This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

Cloud-Delivered Security Service (CDSS) January Newsletter

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Blogs
7 min read

Cloud-Delivered Security Service (CDSS) January Newsletter

tbolatiwa
L3 Networker
‎01-27-2026 08:34 PM

Cloud-Delivered Security Service: The Monthly Newsletter for Security That Never Sleeps

Welcome to the January edition of the Cloud-Delivered Security Service (CDSS) Newsletter

 

Welcome to the January edition of the Cloud Delivered Security Services (CDSS) Newsletter. As threats continue to evolve in speed, scale, and sophistication driven by AI, unmanaged devices, and increasingly complex attack paths, security teams need deeper visibility and smarter protection across every layer of the network.

 

This month, we cover the latest innovations across Palo Alto Networks Cloud Delivered Security Services, along with key product updates, practical best practices, and emerging threat insights. You will find guidance to help reduce security blind spots, strengthen protection across DNS, web, endpoint, and device environments, and improve visibility across your attack surface. Together, these insights are designed to help security teams respond faster, simplify operations, and stay ahead of modern threats with confidence.

 

What’s New In CDSS 

Screenshot 2026-01-05 at 1.46.49 PM.png

 

 

 

 

  • New Precision AI Pro Bundle Datasheet: The Precision AI Pro Bundle Datasheet highlights how Palo Alto Networks brings together advanced network security capabilities to help customers simplify adoption, reduce risk, and stay ahead of modern threats. As part of the bundle, Device Security helps organizations automatically discover, classify, and secure every device across the network, from IoT and OT to employee and guest endpoints. Learn more about how the Precision AI Pro Bundle and Device Security strengthen your CDSS strategy.
  • New ADNSR Solution’s Brief: The new Advanced DNS Security Resolver (ADNSR) Solution Brief outlines how Palo Alto Networks helps organizations close critical DNS blind spots and stop threats that traditional security tools often miss. ADNSR delivers deep visibility and inline protection at the DNS layer, enabling customers to detect and block malicious domains, command-and-control activity, and emerging threats in real time. Learn more about how ADNSR helps customers gain greater DNS visibility and stop threats before they impact the business.
  • New Advanced DNS Security Blog: The new Advanced DNS Security blog explores how Advanced DNS Security Resolver (ADNSR) delivers greater precision and scale in DNS protection through custom FQDN lists and automatic subdomain expansion. These capabilities give security teams more granular control over domain policies while reducing manual effort and configuration complexity. Security teams can enforce consistent policies across domain hierarchies while simplifying policy management and closing DNS security gaps. ADNSR helps customers improve operational efficiency and strengthen protection against sophisticated DNS-based threats across distributed environments.

Screenshot 2026-01-27 at 10.15.45 PM.png

 

 

 

 

 

 

 

 

 

 

 

 

CDSS Security Spotlight of the Month

This month, we highlight Device Security, formerly known as IoT Security. Unmanaged and unknown devices continue to expand the attack surface, creating blind spots that traditional security tools cannot see or control. Palo Alto Networks Device Security helps organizations automatically discover, classify, and secure every device across the network, from IoT and OT to employee and guest endpoints. Powered by Precision AI and rich telemetry, it delivers real-time visibility and risk insights, enabling security teams to reduce exposure, enforce consistent policies, and prevent device-driven threats before they impact the business. 

Device Security is available à la carte, as an Enterprise License Agreement add-on, and as part of the Precision AI Pro Bundle, giving organizations flexible options to adopt and scale protection based on their needs. Learn more about how Device Security strengthens your CDSS strategy.

 

Screenshot 2026-01-27 at 10.19.27 PM.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Latest Product Updates Across CDSS Core Subscriptions

FedRAMP Moderate: FedRAMP Moderate authorization for all CDSS Core Subscriptions is now underway. Track progress updates here. 

 

Advanced URL Filtering

  • Advanced Web Protection delivers real-time security & visibility directly inside the Prisma Browser to detect & prevent evasive threats, such as runtime assembly attacks. AWP is catching real-world attacks that other security controls missed. Highlights of the latest Real-world AWP detection are listed below:
    • Blocked a ClickFix social engineering attack and active session hijacking infrastructure, preventing account takeover before user impact.
    • Intercepted a live Magecart web skimmer on a production site, stopping payment card theft and downstream financial fraud.
    • Identified and blocked confirmed false negatives that non-PB customers, including credential phishing and malware scripts, initially reported.

