What Is Precision AI™?
Precision AI is Palo Alto Networks proprietary AI system. It helps security teams trust AI outcomes by using rich data and security-specific models to automate detection, prevention, and remediation with industry-leading accuracy.
Precision AI by Palo Alto Networks incorporates the best AI capabilities:
- Machine Learning (ML)–Built into many of our products for more than a decade, ML allows our security applications to become more accurate at preventing, predicting, and remediating security problems by using precise, defined historical and current data as input to predict novel situations.
- Deep Learning–Helps us build predictive models to anticipate and detect security issues in real time by learning from massive amounts of security data
- Generative AI (GenAI)–We use GenAI to enable our tools to “speak human,” simplifying UX and summarizing large volumes of threat intelligence. We do this through our copilots, which, built on our own highly controlled data sets, reduce mean time to resolution (MTTR).
Artificial intelligence has quickly become the most disruptive technology innovation since cloud computing. Organizations of all types and across all industries are racing to use AI to achieve competitive advantage, accelerate product development, improve productivity, reduce costs, and redefine many aspects of their business.
AI also opens up a veritable Pandora’s Box of new cybersecurity vulnerabilities. Cybercriminals are already using AI to scale and accelerate attacks, circumvent existing security controls, and improve existing attack methods such as phishing and prompt injection attacks.
This is just the tip of the iceberg. As AI becomes more widely adopted as a business tool, it will exponentially expand the attack surface and give criminals new vectors to target. Cybersecurity teams are already responding to incidents of adversarial AI used to poison data or write malicious code. Expect cybercriminals to continue being innovative in using AI to strengthen and sharpen their attacks. CISOs are increasingly concluding that the only way to fight AI is with AI. But traditional approaches have fallen short due to factors like inconsistent data quality, security silos, and a skills gap caused by a lack of individuals with expertise in both AI and cybersecurity. A new AI-first approach is needed.
Precision AI Capabilities
Precision AI by Palo Alto Networks is the next generation of AI used explicitly for cybersecurity. Precision AI is a proprietary system that builds on traditional AI/ML approaches but customizes it for security. Specifically, Precision AI brings high-resolution capabilities to cyber defenders by centralizing and analyzing data with security-specific models to help defenders automate detection, prevention, and response. Security has now transitioned to a data problem, requiring data with Precision AI to stop rapidly evolving bad threats in real time. By trusting Precision AI, security teams can confidently automate and achieve security outcomes faster.
The Key Elements of Precision AI: Data and Models
Data
Effective security requires a very high volume of security-specific data. Palo Alto Networks leverages one of the industry's largest footprints of tools and capabilities deployed across various sectors and verticals. We can observe even more adversarial events with each additional customer, giving all customers better security outcomes. We collect and analyze the most data of any pure-play cybersecurity leader in the industry, which is used to protect us all better. For security, resolution becomes a function of seeing data across:
- Attack types: Gathering data on cyber attacks varies significantly based on targets, platforms and more.
- Threat actor activity: Developing threat actor profiles based on methods across tools, techniques and procedures across our entire customer base.
- Sectors: Identifying the type of attacks that are unique to specific geographies and verticals
- Data history: Storing time-stamped information about the above data provides a compounding advantage.
- AI-generated attacks. Identifying when attackers use AI/ML or GenAI attacks to develop malware, phishing attacks, deep fakes and more
Models
To be useful in cybersecurity, Precision AI must be as close to 100% accurate as possible to find every true attack and avoid alerting on false positives. The only way to get there is to use security-specific combinations of AI techniques. While ML and deep learning are the core, Precision AI also takes inputs from GenAI-generated attacks to train defensive capabilities further.
Further, we combine the intelligence and findings of our expert security research teams into these models, creating features that leverage machine intelligence and domain expertise. The Precision AI proprietary system takes the best techniques from all forms of AI and intelligently combines them to get the right outcomes—detecting attacks, Zero Days, breaches, and more—while also rapidly helping fix issues.
How Palo Alto Networks Platforms Use AI
Palo Alto Networks has been a pioneer in integrating ML and AI capabilities into its products and workflows. On a typical day, the company uses more than 1,300 AI models to analyze millions of new telemetry objects globally. Each day, the company detects approximately 1.6 million new and unique attacks that weren’t there the day before and blocks about 8.6 billion attacks.
Precision AI is, in conjunction with the platform model, the cornerstone of the Palo Alto Networks approach to cybersecurity transformation. The AI-first platforms that Precision AI powers include:
Strata
Strata is a network security platform that uses AI to stop zero-day and mutated threats in real- time, accurately identify new devices that have never been seen, and proactively improve security posture to prevent network disruptions. Precision AI powers strata in the following ways:
- The industry’s first ML-powered next-generation firewall and cloud-delivered security services to stop unknown zero-day attacks, enabling cyber teams to go beyond signature-based threat detection and block the most evasive threats.
