PAN-OS^® can identify traffic contained in DoH (DNS-over-HTTPS) requests and apply DNS Security real-time protection measures. This allows you to secure all DoH traffic, which is quickly becoming the emerging standard of maintaining user privacy and data security, by leveraging the same DNS Security analytics used to defend your organization from a range of DNS-based threats.

The Advanced Threat Prevention subscription now supports additional deep learning and heuristic analysis engines to prevent malicious zero-day Injection attacks (Inbound threats), such as SQLi and Command Injection attacks. These attacks target vulnerable applications that do not sufficiently validate, filter, or sanitize user-supplied data.