New Features in July 2025
Focus
Focus
Strata Cloud Manager

New Features in July 2025

Table of Contents

New Features in July 2025

Here are the new features available in Strata Cloud Manager in July 2025.
Features listed here include some feature highlights for the products supported with Strata Cloud Manager.

Identity and Access Management Support for SCIM

Strata Cloud Manager now supports the use of a System for Cross-domain Identity Management (SCIM) for identity and access management, allowing you to automatically provision and manage user access through your existing identity provider systems. This integration enhances Strata Cloud Manager's security capabilities by enabling synchronization of user provisioning between your organization's identity systems and Strata Cloud Manager, addressing a critical need for consistent access management across cloud applications.
The Strata Cloud Manager SCIM implementation is fully compliant with core schemas (RFC 7643) and protocols (RFC 7644), providing a standardized approach to identity management. Currently, Strata Cloud Manager supports SailPoint as an identity provider for SCIM integration. You can use this feature to automate the creation, modification, and deletion of users and their access policies within Strata Cloud Manager directly from your SailPoint identity provider system. The SCIM leverages OAuth 2.0 Client Credentials for authentication, using service account credentials from your Tenant Service Group (TSG).
When you enable SCIM for your tenant, you can choose SCIM as an authorization source for managing access policies. You also have the option to choose authorization sources independently, giving you flexibility in how you manage user access. The SCIM integration is particularly valuable for organizations with large user bases where manual user provisioning across multiple systems would be inefficient and error-prone.
The implementation includes the ability to manage users, groups (access policies), and service accounts, allowing your identity management system to perform all necessary operations on Strata Cloud Manager identities. This integration helps ensure that when users change roles or leave your organization, their access rights are automatically updated across all connected systems, maintaining security and compliance with your organization's access policies.
By supporting SCIM, Strata Cloud Manager enables you to maintain a single source of truth for identity management, reducing administrative overhead and improving security by ensuring consistent and up-to-date access controls across your cloud environments.

Strata Copilot: New Region Support

Strata Copilot now extends its reach to new regions, enhancing global accessibility. This expansion brings the powerful AI-driven assistance to users in South Africa. By increasing geographical coverage, Strata Copilot offers more organizations the opportunity to streamline their security operations, leverage intelligent insights, and improve overall efficiency in managing their Palo Alto Networks solutions in Strata Cloud Manager across these diverse locations.

Enhanced IOC Search Functionality in Strata Cloud Manager

The Strata Cloud Manager IOC Search functionality has been enhanced to help you identify and prioritize security threats by providing comprehensive context for various indicators of compromise. The IOC Search is powered by the Strata Logging Service, a cohesive cloud-based logging solution for personalized network security analytics, giving you deeper insights into potential threats across your environment.
When you search for indicators such as domains, URLs, file hashes (SHA-256), IP addresses (IPv4 and IPv6), you receive detailed threat context and data telemetry specific to your tenant, your industry, and the global threat landscape. This multi-level visibility allows you to understand not only whether a specific indicator is malicious, but also its prevalence in your organization, and across the Palo Alto Networks customer base.
For each indicator you search, you can also view associated tags that provide additional context about the threats, helping you understand potential threat actor attribution, or if it is associated to a malware campaign, why it is deemed malicious.
As you investigate potential security incidents, the IOC Search gives you the enriched insights needed to make informed decisions about prioritization and response, ultimately helping you focus your security team's efforts on the most significant threats to your organization.

Strata Copilot: Accessibility Change

Strata Copilot has been redesigned to deliver more efficient intelligent assistance within Strata Cloud Manager. The updated interface will roll out in phases throughout July. Once deployed to your Strata Cloud Manager instance, you'll find Strata Copilot accessible directly from the left navigation panel, seamlessly integrating into your existing workflow.
The redesigned interface maintains visual consistency with Strata Cloud Manager by supporting both light and dark themes and featuring a responsive design that adapts to any screen size. For complex tasks requiring maximum screen space, you can collapse the navigation menu while retaining full access to chat functionality through the consistently placed chat box available on every page.
When you launch Strata Copilot, you will receive a personalized welcome message with suggested topics to help you quickly address common security management scenarios. As you interact with the system, contextually relevant prompts appear to guide your queries and help you formulate effective questions.
Strata Copilot now provides explanations and technical references within conversations to help you understand the reasoning behind suggestions. Complex information is presented in a structured format with specialized display components that improve comprehension of technical content.
In addition, the Best Practice Assessment functionality within Strata Copilot has also been enhanced to provide more comprehensive security insights, enabling you to evaluate your security posture without leaving the Copilot interface. This integration streamlines your security assessment workflows and provides immediate access to actionable information to improve your security stance.

Direct Users in Activity Insights

July 18, 2025
Supported for: Strata Cloud Manager
Update:
The Users tab in Activity Insights (Activity InsightsUsersAll Users/Hosts) now displays “direct” users who connect to your network infrastructure while disconnected from GlobalProtect™. Previously, ADEM collected and displayed event information for these users in Application Experience, but Activity Insights did not show these users in its dashboards. Now, administrators will see direct users in the Users tab table, providing complete visibility into network activity regardless of GlobalProtect connection status.