- IoT security uses a patented, three-tiered ML learning model to identify new devices accurately. This enables cyber teams to understand risk better and apply a security policy based on the principle of least privilege.
- Tools such as Strata Cloud Manager and Strata Copilot to optimize security posture, predictively identify potential disruptions and use generative AI to help cyber teams understand their top security priorities using natural language.
Prisma Cloud
Prisma Cloud is a comprehensive, AI-driven platform that secures everything from code to cloud. It enables cybersecurity teams to effectively operationalize tooling, scale security to match DevOps velocity and protect AI infrastructure from compromise. Precision AI powers Prisma Cloud in the following ways:
- Prisma Cloud Copilot to streamline product setup and troubleshooting by automating tedious tasks and simplifying the creation of customized queries, dashboards, and reports.
- AI-infused security to automatically detect attack paths, intelligently prioritize risk management, discover complex breaches using tools such as APIs and Kubernetes, and enable auto-generated remediation such as iInfrastructure as code (IaC) templates.
- Vulnerability scanning across the AI supply chain, monitoring and filtering malicious prompts, AI data protection, and enforcement of least privileged access. With Prisma Cloud, organizations can use Precision AI against adversarial AI by detecting and blocking attack paths, such as denial-of-service attacks on an LLM.
Cortex
Cortex is a platform for security operations, empowering cyber teams with AI-infused detection, investigation, automation, and response capabilities to stop threats at scale and accelerate incident remediation. Precision AI powers Cortex in the following ways:
- Continuous collection, stitching, and normalization of raw data, not just alerts. Hundreds of out-of-the-box AI models connect alerts and provide the complete picture of an incident in one place, enabling better detection, analysis, and response.
- Cortex Copilot, an AI copilot, simplifies how analysts gather information and take security actions in Cortex XSIAM (Extended Security Intelligence and Automation Management). This includes risk-related actions such as investigation and automatic response, as well as operational tasks such as smart assignment of analysts to incidents.
- Attack surface management, including the ability to continuously scan the internet, uses ML models to continuously map the attack surface, and immediately reduce attack surface risks with built-in automated playbooks.
- Accurate detection and prevention of incidents using behavioral analytics and more than 1,300 AI models. Alert grouping and AI-based incident scoring connect low-confidence events into high-confidence incidents that are prioritized based on overall risk.
Benefits of Precision AI
Products powered by Precision AI enable cybersecurity teams to be faster and more precise in responding to all types of attacks in real time, and it eases the burden on humans by giving them new levels of intelligence, analytics, and automation to do their jobs more efficiently. With Precision AI, cybersecurity teams can combat the latest threats, simplify security, and secure AI infrastructure.
Combat the AI-Driven Threats
Hackers use adversarial AI to improve phishing, scale attacks, create new attacks, and target vectors. Precision AI empowers organizations to evolve to real-time, autonomous security to stop advanced threats, improve MTTR, and address operational challenges. As AI becomes a more powerful weapon for adversaries, Precision AI by Palo Alto Networks enables cyber teams to anticipate and prevent new attack vectors in real time.
Simplify Security
Cybersecurity teams are already under enormous pressure, and organizations still face a shortage of people with important skills. Precision AI by Palo Alto Networks has the potential to revolutionize how practitioners interact with their security toolset. This improves access to information and insight, suggested actions, and less time spent trying to navigate user interfaces or consult product documentation. With products powered by Precision AI alleviating humans from many tedious tasks, cyber teams can be far more productive and effective.
Secure AI by Design
AI infrastructure represents a new and potentially crippling vulnerability. Attacks such as data poisoning or using AI to write malicious code are new vectors that are difficult to identify using traditional security tools and techniques. Products powered by Precision AI enable cybersecurity teams to protect AI infrastructure from compromise, using AI models to secure the entire AI roadmap.
Precision AI: Key Takeaways
AI is ushering in a new era of cybercrime and cybersecurity, and it is all happening at an extraordinarily rapid pace. Cybersecurity teams face new challenges that must be addressed quickly, efficiently, and comprehensively. These include:
- Gauging the impact of AI on businesses, employees, and customers.
- Understanding how their cybersecurity strategy needs to evolve.
- Quantifying incremental cybersecurity risk as a result of AI adoption.
- Implementing governance and compliance models for AI.
- Understanding how adversaries are leveraging AI to circumvent security.
- Deploying AI-based solutions that deliver real-time results with precision and accuracy.
It is an understatement to say a lot is at stake—everything is at stake. Hackers are already using AI to great effect in phishing, malware, and DDoS attacks.
If organizations are to harness AI's vast potential to transform their businesses, they must be able to use AI safely and defend against attacks using AI. They must be precise in preventing, detecting, and responding to attacks.
The Precision AI system is designed specifically for a new era of AI-first cybersecurity to help organizations to combat the latest threats in real time. Precision AI simplifies security and enables organizations to secure new AI-related projects and infrastructure.