* [Blog](https://www.paloaltonetworks.com/blog)
* [Security Operations](https://www.paloaltonetworks.com/blog/security-operations/)
* [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/)
* What's New in Cortex (May...

# What's New in Cortex (May '26)

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fwhats-new-in-cortex-may-26%2F)  
[](https://twitter.com/share?text=What%E2%80%99s+New+in+Cortex+%28May+%E2%80%9826%29&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fwhats-new-in-cortex-may-26%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fwhats-new-in-cortex-may-26%2F&title=What%E2%80%99s+New+in+Cortex+%28May+%E2%80%9826%29&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/security-operations/whats-new-in-cortex-may-26/&ts=markdown)  
\[\](mailto:?subject=What’s New in Cortex (May ‘26))  
Link copied  
By [Scott Simkin](https://www.paloaltonetworks.com/blog/author/scott-simkin/?ts=markdown "Posts by Scott Simkin")  
May 19, 2026  
8 minutes  
[AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown)  
[Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown)  
[Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)  
[Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)  
[Agentic AI](https://www.paloaltonetworks.com/blog/tag/agentic-ai/?ts=markdown)  
[ASM](https://www.paloaltonetworks.com/blog/tag/asm/?ts=markdown)  
[Attack Surface Management](https://www.paloaltonetworks.com/blog/tag/attack-surface-management/?ts=markdown)  
[Automation](https://www.paloaltonetworks.com/blog/tag/automation/?ts=markdown)  
[Cortex](https://www.paloaltonetworks.com/blog/tag/cortex/?ts=markdown)  
[cybersecurity](https://www.paloaltonetworks.com/blog/tag/cybersecurity/?ts=markdown)  
[EDR](https://www.paloaltonetworks.com/blog/tag/edr/?ts=markdown)  
[SecOps](https://www.paloaltonetworks.com/blog/tag/secops/?ts=markdown)  
[Security Agents](https://www.paloaltonetworks.com/blog/tag/security-agents/?ts=markdown)  
[security operations](https://www.paloaltonetworks.com/blog/tag/security-operations/?ts=markdown)  
[Security Operations Center](https://www.paloaltonetworks.com/blog/tag/security-operations-center/?ts=markdown)  
[SIEM](https://www.paloaltonetworks.com/blog/tag/siem/?ts=markdown)  
[SOAR](https://www.paloaltonetworks.com/blog/tag/soar-2/?ts=markdown)  
[SOC](https://www.paloaltonetworks.com/blog/tag/soc/?ts=markdown)  
[XDR](https://www.paloaltonetworks.com/blog/tag/xdr/?ts=markdown)  
[Xpanse](https://www.paloaltonetworks.com/blog/tag/xpanse/?ts=markdown)  
[XSIAM](https://www.paloaltonetworks.com/blog/tag/xsiam/?ts=markdown)  
[XSOAR](https://www.paloaltonetworks.com/blog/tag/xsoar/?ts=markdown)

# Autonomous Security Operations Brings Major Enhancements Including New Identity and Privilege-based SOC Response Capabilities Across the Cortex Platform

The latest Cortex portfolio release introduces a suite of new features and enhancements designed to streamline workflows, bolster security, and provide deeper insights than ever before. From revolutionary AI-driven analysis to seamless cross-platform integrations, the Cortex Portfolio May 2026 release is all about making your operations smarter and more efficient.

## [**Cortex XSIAM 3.5**](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)**: Stopping AI Threats with an Agentic SOC**

Cortex XSIAM 3.5 takes security operations another step toward autonomy. This release moves detection and response closer to prevention with proactive AI agents, stronger governance controls, and new Idira integration for privilege-aware response.

