I've been through the PANW loop twice (failed one, passed one) and have been a hiring manager for 15 years, so let me break down the behavioral round in a way the typical 'use STAR method' advice doesn't cover.
The values they're testing: PANW talks about 'Disruption, Inclusion, and Collaboration' publicly. In practice, the behavioral round is heavy on two things: Autonomy and ownership - They want to see that you identify problems without being told to, own the solution end to end, and don't wait for permission. Almost every behavioral question they asked mapped to this. Cross-functional influence - Cybersecurity tools touch a lot of stakeholders (security teams, IT, devops, legal). They want engineers who can communicate with non-engineers and influence without authority.
Questions I got (paraphrased): Tell me about a time you noticed a problem before your manager did. What did you do about it? Describe a disagreement you had with a teammate or stakeholder. How did it resolve? Tell me about a project that failed. What would you do differently? Give an example of when you had to change someone's mind using data.
What tanked my first run: I gave polished, structured answers that sounded like I was reading from a template. The interviewer literally asked 'that's a great answer, can you tell me what was personally hard about it?' I didn't have a real answer. They want some texture and honesty, not just the sanitized version.
What worked the second time: I picked stories with genuine ambiguity and let the messy parts be visible. I admitted when I made a mistake in a story, without over-explaining why it wasn't really my fault.
PANW behavioral rounds are conducted by a mix of engineers and sometimes an HR partner. The HR partner round tends to focus more on inclusion and psychological safety stories, so have one ready that isn't just 'I mentored a junior engineer.'