Advanced URL Filtering

Best-in-Class Web Protection

more threats prevented than traditional web filtering databases


of malicious URLs discovered 24 hours before other vendors


web-based threats prevented per day

Advanced URL Filtering - Business Benefits

  • Inline protection. Protection from new and unknown web-based attacks in less than 100 milliseconds to prevent patient zero.
  • Detect evasive and targeted attacks. Increase detection of evasive and targeted attacks by detecting real web traffic and not web crawler data.
  • Cloud native service. Designed to expand and scale capabilities over time.
  • Leverage consistent security policies and capabilities. Deploy Advanced URL Filtering with hardware appliances, on virtual environments, or in the cloud with the same set of policies and security consistently applied.
  • Eliminate security silos and keep users safe. We can help you attain proper security posture 30% faster compared to point solutions.
  • Minimize operational expenditure. Palo Alto Networks cloud-delivered security services reduce the need for standalone solutions, saving US$9.9 million over three years.1
  • Safeguard against phishing. Layers of prevention protect your organization from known and brand-new phishing sites by stopping credential phishing in real time.
  • Support regulatory compliance and acceptable use. Ensure your organization stays compliant with internal, industry, and government regulatory policies

Key Benefits

Inline Protection from New Malicious Webpages

At Palo Alto Networks, we saw a 127% increase in malicious webpages from 2019 to 2021.2 With so many new threats, practically every one of them has never been seen before when it hits your network. In addition, 40% of malicious URLs come from legitimate domains,3 as adversaries look to embed threats in websites that have largely been deemed trustworthy. URLs change from benign to malicious frequently, and unless your solution is constantly analyzing them, that leaves you exposed. Modern organizations can no longer depend solely on static or slow-to-update databases to keep pace. A new approach is necessary. Advanced URL Filtering takes web protection to the next level with the ability to detect and block new threats in real time, preventing patient zero. Cloud-based inline ML performs real-time web analysis of real web traffic instead of web crawler data, categorizing and blocking malicious URLs in milliseconds— before they have a chance to infect your organization. Our ML models are retrained frequently, ensuring the most up-to-date detection intelligence against new web-based threats. Meanwhile, our extensible cloud-based architecture ensures you can take advantage of the latest innovative detection modules on the fly without going through a painful update process. It’s time to move beyond the overreliance on offline crawling and databases that take too long to update. Advanced URL Filtering takes that step, delivering the industry’s first inline web protection engine capable of detecting never-before-seen web-based threats and preventing them in real time.


Modern adversaries have evolved to avoid security measures, and now 90% of phishing kits sold on the dark web include at least one type of evasive technique.4 The most common of these techniques, called cloaking, capitalizes on the fact that many web security solutions rely solely on offline crawling of webpage content to determine whether a threat exists. Attackers may actively block connections from specific IP addresses and hosts they know to be security companies or reroute them to benign content. Advanced URL Filtering goes beyond webpage crawling to analyze live web content, disrupting attackers and identifying the true nature of malicious sites hiding behind evasive techniques.

Operational Benefits

The Advanced URL Filtering subscription enables you to:

  • Benefit from shared intelligence. Take advantage of best-in-class web security with easy-to-use application- and user-based policies, alongside tight integration with Threat Prevention and WildFire.
  • Maintain total control over web traffic. Use URL categories to automatically trigger advanced security actions, such as selective TLS/SSL decryption for suspicious sites.
  • Automate your security. Save time as policy is applied to URL categories automatically, requiring no analyst intervention.
  • Gain insight into user and URL activity. Enable your IT department to gain visibility into URL filtering and related web activity through a set of predefined or fully customized reports.

* Beyond simply blocking malicious sites, URL categories can be used to enable fine-grained security policies to protect users without slowing down the business.