### Streamlining SOC Analyst Workflows

What if your SOC could stop known threats without waiting for analysts? New **Autonomous Playbooks** automatically analyze and remediate Cortex Analytics' alerts with the precision of a seasoned SOC analyst. These fully managed workflows allow teams to respond in real time while eliminating the burden of building, tuning, and maintaining custom playbooks.
![Deploy instant-on expert automation without custom engineering with the new Autonomous Playbooks capability](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/05/screenshot-2026-04-17-at-10-43-19-am-png.png)
Deploy instant-on expert automation without custom engineering with the new Autonomous Playbooks capability

Modern SOCs need AI that acts, not just waits for instructions. With **Agentic Response**, you can automatically trigger AI agents to investigate and respond to threats using automation rules. Your AI agents can build multi-step investigation plans, analyze novel threats, and take response actions in real time. Built-in human-in-the-loop approvals for sensitive actions ensure your team always stays in control.

**Enhanced XQL**helps you uncover patterns and anomalies faster while reducing the repetitive work that slows investigations down. More than 30 new mathematical functions enable deeper real-time analysis, helping analysts baseline behavior and identify outliers. Autosave and personalized views preserve analyst workflows, settings, and in-progress investigations so your team can pick up exactly where they left off without constantly rebuilding queries.

To improve visibility during investigations, a new **Case Timeline View**automatically captures attack activity, analyst actions, evidence, attachments, and XQL results in a centralized workspace. This helps teams maintain context throughout the investigation lifecycle while reducing manual documentation and simplifying collaboration.
![New Case Timeline View provides a high-velocity, automated workspace](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/05/image-2-png.png)
New Case Timeline View provides a high-velocity, automated workspace

**Natural Language Visualization** lets your analysts turn simple prompts into charts and build custom widgets in seconds. By eliminating manual queries and coding, security teams can quickly make sense of massive volumes of data, helping analysts spot patterns faster and accelerate decision making across the SOC.
![New Natural Language Visualization reveals trends and insights instantly.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/05/word-image-359038-3.png)
New Natural Language Visualization reveals trends and insights instantly.

### Strengthening Identity and Access Control Across the SOC

Security teams often need to contain threats without broadly disrupting users or business operations. Cortex XSIAM now introduces more precise, identity-aware response capabilities designed to help SOC teams isolate threats while minimizing operational impact. New **integration with** **Idira Endpoint Privilege Manager** through the Cortex Marketplace allows organizations to validate identities and dynamically restrict privileges in real time during an incident, helping teams disrupt attacks earlier in the kill chain.

Cortex XSIAM also introduces **Granular Per-Object Access** controls, allowing administrators to define specific permissions for user groups across assets such as playbooks, scripts, saved queries, and report templates. These controls help organizations enforce least-privilege access across the SOC while improving governance and reducing unnecessary exposure to sensitive workflows and data.

**Enhanced Application Log** **(EAL) ingestion** is now available at no additional charge, reducing the cost of ingesting Palo Alto Networks NGFW and Prisma SASE data into Cortex XSIAM by an estimated 10--15%. EAL delivers deep application-layer telemetry, including DNS queries, HTTP user agent details, and DHCP information. It enables detections that are impossible with traditional traffic logs alone, such as insider threats, brute force attacks, command-and-control activity, and exfiltration.

With the exception of Autonomous Playbooks, the capabilities highlighted in Cortex XSIAM 3.5 are also available across Cortex XDR, Cortex Cloud, and Cortex AgentiX. EAL ingestion is only applicable to Cortex XSIAM and Cortex XDR.

## [**Cortex XDR 5.1**](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)**: Strengthen Defenses Against Advanced Attacks**

The newest release of XDR brings major enhancements to our file integrity offerings, the Advanced Email Security module, as well as improvements to the overall user experience.

### File Integrity Monitoring for XDR

Traditional File Integrity Monitoring (FIM) burdens security teams with agent bloat and false positives from routine patching. Cortex XDR solves this by building FIM directly into the platform, allowing you to ditch heavy, legacy agents while still checking critical compliance boxes like [PCI-DSS](https://www.google.com/url?q=/cyberpedia/pci-dss&sa=D&source=docs&ust=1779141032812680&usg=AOvVaw25ZATIqdOTRMzbiBIBqq5W). Unlike standalone tools that offer blind alerts, Cortex XDR now provides total context: when a file changes, you instantly see the "who, what, and how" through a complete XDR timeline, effectively turning compliance logs into actionable threat intelligence. An additional license is required for this capability.
![File Integrity Monitoring for XDR](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/05/word-image-359038-4.png)
File Integrity Monitoring for XDR

