>
    Strata Copilot
    New Features in July 2025
    Focus
    Download PDF
    Focus
    1. Home
    2. Device Security
    3. New Features in 2025
    4. New Features in July 2025
    Download PDF
    Device Security

    New Features in July 2025

    Table of Contents

    New Features in July 2025

    Review the new features introduced in Device Security in July 2025.
    Where Can I Use This?What Do I Need?
    • Device Security (Managed by Strata Cloud Manager)
    • (Legacy) IoT Security (Standalone portal)
    One of the following subscriptions:
    • Device Security subscription for an advanced Device Security product (Enterprise, OT, or Medical)
    • Device Security X subscription
    The following new features and enhancements were introduced for Device Security in July 2025.
    New Features
    Controller Configuration and Inventory Files Support
    Device Security extended support for parsing device configuration files to include:
    • Siemens PRONETA files (.xml)
    Localization Support for Device Security in Strata Cloud Manager
    Device Security in Strata Cloud Manager supports localization for the web interface in the following languages:
    • Spanish
    • French
    • German
    Vulnerability signatures
    The Device Security Research team added detections for 350 vulnerabilities this month. Of the 350 vulnerabilities, 32 of them had a critical CVSS score. You can see a complete list of the CVEs for which detections have been added at Vulnerability Signatures in 2025.
    Dictionary file update
    There were five dictionary file updates in July 2025. The following summarizes what was added in each update:
    • July 02 update – 19 new profiles and 14 new vendors
    • July 09 update – 7 new profiles, 16 new vendors, and 87 new models
    • July 16 update – 18 new profiles, 4 new vendors, and 1 new category
    • July 24 update – 20 new profiles, 19 new vendors, 127 new OSes, and 50 new models
    • July 30 update – 1 new profile and 7 new vendors

    Packet Capture Collection

    You can enable packet capture collection across your tenant to improve device identification and enhance security protections. The Device Security Research Team analyzes pcap files to enhance device and application recognition, which in turn helps accurately identify security alerts and vulnerabilities in your network. We encrypt all pcap files, and any file with personal information or customer identifying information won’t be used. For more information about data security and privacy, see the IoT/OT Security Privacy Datasheet.

    Network Discovery Plugin 2.2.1

    The Network Discovery plugin version 2.2.1 includes a number of addressed issues to improve configuration and runtime performance. See Known Issues in Network Discovery 2.2 for a full list of addressed issues.

    AIMS 3 Integration

    Device Security supports integrating with AIMS 3 from Phoenix Data Systems to learn about healthcare devices and endpoints from AIMS 3. Device Security can retrieve device details from AIMS 3 and use that information to enrich device information in the Device Security assets inventory. Device Security also creates new devices in the assets inventory for devices learned through the AIMS 3 integration.

    Jira Cloud Integration

    Device Security supports integrating with Jira Cloud to streamline alert management for your network. Through this integration, you can automate sending security alerts and vulnerabilities from Device Security to Jira tickets. By specifying the alert and vulnerability severity levels you want visibility into, you can set up a recurring job to automatically create Jira tickets for new alerts and vulnerabilities that match your criteria. You can also manually create Jira tickets from the Device Details, Vulnerability Details, Alert Details, and Alert Inventory pages in the Device Security web interface.
    You can also check if the Jira tickets created through Device Security are resolved and update the status of the corresponding alerts and vulnerabilities in Device Security. By supporting both manual and automated ticket creation, as well as automated risk resolution based on ticket status, the Jira Cloud integration lets you manage security incidents through your existing incident tracking system while maintaining a unified, real-time view of network risks.

    IP-MAC Source Binding Visibility

    When viewing the Assets Inventory and the Device Details page, you can now see the source for each device’s IP-MAC binding. Select the IP-MAC Sources in the column selector to display the IP-MAC binding source in the Assets Inventory. This column displays where a device’s IP-MAC binding came from, whether from network traffic or a third-party integration.

    Device Utilization Download Enhancement

    For the Device Security Medical vertical, the device utilization download now includes information about the hourly use of the device. This enhancement provides the same hourly utilization information as the web interface in the device download file.

    © 2026 Palo Alto Networks, Inc. All rights reserved.