Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Palo Alto Networks Threatens Legal Action Over Product Comparison

Palo Alto Networks has threatened legal action against cloud visibility solutions provider Orca Security after the latter published a video comparing products from the two companies.

Palo Alto Networks has threatened legal action against cloud visibility solutions provider Orca Security after the latter published a video comparing products from the two companies.

The issue was made public last week in a blog post written by Avi Shua, co-founder and CEO of Orca Security. The video made by Orca in August, which is still available on YouTube, is described as a “detailed competitive comparison” between Orca Security’s platform and Palo Alto Networks’ Prisma Cloud product.

In response to the video, Palo Alto Networks’ legal team sent a cease and desist letter to Orca Security in early September, arguing that the comparison is a violation of its end user agreement, which prohibits users from making public information on benchmark, performance or comparison tests. Palo Alto Networks also claimed that Orca misused its name and logo.

“We view the use and rating of Prisma Cloud on your website as materially misleading as the tests and ratings are not fair and consistent,” Palo Alto Networks said in its letter.

The cybersecurity giant asked Orca Security to remove the content and stop distributing or showing it to customers.

In response, Shua said vendors should not be allowed to use legal threats to prevent such comparisons from being made public, and pointed out that the Consumer Review Fairness Act prohibits companies from trying to prevent customers from reviewing their products or services.

“In its letter, Palo Alto Networks does not point to any factual inaccuracies in the reviews of its products’ performance. Instead, it premises its threats on flimsy, boilerplate contract terms that prohibit reviews and comparisons of its products and hollow trademark allegations purporting that Palo Alto Networks is sponsoring the videos,” Shua said.

He added, “It’s outrageous that the world’s largest cybersecurity vendor believes that its users aren’t entitled to share any benchmark or performance comparison of its products.”

SecurityWeek has reached out to Palo Alto Networks for comment and it will update this article if the company responds.

Related: Palo Alto Networks, NSS Labs Spar Over NGFW Test Results

Related: Cometdocs Threatens Legal Action Over Disclosure of Security Issues

Related: Testing Firm NSS Labs Declares War on Antivirus Industry

Related: CrowdStrike Vs NSS Labs, Round 2: NSS Hits Back

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...