### Advanced Prevention for macOS and Linux

The latest release of Cortex XDR significantly hardens your cross-platform footprint with two major security enhancements: **Kernel Monitoring Defense for macOS** and expanded **Java Malware Protection for Windows and Linux**. By implementing deep, near-real-time behavioral monitoring at the kernel level, Cortex XDR can now detect and stop unauthorized privilege escalation attempts on macOS before attackers gain root access. Additionally, our expanded Java protection provides a unified defense that intercepts and blocks malicious Java-based threats before execution, ensuring consistent, automated protection across your entire server and desktop landscape.

## [**Advanced Email Security**](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown)**: Streamlining Triage with the Email Investigation Agent**

To streamline email security, the industry's primary threat vector, the latest Cortex Advanced Email Security module integrates deep visibility with rapid response tools directly within a unified platform. Central to this update is the **Malicious Emails Inventory**, a purpose-built view designed for rapid analysis and preliminary remediation. By centralizing email data alongside endpoint and network intelligence, analysts can now leverage integrated WildFire reports to understand file behavior and execute single-click actions to delete emails or block senders globally without ever leaving the screen.

To further accelerate defense, the **Email Investigation Agent**leverages AI to move beyond static playbooks and reason across your environment. It automatically clusters related user-reported phishing attempts into single campaigns, providing deep context on why emails were flagged and recommending precise remediation steps. By cross-referencing these insights with Microsoft 365 mailboxes, the agent distinguishes true campaigns from benign noise, ensuring your team stays focused on high-priority threats. These features are available via the Advanced Email Security add-on; an additional license is required.
![New Email Investigation Agent](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/05/word-image-359038-5.png)
New Email Investigation Agent

## [**Cortex Exposure Management**](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown)**: Improve Workflow Control, Scanning Coverage, and ASM Actionability**

This release of Cortex Exposure Management improves how organizations discover, track, and remediate security exposures across their environments.

### Issue SLAs and Exceptions

As exposure volumes grow, many organizations still rely on spreadsheets, email threads, and disconnected approval processes to track remediation deadlines and document accepted risk. This release of Exposure Management introduces **Issue SLAs and Issue Exceptions**, enabling teams to operationalize remediation governance through structured, auditable workflows.

Teams can now define authoritative remediation timelines and formalize risk deferrals within a centralized governance framework. By replacing informal tracking processes with time-bound policies and integrated approval workflows, organizations can more effectively measure progress against compliance mandates such as PCI-DSS and HIPAA while ensuring that exposures are either remediated on schedule or intentionally managed through approved risk acceptance processes.
![New Issue SLAs allow users to track remediation timelines with confidence](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/05/word-image-359038-6.png)
New Issue SLAs allow users to track remediation timelines with confidence

### Vulnerability Ingestion API and CIS Benchmark Scanning

Security teams often struggle with siloed visibility across scanners, configuration tools, and infrastructure environments. To eliminate these blind spots, Cortex Exposure Management introduces a new **Vulnerability Ingestion API** that enables rapid, self-service onboarding of third-party scanner data without custom engineering support. Organizations can quickly unify vulnerability data and build a more complete view of their attack surface.

Our integrated network scanner now extends **CIS Benchmark Scanning** to Windows hosts, enabling CIS-based hardening assessments across on-premises systems. Teams can identify missing best practices, validate configuration hygiene, and enforce standardized hardening policies across on-premises systems. Together, these enhancements improve visibility and accelerate remediation.

## [**Cortex Xpanse 2.12**](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)**: Validate Exposures Faster and Streamline Asset Management Workflows**

The Cortex Xpanse 2.13 release introduces powerful new capabilities to help you validate exposures faster and streamline asset management workflows, making it easier to move from insight to action.

