Agentless Device Security for Palo Alto Networks

Matt MacKinnon, Senior Director of Product Management & Technology Alliances

Security teams are busier today than they’ve ever been. They’re constrained by a lack of experienced security talent, a growing stack of tools that don’t work as promised, and a dizzying array of alarms, alerts, and notifications that increasingly go unheard, unseen, and unaddressed. For these teams, speed is a precious and finite resource, so they’re looking solutions that work as they’re described, and that don’t take months to deploy.

Today, we introduce our second technology integration with Palo Alto Networks, the Armis™ Agentless Device Security Platform app on Cortex by Palo Alto Networks. This app makes getting started with the Armis security platform virtually effortless for Palo Alto Networks customers. In just a few clicks, our cloud-to-cloud integration begins using the data in Cortex Data Lake to discover and profile every device in your environment, and to analyze device activity for risky or malicious behavior.

Every device? Yes, I mean every device. Because the Armis platform sees more than laptops, servers, and mobile phones. It also sees IP cameras, printers, barcode scanners, insulin pumps, MRI machines, robotic arms, Amazon Alexas, and more. If it’s communicating on the network, the Armis platform sees it.

If any of these devices become too risky or start exhibiting suspicious or malicious behavior, our integration with Palo Alto Networks next-generation firewalls (NGFW) can block or quarantine the device automatically, helping to ensure that sensitive data and systems stay protected.

For Palo Alto Networks customers, the Armis platform does all of this entirely in the cloud and without requiring any software agents on devices. The app takes advantage of Cortex Data Lake data in the cloud and the crowd-sourced Armis Device Knowledgebase, which tracks over 80 million devices, to more accurately identify and classify devices, and to detect behavioral anomalies that could indicate a broader attack.

That means your security team gets increased visibility into every device in the environment, including unmanaged devices they can’t touch, and un-agentable ones like IoT devices that traditional security products miss. It also gives your team a better understanding of the organization’s attack surface and more accurate threat detection which means fewer meaningless alerts.

Without installing any software.

Without requiring any additional hardware.

Without ever touching any user’s device.

Our app on Cortex is available today on the Cortex hub. If you’d like to learn more about the Armis platform, visit us at