[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/ai-security?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Next-Gen Trust Security](https://www.paloaltonetworks.com/network-security/next-gen-trust-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-security-solution?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection and Response (CDR)](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection and Response (CDR)](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.paloaltonetworks.com/deploybravely?ts=markdown) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Identity Security](https://www.paloaltonetworks.com/cyberpedia/identity-security?ts=markdown) 3. [Identity Governance and Administration](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga?ts=markdown) 4. [What Is Agentic AI vs AI Agents](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents?ts=markdown) Table of Contents * [What Is Modern IGA? Identity Governance Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga?ts=markdown) * [Modern IGA Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#explained?ts=markdown) * [The Evolution of Identity Governance: From Legacy to Modern](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#evolution?ts=markdown) * [Core Mechanisms: How Modern IGA Functions](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#core?ts=markdown) * [Key Benefits for the Modern Security Stack](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#key?ts=markdown) * [Addressing the Non-Human Identity (NHI) Challenge](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#challenge?ts=markdown) * [Modern IGA Challenges and Practical Solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#solutions?ts=markdown) * [Modern IGA FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#faqs?ts=markdown) * [What Is NIST SP 800-207? zero trust Architecture Framework](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207?ts=markdown) * [What Does NIST SP 800-207 Compliance Mean?](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#what?ts=markdown) * [Why NIST SP 800-207 Matters Today](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#why?ts=markdown) * [NIST Zero Trust Tenets](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#nist?ts=markdown) * [Zero Trust Architecture Components](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#components?ts=markdown) * [What Signals Inform A Trust Decision?](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#decision?ts=markdown) * [How Trust Decisions Typically Work](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#how?ts=markdown) * [Common Zero Trust Deployment Models](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#models?ts=markdown) * [Benefits And Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#benefits?ts=markdown) * [Practical Implementation Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#practical?ts=markdown) * [NIST SP 800-207 FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#faqs?ts=markdown) * Agentic AI vs. AI Agents: Differences, Risks \& Security * [Agentic AI and AI Agents Explained](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#explain?ts=markdown) * [Structural Differences: From Task-Based to Goal-Oriented](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#structural?ts=markdown) * [The Evolving Role of AI in the Security Operations Center (SOC)](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#evolving?ts=markdown) * [Why the Distinction Matters for Cyber Defense](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#why?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#cases?ts=markdown) * [Implementing an Agentic Security Strategy](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#strategy?ts=markdown) * [Establishing Guardrails and Human-in-the-Loop Governance](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#establishing?ts=markdown) * [Agentic AI Best Practices](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#practices?ts=markdown) * [Agentic AI vs. AI Agents FAQs](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#faqs?ts=markdown) * [What Is Access Certification? Benefits and Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification?ts=markdown) * [Why Access Certification Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#why?ts=markdown) * [How Access Certification Works](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#how?ts=markdown) * [Types of Access Certification](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#types?ts=markdown) * [What Access Certification Reviews](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#access?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#real-world?ts=markdown) * [Access Certification vs. Access Review](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#certification?ts=markdown) * [Access Certification vs. Provisioning](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#provisioning?ts=markdown) * [Access Certification and Least Privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#least?ts=markdown) * [Common Access Certification Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#common?ts=markdown) * [Access Certification Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#best?ts=markdown) * [Access Certification and Compliance](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#access-certification?ts=markdown) * [How Access Certification Supports Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#how-access?ts=markdown) * [Signs Your Access Certification Process Needs Improvement](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#signs?ts=markdown) * [The Future of Access Certification](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#the-future?ts=markdown) * [Access Certification FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification#faqs?ts=markdown) * [What Is the DORA Act? Digital Operational Resilience Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act?ts=markdown) * [DORA Act Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#dora?ts=markdown) * [Who Must Comply with DORA Regulations?