A key highlight is the introduction of **Alerts for Attack Surface Test (AST) results**, allowing teams to immediately operationalize confirmed findings. By generating alerts directly from test results, SOC teams can eliminate manual handoffs and move straight into remediation, reducing response times for high-priority vulnerabilities.

In addition to faster validation, this release optimizes administrative workflows and addresses emerging risks in the modern enterprise. **Asset Management Enhancements** simplify how users upload, review, and organize assets, ensuring a cleaner and more actionable inventory of the digital footprint. We've also expanded our **AI Infrastructure Coverage** with new Attack Surface Rules for platforms like OpenClaw and Hugging Face, providing the visibility needed to secure AI-related exposures before they can be exploited.

### ***These are just the highlights from a feature-packed month. For a detailed breakdown of the latest features and enhancements across the Cortex portfolio, please refer to the [full release notes](https://docs-cortex.paloaltonetworks.com/). To learn more about these and other innovations across the Cortex portfolio, visit [/cortex](https://www.paloaltonetworks.com/cortex?ts=markdown).***

*** ** * ** ***

## Related Blogs

### [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### Threat Intelligence in the Era of AI](https://www.paloaltonetworks.com/blog/security-operations/threat-intelligence-in-the-era-of-ai/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### What's New in Cortex](https://www.paloaltonetworks.com/blog/security-operations/whats-new-in-cortex/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### How Cortex Defends Against Microsoft SharePoint "ToolShell" Exploits](https://www.paloaltonetworks.com/blog/security-operations/how-cortex-defends-against-microsoft-sharepoint-toolshell-exploits/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### What's Next in Cortex: New Innovations for Security Operations](https://www.paloaltonetworks.com/blog/security-operations/whats-next-in-cortex-new-innovations-for-security-operations/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown)

[#### Defending against Phantom Taurus with Cortex](https://www.paloaltonetworks.com/blog/security-operations/the-rise-of-phantom-taurus-unmasking-a-stealthy-new-threat-to-global-security-with-cortex/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown)

[#### What's New in Cortex: The Latest Innovations for the World's #1 SecOps Platform (Feb '25 Release)](https://www.paloaltonetworks.com/blog/security-operations/whats-new-in-cortex-the-latest-innovations-for-the-worlds-1-secops-platform-feb-25-release/)

### Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer} Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/ai-security?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Next-Generation Identity Security](https://www.paloaltonetworks.com/idira?ts=markdown)

* [Privileged Access Management](https://www.paloaltonetworks.com/idira/human/privileged-access-management?ts=markdown)

* [Identity and Access Management](https://www.paloaltonetworks.com/idira/human/identity-and-access-management?ts=markdown)

* [Endpoint Privilege Manager](https://www.paloaltonetworks.com/idira/human/endpoint-privilege-manager?ts=markdown)

* [Identity Governance](https://www.paloaltonetworks.com/idira/human/identity-governance?ts=markdown)

* [Workforce Password Management](https://www.paloaltonetworks.com/idira/human/workforce-password-management?ts=markdown)

* [Agentic Identities](https://www.paloaltonetworks.com/idira/agentic?ts=markdown)

* [Secrets Management](https://www.paloaltonetworks.com/idira/machine/secrets-management?ts=markdown)

* [Unified Secrets Governance](https://www.paloaltonetworks.com/idira/machine/unified-secrets-governance?ts=markdown)

* [Application Credentials Delivery](https://www.paloaltonetworks.com/idira/machine/application-credentials-delivery?ts=markdown)

* [Vendor Privileged Access](https://www.paloaltonetworks.com/idira/human/vendor-privileged-access?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)  
  Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)

* [Careers](https://jobs.paloaltonetworks.com/en/)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)

* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)

* [Investor Relations](https://investors.paloaltonetworks.com/)

* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)

* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)  
  Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)

* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)

* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)

* [Event Center](https://events.paloaltonetworks.com/)

* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)

* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)

* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)

* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)

* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)

* [Tech Docs](https://docs.paloaltonetworks.com/)

* [Unit 42](https://unit42.paloaltonetworks.com/)

* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)

* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)

* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)

* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)

* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language