This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

Cloud-Delivered Security Service Newsletter--November 2025

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Blogs
7 min read

Cloud-Delivered Security Service Newsletter--November 2025

tbolatiwa
L3 Networker
‎11-25-2025 11:58 AM

The Cloud-Delivered Security Service Edge: The Monthly Newsletter for Security That Never Sleeps

Welcome to the November 2025 edition of the Cloud-Delivered Security Services (CDSS) Newsletter

 

The Cloud-Delivered Security Services (CDSS) Monthly Newsletter brings you the latest updates, insights, and innovations from Palo Alto Networks’ cloud-powered security platform. Each month, we highlight key product releases, upcoming events, technical tips, and best practices across our Advanced Core Subscriptions: Advanced Threat Prevention, Advanced WildFire, Advanced URL Filtering, Advanced DNS Security, and Device Security.

 

This month, we highlight major updates across the portfolio, including the new QR Code-Based Phishing Detection in Advanced URL Filtering, expanded DoH support for Advanced DNS Resolver (ADNSR), and the release of new instructional resources, such as the CDSS LIVEcommunity YouTube Playlist and in-depth Ignition & Activate CDSS Blogs.

 

Our goal is to help you stay informed, connected, and empowered to maximize the benefits of your CDSS investments. Whether you’re a customer, partner, or security practitioner, the newsletter keeps you up to date on how Palo Alto Networks continues to deliver industry-leading threat prevention, AI-driven detection, and unified protection across networks, users, and devices.

 

What’s New In CDSS 

 Screenshot 2025-11-25 at 1.25.30 PM.png

  • NEW CDSS LIVEcommunity YouTube Playlist: We’re excited to introduce the new CDSS LIVEcommunity YouTube Playlist, a central hub for short, easy-to-follow videos that help customers get the most out of Cloud-Delivered Security Services. This dedicated playlist features step-by-step tutorials, feature walkthroughs, best-practice guidance, and highlights of the latest innovations across the CDSS portfolio. Whether you’re looking to understand a new capability, see a configuration in action, or stay updated on recent enhancements, this playlist makes it simple to learn at your own pace. New videos will be added regularly as we continue to expand content across all of CDSS. Check it out and subscribe to stay informed on the latest CDSS updates and guidance.

                    Screenshot 2025-11-25 at 1.28.18 PM.png

 

  • NEW CDSS Ignite & Activate CDSS Blogs: This Ignite & Activate CDSS Blog features a deep dive into each of our core advanced security subscriptions—Advanced Threat Prevention (ATP), Advanced WildFire (AWF), Advanced DNS Security (ADNS), and Advanced URL Filtering (AURL). Each blog highlights the value of our advanced security subscriptions and how they proactively prevent modern threats across the evolving attack landscape. The content reinforces the importance of staying ahead of attackers and ensuring that the security services customers already own are fully activated. When these capabilities are enabled and properly configured, organizations gain stronger protection against evasive malware, phishing, zero-day exploits, DNS-layer threats, credential theft, and more.
  • New Advanced URL Filtering Blog:  Explore our latest blog on Evolving AI Traffic Control and Why Change Requests Are Now Limited to Granular AI Categories. As AI use cases multiply, broad categories no longer provide the visibility or precision organizations need. The blog explains how Granular AI Categories improve accuracy, strengthen governance, and align access controls with specific AI workloads to ensure safer, more compliant AI usage across the enterprise.
  • New Advanced DNS Resolver Blog: Our latest blog explores how DNS over HTTPS support enhances privacy and performance while preserving the visibility and enforcement needed to stop modern DNS-layer threats. It explains how ADNSR inspects encrypted DNS traffic in real time, applies behavioral analysis to detect tunneling and command-and-control activity, and enhances overall DNS protection. The blog provides a simple overview of how enabling DoH within ADNSR improves security effectiveness and streamlines operations.

CDSS Security Spotlight of the Month

 

This month, we’re spotlighting Advanced DNS Security Resolver (ADNSR), our most advanced capability for stopping modern DNS-layer threats before they ever reach users, devices, or applications. ADNSR provides real-time visibility, inline inspection, and behavioral analysis to uncover the covert techniques attackers use to evade traditional resolvers. If you’re looking to close critical blind spots, strengthen your security posture, and modernize your DNS protection, this is the update you don’t want to miss. To learn how ADNSR can elevate your DNS security strategy and deliver stronger, more proactive protection across your environment, reach out to your Palo Alto Networks representative. 

