The framework lets developers write new apps to the Palo Alto Next Gen security platform, and allows for these to be consumed as cloud-delivered security apps.
Today at their Ignite event in Vancouver B.C., Palo Alto Networks is announcing the Palo Alto Networks Application Framework, which the company is terming a game-changing extension of their next-gen security platform into the cloud.
“We believe the consumption model for new security innovation is broken,” said Scott Simkin, Senior Group Manager, Threat Intelligence Cloud & Security Subscriptions at Palo Alto Networks.
Simkin said that the traditional model, which relies on stitching together an analysis of the data from a vast array of different security products from different providers, simply can’t keep up with the need for rapid development and adoption of new security innovations.
“We see the opportunity for a new consumption model to adopt the best and brightest new technology, that is integrated natively and automated in a way that has never been done before,” Simkin said.
That model is the new Palo Alto Networks Application Framework.
“This application framework does a couple different things simply,” Simkin said. “First, it lets developers write apps to the Palo Alto Next Gen security platform to solve challenging security use cases. This then opens the doors to the consumption of security technology through the Application Framework, where it can be adopted as a cloud-delivered security app. This has never been done before in the security industry.”
The Application Framework consists of a series of cloud-based APIs that allow a developer to hook into the Palo Alto infrastructure, and look at sensors and enforcement points. A toolkit allows developers to build for the platform and application framework, while Palo Alto will also deliver services with the framework, such as Autofocus, which will be able to be sold as an app for the framework, and Minemeld, which provides threat intelligence ingestion and syndication.
The customer-specific data store includes threat intelligence derived from more than 17,000 WildFire threat analysis service users, human-curated threat context from Unit 42, and telemetry from over 100 other sources.
“Palo Alto Networks Logging Service acts as the repository for all application data and logs, and will allow customers to send local on-prem logs across the entire platform into the customer-specific data store that normalizes all interaction and makes it accessible to the apps to do analytics,” Simkin said. “We have brought together all that valuable data for developers to leverage.”
The infrastructure is an open, common framework, for seamless integration and information exchange between different applications and the customer-specific data store.
“Anyone can do anything, but we expect the core use cases will deliver compelling value to customers – even in markets where Palo Alto is not present, like Internet of Things security and mobile security,” Simkin said. “Even competitors can develop apps for the platform, as well as our own partners and customers, for use cases not being served today.”
More than 30 security industry vendors, including Aruba, Splunk and Phantom Cyber, have already engaged with Palo Alto Networks to develop applications for the new Application Framework.
So why would developers, including those from competitors, want to assist Palo Alto in their ground-breaking effort?
“It took us ten years to build an install base of 40,000 customers,” Simkin said. “Developers can reach that install base right away. The Total Addressable Market is massive, and they can commercialize it in maybe a year instead of a decade. It’s all about time to market. In addition, the rich data from the Palo Alto Networks Logging Service will feed in, which will let developers tune their machine logic, and their AI to build algorithms. This also lets them focus on their core capability and use case, rather than spending time on sensors.”
Simkin also indicated that Palo Alto is establishing a venture fund in collaboration with Greylock Partners and Sequoia Capital, which will provide assistance to startups to develop applications for the framework.
“We believe that we have a responsibility to the market to provide capital and tools to develop compelling security apps to these early stage companies, to help them build an app,” he stated.
The Palo Alto Networks Application Framework is expected to be generally available in early 2018, with continuous and ongoing introduction of new security applications.