Threat Prevention defends your network against both commodity threats—which are pervasive but not sophisiticated—and targeted, advanced threats perpetuated by organized cyber adversaries. Threat Prevention includes comprehensive exploit, malware, and command-and-control protection, and Palo Alto Networks frequently publishes updates that equip the firewall with the very latest threat intelligence. You can use the Threat Vault to research the latest threats that Palo Alto Networks next-generation firewalls can detect and prevent. 

What's New

The DNS Security subscription service applies predictive analytics to disrupt attacks that use DNS for command-and-control (C2) or data theft.
Attackers often use bulletproof hosting providers to distribute malicious, illegal, and unethical material—now you can block these services with a new, built-in external dynamic list.

PAN-OS 9.0 introduces better external dynamic lists (EDLs): now you have more capacity and the flexibility to prioritize important feeds.

TechDocs Blog: Best Practices Served All Day

Is your organization mission-critical, security-first, or a mix of both?  Our best practices will guide you on how to best deploy threat updates, depending on your risk tolerance and application availability needs.

Featured Content

Identify C2 Infected Hosts On Your Network


Use DNS sinkholing to identify and quarantine hosts on your network that are attempting to communicate with malicious domains.

Prevent Layer 4 and Layer 7 Evasions


Follow our best practices to monitor and protect your network from Layer 4 and Layer 7 attacks.

Threat Prevention FAQs


Learn more about Threat Prevention works, and the many ways it can help you to defend against cyberattacks.

Documentation for the PAN-OS Version You're Using

Threat Prevention with PAN-OS 9.0


Threat Prevention with PAN-OS 8.1


Threat Prevention with PAN-OS 8.0