 

Screenshot 2025-11-25 at 1.30.04 PM.png

 

For more information, explore our latest resources: 

Latest Product Updates Across CDSS Core Subscriptions

Advanced URL Filtering

  • Released QR Code-Based Phishing Detection, an ML-powered inline prevention that proactively decodes and blocks malicious QR codes on corporate devices before scanning, closing a critical web security gap. This is automatically enabled for all licensed customers, with no additional configuration required.
  • The File-Converter category was activated on November 14th. Popular URLs will be gradually re-categorized into this new category. A list of the most popular URLs is available in our blog.

Advanced Wildfire

  • Added support for jsp/jspx file types for XDR Submissions
  • Upgraded the .Net Framework version for Windows 7 and Windows 10 Virtual Machines 

Advanced Threat Prevention

  • Local Deep Learning (LDL) -HTTP Model Improvement has increased the True Positive rate by 4.19% and reduced the False Positive rate by 1.33%
  • SecureIQ 2025- The SecureIQ 2025 Command and Control Comparative Report concludes that Palo Alto Networks provides superior protection and ease of use. Here is the link to the Report.

Advanced DNS Security

  • ADNSR now officially supports DNS over HTTPS (DoH). Leveraging DoH fully encrypts all campus/branch user DNS traffic, preventing malicious actors and external parties from viewing or modifying user DNS traffic. Link: Tech Docs
  • DNS Misconfigurations Report through Strata Canvas is now generally available

Device Security

  • Expanded Advanced Device-ID: Use up to 30 non-custom and third-party device attributes/tags for defining Advanced Device-ID matching criteria. Requires PAN-OS 12.1.2+.
  • Managed Status Custom Attribute: New system-created custom attribute (Managed Status) to auto-classify devices as managed/unmanaged using saved queries or filter
  • New Third-Party Integrations: Adds support for SentinelOne Singularity, Siemens Industrial Asset Hub, ManageEngine Endpoint Central, and Microsoft DHCP Server.

Tips & Best Practices

Tip of the week: Use prevention capabilities Inline, not just detection. CDSS services deliver inline, real-time prevention, not just post-analysis verdicts.

What is the best practice? Enable inline ML/AI analysis for ATP, AWF, AURL, and ADNS to block threats before they execute, especially malware, phishing, DNS tunneling, and zero-day attacks.

 

Did You Know Threat Facts & Insights

Screenshot 2025-11-25 at 1.30.59 PM.png

Did you know that there is a 30% average increase in cyberattacks during holiday periods, as attackers take advantage of reduced employee presence and increased online activity. To stay proactive, ensure your security controls are fully enabled and up to date to keep your network protected as we head into the holidays.

*HALOCK Security. Holiday Cyber Incident Response Readiness and Checklist. Accessed 2024.

 

CDSS Events You Won’t Want to Miss

CDSS Ultimate Test Drive: Experience Cloud-Delivered Security Services in action by joining our Ultimate Test Drive. In this hands-on session, you’ll explore real attack scenarios and see how our CDSS advanced security services, powered by Precision AI, work together to block ransomware, phishing, and web-based malware before they reach your users. Gain practical best practices, test our latest innovations, and quickly understand the value CDSS delivers across your environment. Register today and see prevention in action.

 

Explore More Cloud-Delivered Security Services  Resources

Stay Protected with Cloud-Delivered Security Services 

Palo Alto Networks Cloud-Delivered Security Services (CDSS) provides comprehensive protection for the modern threat landscape. This month, we highlighted the critical importance of enabling inline prevention to stop threats like malware, phishing, and DNS attacks before they execute, particularly as cyberattacks rise during the holiday season. With innovations like QR Code-Based Phishing Detection and enhanced capabilities in the Advanced DNS Resolver (ADNSR), CDSS is powered by Precision AI and industry-leading threat intelligence to secure your users, devices, and data wherever they connect.

 

To learn more about maximizing your investment, including hands-on experience in our CDSS Ultimate Test Drive, contact your Palo Alto Networks representative today.

Check back in next month for the latest and greatest updates from CDSS!

 

 

0 Likes Likes
  • 200 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Labels
Contributors
Popular Blogs
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks