* [Blog](https://www.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate) * AppSec # Palo Alto Networks ## AppSec [![The Next Wave of Cybersecurity](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/06/GettyImages-171693378-edit-scaled.jpg)](https://www.paloaltonetworks.com/blog/2025/06/next-wave-cybersecurity/) [The Next Wave of Cybersecurity \------------------------------](https://www.paloaltonetworks.com/blog/2025/06/next-wave-cybersecurity/) Traditional cloud security fails against real-time attacks. Protect with a unified approach: best-in-class CDR combined with industry-leading CNAPP. [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/category/cloud-infrastructure-entitlement-management/?ts=markdown) [Cloud Workload Protection](https://www.paloaltonetworks.com/blog/category/cloud-workload-protection/?ts=markdown) [CSO Perspective](https://www.paloaltonetworks.com/blog/category/cso-perspective/?ts=markdown) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown) Jun 20, 2025 By [Gonen Fink](https://www.paloaltonetworks.com/blog/author/gonen-fink/?ts=markdown "Posts by Gonen Fink") ## Palo Alto Networks *** ** * ** *** [Announcements](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) *** ** * ** *** [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown) *** ** * ** *** [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) *** ** * ** *** [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) *** ** * ** *** [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) *** ** * ** *** [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) *** ** * ** *** ![Security Theater: Your AppSec Success Metrics Are Misleading](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/08/security-theater-3.png) [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown) ## [Security Theater: Your AppSec Success Metrics Are Misleading](https://www.paloaltonetworks.com/blog/cloud-security/sucess-measurements-security-theater/) Shift from security theater to effective application security by replacing metrics that incentivizes poor development habits with those that optimize AppSec. Aug 20, 2024 By [Cameron Hyde](https://www.paloaltonetworks.com/blog/author/cameron-hyde/?ts=markdown "Posts by Cameron Hyde") ![Security Theater: Who Cares About Your AppSec Findings?](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/04/Security-Theater-in-the-context-of-cloud-security.-The-image-shows-a-grand-theater-stage-framed-by-lush-red-velvet-cur.jpg) [Application Security](https://www.paloaltonetworks.com/blog/cloud-security/category/application-security/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown) ## [Security Theater: Who Cares About Your AppSec Findings?](https://www.paloaltonetworks.com/blog/cloud-security/vulerability-findings-security-theater/) Vulnerability findings can be misleading. Learn how to create context around application vulnerability findings so you know which pose the greatest threat to your organization. May 29, 2024 By [Cameron Hyde](https://www.paloaltonetworks.com/blog/author/cameron-hyde/?ts=markdown "Posts by Cameron Hyde") and [Steve Giguere](https://www.paloaltonetworks.com/blog/author/steve-giguere/?ts=markdown "Posts by Steve Giguere") ![Security Theater: Don’t Hang your Hat on Compliance](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/04/Security-Theater-in-the-context-of-cloud-security.-The-image-shows-a-grand-theater-stage-framed-by-lush-red-velvet-cur.jpg) [Application Security](https://www.paloaltonetworks.com/blog/cloud-security/category/application-security/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Compliance](https://www.paloaltonetworks.com/blog/cloud-security/category/compliance/?ts=markdown) ## [Security Theater: Don't Hang your Hat on Compliance](https://www.paloaltonetworks.com/blog/cloud-security/compliance-security-theater/) Explore the illusions of cloud security in our blog series on Security Theater. Learn how to go beyond compliance to implement effective security practices. Apr 18, 2024 By [Steve Giguere](https://www.paloaltonetworks.com/blog/author/steve-giguere/?ts=markdown "Posts by Steve Giguere") and [Cameron Hyde](https://www.paloaltonetworks.com/blog/author/cameron-hyde/?ts=markdown "Posts by Cameron Hyde") ![All the Small Things: Azure CLI Leakage and Problematic Usage