Advanced Wildfire

  • Codegene: Advanced WildFire now uses the proprietary Codegene database to automatically identify and fingerprint shared malware logic. By identifying "fingerprints" in malicious code logic reused across malware families, the system automatically deploys high-confidence YARA rules. This eliminates manual intervention, bypasses complex obfuscation, and slashes response times for new variants.

Advanced Threat Prevention

  • Command Injection Header Model has been improved to bring True Positive Rate (TPR) to 99.99% and False Positive Rate (FPR) to 0.014%
  • IPS Signature converter for SCM – Tech Doc
  • NSS Labs EFW 2025 – Palo Alto Networks has been upgraded to a “Recommended” rating after a Follow-On Enterprise Firewall test. 
  • SecureIQ 2025 Command and Control Comparative report – 97.02% Overall Block Rate (Next best 46.59%), 100% Empire Block Rate, 94.04% Cobalt Strike Block Rate –  External 

Advanced DNS Security

  • Advanced DNS Security Resolver (ADNSR) for Prisma Access Agent: Extends real-time protection to every Windows and macOS endpoint, regardless of location. Armed with ADNSR, the prisma access agent can now stop zero-day DNS threats even when the tunnel is disconnected -Tech Doc, Blog
  • ADNSR new features: DNS over HTTPS (DOH), The ADNS Security Dashboard can report for DNS Misconfigurations.

Device Security

New Features and Enhancements

  • Compliance Dashboards – Added additional out-of-the-box compliance report dashboards for ISA/IEC 62443 and HIPAA
  • IBM Maximo Integration – Bidirectional integration with the Maximo asset management platform
  • New Protocols for Polling Integration – Support for additional new protocols/ devices – GE CARESCAPE Gateway, Hikvision devices, Axis Communications devices, and Ping/ICMP Connection Test and ICMP Traffic
  • Philips Focal Point enhanced device context – Additional device context and risk assessment for Philips Focal Point patient monitoring devices via integration.
  • EU MDR Recall Information for Medical Devices – Support for the European Union’s Medical Device Regulation (EU MDR) for medical device recalls.
  • Support for MDS2 Microsoft Excel Documents – Support for Excel-based MDS2 documents, in addition to the PDF-based MDS2 documents. MDS2s provide broader risk assessment for medical devices based on OEM-provided insights.

Tips & Best Practices

 

Tip of the week: Discover and secure unmanaged devices first

 

What is the best practice? Start with continuous device discovery across your network to identify unmanaged and unknown devices before they become security gaps. Use CDSS capabilities to automatically classify devices, assess risk, and enforce consistent security policies across IoT, OT, and endpoint environments. This approach helps reduce blind spots, prioritize high-risk devices, and strengthen protection across your entire attack surface.

 

Did You Know Threat Facts & Insights

Screenshot 2026-01-27 at 10.23.52 PM.png

Did you know… that attackers are increasingly using AI to accelerate ransomware campaigns by automating phishing, generating realistic malware variants, and rapidly identifying vulnerable targets? AI-driven techniques help adversaries move faster and scale attacks, making early detection and prevention across DNS, web, and endpoint layers more critical than ever.

 

Cloud-Delivered Security Services (CDSS) help organizations close these gaps by providing AI-driven visibility and protection across multiple attack vectors, enabling security teams to detect threats earlier, reduce blind spots, and stop ransomware before it spreads.

 

Explore More Cloud-Delivered Security Services  Resources

 

 

Stay Protected with Cloud-Delivered Security Services 

Palo Alto Networks Cloud-Delivered Security Services (CDSS) help organizations stay ahead of modern threats with unified, AI-driven protection across DNS, web, network, and device environments. This month’s highlights, including Device Security, Precision AI Pro Bundle innovations, and advanced DNS and threat prevention updates, demonstrate how CDSS helps security teams reduce blind spots, simplify operations, and stop attacks earlier in the kill chain.

To learn more about how CDSS can strengthen your security strategy, including hands-on experience through the CDSS Ultimate Test Drive, contact your Palo Alto Networks representative. Check back next month for the latest innovations and product updates!

  • 1457 Views
  • 0 comments
  • 2 Likes
Register or Sign-in
Labels
Contributors
Popular Blogs
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks