Menu
Become a Client
Fernando Montenegro

At Ignite OnTour, Palo Alto Networks Makes Its Case for Platformization

At Ignite OnTour, Palo Alto Networks Makes its Case for Platformization

Analyst(s): Fernando Montenegro
Publication Date: April 7, 2025

What is Covered in this Article:

  • Palo Alto Networks’ continued emphasis on a “platformization” strategy, with AI as a central component.
  • A spotlight on its Prisma Access Browser (from the Talon acquisition) as a key technology enabling better visibility.
  • A glimpse into the future steps and possible challenges, including market positioning and feature evolution.

The News: Ignite OnTour is the new format for Palo Alto Networks’ Ignite customer-focused event. Instead of a single, large event, the company now hosts dozens of smaller events worldwide at different times. This report focuses on the topics and conversations at the New York City event held in late March. The event – hosted at the Glasshouse center – saw hundreds of customers and prospects come together for messages from Palo Alto Networks and key partners, including but not limited to Google Cloud, AWS, Okta, Cribl, LevelBlue, Red Canary, Tufin, and others.

At the event, the key messages from Palo Alto Networks centered on the benefits of its “platformization” approach, which was accelerated in multiple ways by everything surrounding AI and cybersecurity. According to the company, AI permeates nearly all areas of cybersecurity, including but not limited to network security, security operations, end-to-end cloud security, threat intelligence, and more. The combination of its large – and growing – platform with the massive volumes of data being processed and the thousands of detections (many of them AI-enabled) are aimed at reducing complexity for security teams, be it in reducing integration efforts and/or simplifying the alerts that need to be processed.

The other key technology discussed at Ignite OnTour was the relatively new Prisma Access Browser, which came from the acquisition of Talon in late 2023 and was mentioned as having significant growth in usage. Here, the focus is on how the browser environment offers visibility into elements that would not be available at the network layer and how the secure browser offering can tap into services already used by other Palo Alto Networks products.

In the context of AI and the threat landscape, Palo Alto Networks offered that AI continues to enable attackers with new capabilities. Of note, Unit 42’s research points to an acceleration in campaigns, plus attacker improvements to phishing campaigns and deepfakes. These can be deployed not for typical financial scams against individuals but as elements in a targeted attack against an organization.

Lastly, we had an opportunity to sit down with key Palo Alto Networks executives, notably Nikesh Arora, CEO and chairman. Key elements that emerged from those conversations included, provocatively, a claim about “the end of best of breed” when compared to platforms, comments about the massive scale that the company has deployed, and improvements on internal data structures for faster responses. The company continues to explore how its platform can be used for additional use cases and where it can benefit from economies of scale and key partnerships such as Google Cloud for its massive compute needs.

At Ignite OnTour, Palo Alto Networks Makes its Case for Platformization

Analyst Take: Palo Alto Networks continues to build on its platform message – the company refers to as “platformization” – and now has AI as a key component of that message. Indeed, a global-scale security platform is well-suited as both a source of meaningful security data and an environment where AI, if appropriately deployed, can bring value in scale, responsiveness, and more. The company showed numerous examples of massive scales – measuring things in petabytes and thousands of AI-enabled detections – and improvements in security metrics. Results will vary for each organization, of course, but the potential for improvement is there.

The message will likely resonate, particularly with enterprises with more complex environments. Informal on-site conversations with partners and customers were positive, and trends with numbers show a preference to work with more strategic vendors.

Still, “platformization” is a nontrivial strategy that requires the right combination of features, execution, pricing, and messaging to reach prospects. Palo Alto Networks needs to consider how it navigates a few topics here.

First, the company’s vision is centered on the security operations center (SOC) as the central hub for all things security. The recent move of cloud security functionality from Prisma Cloud into Cortex Cloud is evidence of that. The question that stands out is how it can help customers ensure seamless integration between technologies and teams – how well does the SOC cooperate with cloud engineering, for example?

The other key point is how the company can grow beyond what it calls “wartime” activities (focused on incident detection, response, and containment) to support customers’ “peacetime” activities—closing backlogs of vulnerabilities, improving compliance, and, among many other things, helping customers innovate securely in other areas (hello, “agentic AI”).

What to Watch:

  • What is the “rubber-meets-the-road” path for XSIAM and Cortex Cloud? How will customers navigate the adoption of Palo Alto Networks’ overall security platform – above and beyond its network security portfolio – and incorporate cloud security workflows in the SOC? This includes questions regarding procurement – how do the sales cycles change? – as well as operational aspects of triage and remediations.
  • What’s next in terms of functionality and/or adjacencies? With a strong position in network security and a growing role in security operations, how will Palo Alto Networks handle adjacent areas with more business-centric concepts such as identity and data protection? Similarly, how does the company extend its “wartime” capabilities to support “peacetime” activities?
  • Where will the company seek differentiation at a more strategic level? The security platform approach is compelling in many cases, but prospects are hearing similar messages from other vendors, notably Microsoft, CrowdStrike, SentinelOne, Fortinet, Cisco, Trend Micro, and others.
  • Will more focused competitors respond with deeper partnerships? Will security operations and cloud security vendors – a representative but not comprehensive list includes Cisco/Splunk, Exabeam, Securonix, Elastic, Fortinet/Lacework, Orca Security, Wiz (the company is still independent until the transaction with Alphabet/Google closes), Sysdig, Trend Micro, and more – extoll the benefits of more dynamic partnerships as an alternative to the security platform?

More information about the event series is available here.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

The Clash of Two Competing Visions for Cloud Security – Report Summary

Cybersecurity 2025: AI-Powered Threats, Quantum Risks, and the Rise of Zero Trust

Alphabet’s Proposed Acquisition of Wiz Shifts Cloud Security Landscape

Author Information

Fernando Montenegro

Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.

Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.

Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.

Related Insights
Glean Doubles ARR to $200M. Can Its Knowledge Graph Beat Copilot
April 3, 2026
 

Glean Doubles ARR to $200M. Can Its Knowledge Graph Beat Copilot?

Nick Patience, VP & Practice Lead at Futurum, examines Glean's platform evolution from enterprise search to agentic AI, as it doubles ARR to $200M and battles Microsoft 365 Copilot for...
HP IQ Finally Brings Useful On-Device AI To Workspaces
April 3, 2026
 

HP IQ Finally Brings Useful On-Device AI To Workspaces

Olivier Blanchard, Research Director at Futurum, shares insights on HP IQ, HP’s workplace intelligence layer combining on-device AI, proximity-based connectivity, and IT control across devices and workflows....
Olivier Blanchard
RSAC 2026: The AI 'Tragedy of the Commons' and the Future of Agentic Security
April 3, 2026
 

RSAC 2026: The AI ‘Tragedy of the Commons’ and the Future of Agentic Security

Fernando Montenegro and Mitch Ashley, VPs and Practice Leads at Futurum, convey their observations from the RSAC 2026 Conference, with a focus on AI and agentic security....
Fernando Montenegro
Mitch Ashley
 & 
Can UK Public Sector Security Keep Up With Its Own Digital Growth?
April 2, 2026
 

Can UK Public Sector Security Keep Up With Its Own Digital Growth?

The UK public sector's complex digital infrastructure has outpaced manual audits. Palo Alto Networks offers visibility to uncover critical security gaps in government and NHS environments....
Are Browsers the New Enterprise Attack Surface No One Is Ready to Defend?
April 2, 2026
 

Are Browsers the New Enterprise Attack Surface No One Is Ready to Defend?

Browser security is now the primary enterprise attack surface, with 95% of organizations experiencing browser-originated incidents that legacy tools cannot defend....
CrowdStrike Deepens Agentic SOC Strategy Across Partners, Services, and Devices
April 1, 2026
 

CrowdStrike Deepens Agentic SOC Strategy Across Partners, Services, and Devices

Fernando Montenegro, VP & Practice Lead for Cybersecurity & Resilience at Futurum, examines CrowdStrike’s agentic SOC expansion across partners, IBM, and Intel, and what it means for security execution and...
Fernando Montenegro

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence Platform
Login to Futurum Labs Research Library

Book a Demo

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.