Patterns](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/10/word-image-305943-1.png) [Application Security](https://www.paloaltonetworks.com/blog/category/application-security/?ts=markdown), [CI/CD](https://www.paloaltonetworks.com/blog/cloud-security/category/ci-cd/?ts=markdown) ## [All the Small Things: Azure CLI Leakage and Problematic Usage Patterns](https://www.paloaltonetworks.com/blog/cloud-security/secrets-leakage-user-error-azure-cli/) Developer usage patterns with Azure CLI may leak sensitive data in CI/CD logs when used in public repositories, potentially exposing critical information. Nov 14, 2023 By [Aviad Hahami](https://www.paloaltonetworks.com/blog/author/aviad-hahami/?ts=markdown "Posts by Aviad Hahami") ![Unpinnable Actions: How Malicious Code Can Sneak into Your GitHub Actions Workflows](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/08/thumbnail-1_1.png) [CI/CD](https://www.paloaltonetworks.com/blog/cloud-security/category/ci-cd/?ts=markdown), [DevOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devops/?ts=markdown) ## [Unpinnable Actions: How Malicious Code Can Sneak into Your GitHub Actions W...](https://www.paloaltonetworks.com/blog/cloud-security/unpinnable-actions-github-security/) Action pinning doesn't always offer security. Understand risks stemming from the GitHub Actions ecosystem and learn how to avoid compromise of CI/CD pipeline. Aug 30, 2023 By [Yaron Avital](https://www.paloaltonetworks.com/blog/author/yaron-avital/?ts=markdown "Posts by Yaron Avital") ![AppSec for the Modern Engineering Ecosystem](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/10/Working-Hard-1.jpg) [Application Security](https://www.paloaltonetworks.com/blog/category/application-security/?ts=markdown), [CI/CD](https://www.paloaltonetworks.com/blog/cloud-security/category/ci-cd/?ts=markdown) ## [AppSec for the Modern Engineering Ecosystem](https://www.paloaltonetworks.com/blog/cloud-security/appsec-engineering-ecosystem/) Software engineering is changing, becoming a driving force in business and bringing about big changes in how application security (AppSec) is approached. Let's take a look at what this paradigm shift means for ... May 18, 2023 By [Daniel Krivelevich](https://www.paloaltonetworks.com/blog/author/daniel-krivelevich/?ts=markdown "Posts by Daniel Krivelevich") ![AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/08/So-Tall.jpg) [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown) ## [AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers](https://www.paloaltonetworks.com/blog/cloud-security/application-infrastructure-security-101-blurring-cloud-native-app-layers/) Get tips for leveraging infrastructure as code to maintain cohesive application and infrastructure security for your cloud-native teams. Sep 28, 2022 By [Chris Tozzi](https://www.paloaltonetworks.com/blog/author/chris-tozzi/?ts=markdown "Posts by Chris Tozzi") ![A Primer on Secure DevOps: Learn the Benefits of These 3 DevSecOps Use Cases](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/02/iStock-523693904.jpg) [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown) ## [A Primer on Secure DevOps: Learn the Benefits of These 3 DevSecOps Use Case...](https://www.paloaltonetworks.com/blog/cloud-security/a-primer-on-secure-devops-learn-the-benefits-of-these-3-devsecops-use-cases/) Learn best practices and benefits of taking a DevSecOps approach to AppSec, IaC security and software supply chain security. Sep 22, 2022 By [Julia Benson](https://www.paloaltonetworks.com/blog/author/julia-benson/?ts=markdown "Posts by Julia Benson") ![Prisma Cloud Announces Software Composition Analysis (SCA) To Help Organizations Proactively Address Open Source Risk](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/09/I-See-2.jpg) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown) ## [Prisma Cloud Announces Software Composition Analysis (SCA) To Help Organiza...](https://www.paloaltonetworks.com/blog/cloud-security/prisma-cloud-announces-software-composition-analysis/) Prisma Cloud's new Software Composition Analysis (SCA) solution brings code-level application and infrastructure security into a single code-to-cloud platform. Sep 20, 2022 By [Guy Eisenkot](https://www.paloaltonetworks.com/blog/author/guy-eisenkot/?ts=markdown "Posts by Guy Eisenkot") Load more blogs ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language