Prevention Core To Palo Alto Networks' Philosophy, Says CTO Zuk


Long before Nir Zuk developed his network security talent, he learned computer programming by writing a virus in the late 1980s.

That was when viruses spread by floppy disk, and not at blazing speeds through network pipes as they do today. The malicious program Zuk designed made characters on a computer screen randomly fall. The infection made letters and numbers cascade a computer screen like something akin to the opening scene to the 1999 hit move "The Matrix," albeit much more slowly.  

"Back then we were doing this for fun; it was much more challenging," Zuk said. "It was mostly about learning how to program very low-level programs. It wasn't about exploiting vulnerabilities."

[Related: Security Industry Must Drive Up Attacker Costs, Says Palo Alto Networks CEO]

Today, Zuk, an Israeli entrepreneur, is founder and chief technology officer of network security vendor Palo Alto Networks, where he prides himself on making decisions from his gut, rather than by some "bureaucratic process." The company has grown from nearly 700 employees in 2012 to more than 1,300 in 2014. And it's not slowing down in innovation, Zuk said.

"We're making sure that we do as much as we can with the smallest team," he said. Despite the size of the company, the engineering team is not huge," Zuk said. "We still feel that taking a big gamble will pay off. We're not one of those companies that becomes successful and then starts having to justify new products or strategies on a financial level," he said.

Zuk's style is far from demure. He lashed out at independent testing firm NSS Labs last week in an interview with CRN following the release of its report on breach detection vendors and quickly questioned the credibility of a recent study of breach detection appliances for setting a low bar that "enables mediocre vendors."

Palo Alto Networks gained attention in 2009 for its next-generation firewall appliances designed to identify and control applications on the network. It introduced an advanced threat detection service called WildfFire in 2011. Referring to vendors that compete with Palo Alto, Zuk said Sourcefire completely dropped off the radar following its acquisition by Cisco Systems. Fortinet and McAfee are rarely seen in customer engagements and Zuk calls FireEye, which has gained widespread attention for its threat detection platform, a "marketing machine that likes to showcase the zero-day exploits it finds like a badge of honor."

Solution providers tell CRN that no appliance manufacturers are adequately solving the problem alone. Network security vendors are taking a similar approach to threat detection and prevention, said Justin Kallhoff, CEO of Lincoln, Neb.-based Infogressive, a Fortinet partner. Because cybercriminals can get into just about any system network, security vendors prevent as much as they are able to, but they are increasing visibility to detect whatever gets through before the attacker steals data, Kallhoff said.  

"It is unrealistic to think that you are going to eliminate malicious code from getting on workstations," Kallhoff said. "Now the idea is to lower the window of opportunity and lower that impact when it happens; it takes layers of security, trained people and educated staff, and even then it's not going to be 100 percent effective."

NEXT: FireEye Responds To Criticism