Analytics
1/7/2014
08:34 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Palo Alto Networks Announces First Acquisition

Morta Security is a stealth-mode startup developing a new paradigm to counter advanced cyberthreats

Santa Clara, Calif., Jan 6, 2014 – Palo Alto Networks® (NYSE: PANW), today announced it has acquired Morta Security, a Silicon Valley-based cybersecurity company operating in stealth mode since 2012. Financial terms of the acquisition were not disclosed.

The acquisition of Morta Security further cements Palo Alto Networks as the leading provider of next-generation enterprise security. Palo Alto Networks offerings uniquely provide enterprises the ability to safely enable applications and rapidly detect and prevent threats, especially those that use an increasingly sophisticated array of tactics to compromise networks and gain access to valuable intellectual property.

Morta Security brings to Palo Alto Networks a team experienced at protecting national infrastructure as well as technologies that enhance the proven detection and prevention capabilities of the Palo Alto Networks WildFire&trade offering, which is already used by more than 2,400 customers.

QUOTES

· "The Morta team brings additional valuable threat intelligence experience and capabilities to Palo Alto Networks" said Mark McLaughlin, President and CEO of Palo Alto Networks. "The company's technology developments align well with our highly integrated, automated and scalable platform approach and their contributions will translate into additive threat detection and prevention benefits for our customers."

· "Palo Alto Networks has a successful history of disrupting the network security landscape with its unique offerings" said Raj Shah, CEO of Morta Security. "The Morta team is excited to work with the clear leaders in this space and we look forward to joining the company and contributing to future highly innovative technology leadership."

Advanced Threats Demand Automated and Scalable Approach

Today's sophisticated attacks increasingly rely on a combination of tactics and threat vectors to penetrate an organization and often remain undetected for extended periods of time while inflicting long-term damage. Most organizations still rely on legacy point technologies that address only specific types of attacks, or phases of the attack. Because of the singular nature of these technologies, they are ill-equipped to detect and prevent today's advanced cyber attacks. And, when they are finally discovered, they typically require significant human incident response efforts. As the volume and sophistication of these attacks continues to grow, throwing more point products and human capital at the challenge is too costly and cumbersome for most organizations.

To address these challenges, a new approach is required: One that begins with positive security controls to reduce the attack surface; inspects all traffic, ports, and protocols to block all known threats; rapidly detects unknown threats through analysis and correlation of abnormal behavior; then automatically employs new signatures and policies back to the front line to ensure previously unknown threats are known to all and blocked. This approach can reduce the number of threats that penetrate an organization and greatly reduce the need for costly human remediation.

Palo Alto Networks is pioneering the development of this kind of automated approach; it starts with the firewall as the core enforcement vehicle within the network and is complemented by advanced detection services to increase overall efficacy. With its security platform, Palo Alto Networks builds greater visibility upstream combined with strong prevention mechanisms of both known and unknown threats. The Morta team's cybersecurity expertise and technologies will fit seamlessly into this approach by adding capabilities that can expedite the detection of new attack variations.

To learn more about the Palo Alto Networks security platform and WildFire offering: visit: https://paloaltonetworks.com/products/features/apt-prevention.html.

ABOUT PALO ALTO NETWORKS

Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Unlike fragmented legacy products, our security platform safely enables business operations and delivers protection based on what matters most in today's dynamic computing environments: applications, users, and content. Find out more at www.paloaltonetworks.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

CVE-2014-5212
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.