Here are some additional facts you can use based on where we closed at the end of FY15. We’ll update these numbers quarterly following each earnings release.
At the end of Q4, ‘15, we had more than 26,000 customers in over 140 countries across multiple industries.
Palo Alto Networks has ranked an ”enterprise firewall market leader” by Gartner in 2011, 2012, 2013 and 2014 (published April 2015).
FY’15 revenues grew 55% year over year
We have consistently added more than 1,000 customers per quarter for the last 15 consecutive quarters, indicating a strong acceptance of our vision and strategy.
We have over 2,600 employees worldwide.
We’ve built a world-class global support operations with teams in the Americas, EMEA, Asia, and Japan.
Over the last two years in particular we’ve seen a dramatic change in both the attacker and the techniques they use. By many estimates cybercrime is now a $1+ trillion industry. And like any industry, opportunity fuels more investment and it is clear this “industry” isn’t being deprived. But like any industry investment decisions are made based on the expectation of profit. The best way to get an industry to collapse on itself is take away that potential for profit. Our strategy is quite simple - make it so unbelievably hard for cybercriminals to achieve their objectives that their only recourse is to invest more and more resources to stage a successful attack, or give up and move on to someone else.
Today there are more than 100 nations who are actively building cyber military capabilities. Out of the 100 there are about 20 who are considered serious players. These nation states follow a completely different set of motives, and are not concerned about profit. These new units are accelerating the weaponization of vulnerabilities. They’re launching sophisticated campaigns at our employees looking to take advantage of weak defensive links. They are not motivated by profit. They’re motivated by warfare, terrorism, theft of secrets that may give their country an advantage. Equally so, we need to make it unbelievably hard for these nations to achieve their objectives.
To achieve this we must consider a new approach.
---------------------------------------------------------
Facts & Credits
The $445B comes from a study administered by the Center for Strategic and International Studies (CSIS) and released June 2014.
Peter W. Singer, director of the Center for 21st Century Security and Intelligence at the Brookings Institution, said 100 nations are building cyber military commands, and of that there are about 20 that are serious players and a smaller number could carry out a complete cyberwar campaign.
The barrier to entry for attackers has come down significantly in the last couple of years with the accessibility of exploit kits that may be easily purchased online with full support.
This new approach must account for the realities that today’s attacks are not only multi-dimensional in nature, but also use an increasingly sophisticated set of techniques that are constantly in a state of change. As these techniques evolve the risk of breach increases. And as we all know an organization is only as strong as its weakest entry point, therefore an effective strategy must include multiple kill-points working together to prevent all aspects of an attack. This includes
Blocking the different techniques attackers might use to evade detection and establish command-and-control channels
Preventing installation of malware – including unknown and polymorphic malware
Blocking the different techniques that attackers must follow in order to exploit a vulnerability
Closely monitoring and controlling communications within the organization to protect against the unabated lateral movement when legitimate identities are hijacked
With the evolution of the attack and the attacker as a backdrop, let’s take a quick look at where some of the breakdowns in approaches are occurring.
---------------------------------------------------------
Facts & Credits
Today we detect and analyze over 2M forms of new malware within WildFire. This trend line is increasing monthly.
We’d like to help you build a prevention-focused architecture that stops at nothing short of complete visibility into all traffic; is natively integrated in such a way that no gaps exist and context is delivered so you only have to react to the threats that are critically important; is highly automated to reduce or remove manual response; and enables you to drive seamless policy throughout your organization to reduce your attack surface and eliminate unnecessary risk.
How do we do that?
If you go back in time, the first thing we said we were going to do as a company was safely enable the use of all applications on your network. Why is that important? Attackers know that one of the easiest ways to get into your network is through an application. Back in the mid-90’s our founder, Nir Zuk, created the first stateful inspection firewall. Stateful inspection firewalls use port, protocol and IP addresses to make security policy decisions. That was OK in the mid-90’s when you had only two applications on your network – email and web that communicated over a very predictable set of ports. At the time there was also a very limited number of devices to contend with on your network. Fast forward to the early-2000’s and Nir could see that the number of applications landing on the network was about to explode, and that stateful-based firewalls would be incapable of handling this new environment where these applications utilized significantly more ports and followed non-standard patterns that the stateful firewall simply couldn’t anticipate. Mega trends like BYOD, mobility and cloud computing added further complications. Nir made the decision to re-invent the firewall and develop a new approach that took the guessing out of security, and provided a much more robust solution for managing applications, users and devices. That approach led to the formation of Palo Alto Networks in 2005, and the creation of the industries first next-generation firewall in 2007. The big different between stateful firewalls and next-generation firewalls is we don’t guess. We don’t guess about applications, we don’t guess about users, we don’t guess about content, and we don’t guess about devices. We definitively inspect and identify all applications, users, content, and devices operating across your network. That means you get real visibility on your network which leads to better security.
The next thing we said we were going to do was prevent both known and unknown cyber threats for all users on any device across any network. To achieve this we developed a series of cloud-based services that integrate closely with the next-generation firewall and deliver automated threat detection and prevention. We have four cloud-based services today – Threat Prevention, URL Filtering, WildFire and GlobalProtect for mobile security. Let’s pick one of these services, WildFire, to demonstrate to power of this integrated approach. Now, if an attacker attempts to breach your organization using a known threat we’re going to automatically block that attack using a combination of our next-generation firewall and cloud-based services (Threat Prevention, URL Filtering and GlobalProtect). If the threat is unknown we’re going to quickly turn it into a known threat using WildFire which detects and analyzes potentially malicious files looking for new forms of malware, malicious URLs or command-and-control sites. As those unknown threats are detected, WildFire automatically develops new protections and within minutes routes those tools back to your cloud based services. We don’t just route those tools to your systems, we route them to the global customer base so you benefit from the multiplier effect of a large threat intelligence community. This automated process ensures that your platform can delivery the highest levels of security for all users on any device across your entire network.
The newest technology we’ve brought to market is advanced endpoint protection. Let me tell you why we went down this path. Legacy providers have not been able to keep up with the challenges associated with advanced threats that have been finding their way onto the endpoint, then working their way into the network. We looked across the market, at all of the different approaches and decided something truly disruptive had to happen. Many of the “newer” technologies have effectively given up on prevention and instead focus their efforts on detection and remediation. Other prevention-based approaches were simply ineffective at stopping advanced threats, or imposed too much operational overhead to be viable on a large scale basis. We came up with a very unique approach that prevents all exploit and malware-based attacks, even those based on unknown zero-day vulnerabilities. And we do this with a very lightweight and scalable technology. This approach has proven to be highly effective at protecting endpoints from advanced attacks – including laptops, servers, industrial control systems, bank ATMs, medical devices and retail point of sale systems.
So, to wrap it up our core value proposition is that we provide an enterprise security platform that safely enables all applications through granular use of controls and prevention of known and unknown cyber threats for all users on any device across any network. In doing so we’re able to deliver superior security with superior TCO.