Unit 42 is the threat intelligence and security consulting division of Palo Alto Networks. The service provides incident response, digital forensics, security assessments, and consulting services to organizations before, during, and after security incidents. The service operates across three main areas: Assess, Transform, and Respond. Assessment services include penetration testing, red and purple team exercises, ransomware readiness assessments, compromise assessments, cloud security assessments, SOC assessments, attack surface assessments, and tabletop exercises. Transformation services cover incident response plan development, security program design, virtual CISO services, and zero trust advisory. Response services include 24/7 incident response, digital forensics, cloud incident response, managed threat hunting, and managed detection and response. Unit 42 maintains a team of over 200 threat researchers who analyze more than 30 million malware samples daily and conduct over 1,000 incident response engagements annually. The team publishes threat research to provide context on emerging threats and adversary tactics. The service is positioned as a partner for organizations using Palo Alto Networks security products, offering expertise in those tools for faster threat containment and eradication. Unit 42 was recognized as a Leader in the 2025 IDC MarketScape for Worldwide Incident Response Services.