Case Study: Key U.S. Federal Agency reduces critical exposures by 58% and insecure certificates by 44% with Palo Alto Networks Cortex Xpanse

US Federal Agency - Customer Case Study

A major U.S. federal agency responsible for science, technology, and infrastructure struggled to enforce security and IT policies across a distributed network of headquarters, a security operations center, and numerous field sites. With over 100,000 employees and widespread contractor-run infrastructure, information and internet-connected assets were siloed and largely unknown, leaving unprotected services (like FTP and Telnet) and a growing, vulnerable attack surface.

The agency deployed Cortex Xpanse with Expander to create a complete, continuously updated inventory of internet-facing assets, discover exposures, and drive remediation at individual sites. Over a two-year period the team cut critical exposures by more than 58% and reduced insecure certificates by 44%, enabling centralized policy enforcement, a significantly smaller attack surface, and a stronger overall cybersecurity posture.