Analytics
1/7/2014
08:34 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Palo Alto Networks Announces First Acquisition

Morta Security is a stealth-mode startup developing a new paradigm to counter advanced cyberthreats

Santa Clara, Calif., Jan 6, 2014 – Palo Alto Networks® (NYSE: PANW), today announced it has acquired Morta Security, a Silicon Valley-based cybersecurity company operating in stealth mode since 2012. Financial terms of the acquisition were not disclosed.

The acquisition of Morta Security further cements Palo Alto Networks as the leading provider of next-generation enterprise security. Palo Alto Networks offerings uniquely provide enterprises the ability to safely enable applications and rapidly detect and prevent threats, especially those that use an increasingly sophisticated array of tactics to compromise networks and gain access to valuable intellectual property.

Morta Security brings to Palo Alto Networks a team experienced at protecting national infrastructure as well as technologies that enhance the proven detection and prevention capabilities of the Palo Alto Networks WildFire&trade offering, which is already used by more than 2,400 customers.

QUOTES

· "The Morta team brings additional valuable threat intelligence experience and capabilities to Palo Alto Networks" said Mark McLaughlin, President and CEO of Palo Alto Networks. "The company's technology developments align well with our highly integrated, automated and scalable platform approach and their contributions will translate into additive threat detection and prevention benefits for our customers."

· "Palo Alto Networks has a successful history of disrupting the network security landscape with its unique offerings" said Raj Shah, CEO of Morta Security. "The Morta team is excited to work with the clear leaders in this space and we look forward to joining the company and contributing to future highly innovative technology leadership."

Advanced Threats Demand Automated and Scalable Approach

Today's sophisticated attacks increasingly rely on a combination of tactics and threat vectors to penetrate an organization and often remain undetected for extended periods of time while inflicting long-term damage. Most organizations still rely on legacy point technologies that address only specific types of attacks, or phases of the attack. Because of the singular nature of these technologies, they are ill-equipped to detect and prevent today's advanced cyber attacks. And, when they are finally discovered, they typically require significant human incident response efforts. As the volume and sophistication of these attacks continues to grow, throwing more point products and human capital at the challenge is too costly and cumbersome for most organizations.

To address these challenges, a new approach is required: One that begins with positive security controls to reduce the attack surface; inspects all traffic, ports, and protocols to block all known threats; rapidly detects unknown threats through analysis and correlation of abnormal behavior; then automatically employs new signatures and policies back to the front line to ensure previously unknown threats are known to all and blocked. This approach can reduce the number of threats that penetrate an organization and greatly reduce the need for costly human remediation.

Palo Alto Networks is pioneering the development of this kind of automated approach; it starts with the firewall as the core enforcement vehicle within the network and is complemented by advanced detection services to increase overall efficacy. With its security platform, Palo Alto Networks builds greater visibility upstream combined with strong prevention mechanisms of both known and unknown threats. The Morta team's cybersecurity expertise and technologies will fit seamlessly into this approach by adding capabilities that can expedite the detection of new attack variations.

To learn more about the Palo Alto Networks security platform and WildFire offering: visit: https://paloaltonetworks.com/products/features/apt-prevention.html.

ABOUT PALO ALTO NETWORKS

Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Unlike fragmented legacy products, our security platform safely enables business operations and delivers protection based on what matters most in today's dynamic computing environments: applications, users, and content. Find out more at www.paloaltonetworks.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6856
Published: 2014-10-02
The AHRAH (aka com.vet2pet.aid219426) application 219426 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6857
Published: 2014-10-02
The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6858
Published: 2014-10-02
The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6859
Published: 2014-10-02
The Daum Maps - Subway (aka net.daum.android.map) application 3.9.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6860
Published: 2014-10-02
The Trial Tracker (aka com.etcweb.android.trial_tracker) application 1.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.