PDF).