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#regulations?ts=markdown) * [The Five Pillars of Digital Operational Resilience](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#operational?ts=markdown) * [The DORA Mandate: Integrating Governance with Systemic Resilience](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#mandate?ts=markdown) * [DORA Readiness Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#checklist?ts=markdown) * [Advanced Strategies for DORA Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#advanced?ts=markdown) * [DORA vs. NIS2 and EBA: Navigating the Regulatory Overlap](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#navigating?ts=markdown) * [Common Compliance Challenges and Pitfalls](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#compliance?ts=markdown) * [DORA Act FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-the-dora-act#faq?ts=markdown) * [What Is NIST CSF 2.0? Core Functions \& Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf?ts=markdown) * [NIST CSF 2.0 Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#csf?ts=markdown) * [Why NIST CSF 2.0 Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#why?ts=markdown) * [Six Core Functions of NIST CSF 2.0](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#core?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#cases?ts=markdown) * ["Compliance" With NIST CSF 2.0 (What People Usually Mean)](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#compliance?ts=markdown) * [Identity Security in NIST CSF 2.0](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#identity?ts=markdown) * [How to Implement NIST CSF 2.0](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#implement?ts=markdown) * [NIST CSF 2.0 FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-csf#faq?ts=markdown) * [What Is Identity Governance and Administration?](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga?ts=markdown) * [Identity Governance and Administration (IGA) Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#identity?ts=markdown) * [Core Pillars of Identity Governance and Administration](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#core?ts=markdown) * [Why IGA Is Critical for Modern Enterprises](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#why?ts=markdown) * [Business-Level Outcomes of IGA](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#business?ts=markdown) * [Implementation Steps for an IGA Program](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#implementation?ts=markdown) * [IGA and the Zero Trust Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#model?ts=markdown) * [Operational Challenges and Attack Containment Behavior](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#operaitonal?ts=markdown) * [Identity Governance and Administration (IGA) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#faqs?ts=markdown) * [What Is Identity Lifecycle Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management?ts=markdown) * [Identity Lifecycle Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#explained?ts=markdown) * [The Four Pillars of Identity Lifecycle Management](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#pillars?ts=markdown) * [Strategic Benefits: Why ILM Is a Cybersecurity Necessity](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#benefits?ts=markdown) * [Real-World Use Cases for Identity Lifecycle Management](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#use-cases?ts=markdown) * [Disrupting Attackers](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#disrupting-attackers?ts=markdown) * [Modernizing ILM: Just-in-Time Access and Non-Standing](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#modernizing-ilm?ts=markdown) * [Privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#privilege?ts=markdown) * [Critical Challenges and Solutions in Modern ILM Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#challenges?ts=markdown) * [ILM vs. IAM](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#ilm-vs-iam?ts=markdown) * [Identity Lifecycle Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#faqs?ts=markdown) # What Is Agentic AI vs AI Agents? 3 min. read [Explore Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) Table of Contents * * [Agentic AI and AI Agents Explained](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#explain?ts=markdown) * [Structural Differences: From Task-Based to Goal-Oriented](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#structural?ts=markdown) * [The Evolving Role of AI in the Security Operations Center (SOC)](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#evolving?ts=markdown) * [Why the Distinction Matters for Cyber Defense](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#why?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#cases?ts=markdown) * [Implementing an Agentic Security Strategy](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#strategy?ts=markdown) * [Establishing Guardrails and Human-in-the-Loop Governance](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#establishing?ts=markdown) * [Agentic AI Best Practices](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#practices?ts=markdown) * [Agentic AI vs. AI Agents FAQs](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#faqs?ts=markdown) 1. Agentic AI and AI Agents Explained * * [Agentic AI and AI Agents Explained](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#explain?ts=markdown) * [Structural Differences: From Task-Based to Goal-Oriented](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#structural?ts=markdown) * [The Evolving Role of AI in the Security Operations Center (SOC)](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#evolving?ts=markdown) * [Why the Distinction Matters for Cyber Defense](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#why?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#cases?ts=markdown) * [Implementing an Agentic Security Strategy](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#strategy?ts=markdown) * [Establishing Guardrails and Human-in-the-Loop Governance](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#establishing?ts=markdown) * [Agentic AI Best Practices](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#practices?ts=markdown) * [Agentic AI vs. AI Agents FAQs](https://www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents#faqs?ts=markdown) AI agents are discrete, task-oriented software entities designed to execute specific actions based on predefined triggers and human-provided instructions. [Agentic AI](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-security?ts=markdown) refers to an advanced architectural paradigm where autonomous systems possess the agency to independently reason, formulate multi-step plans, and orchestrate various tools or sub-agents to achieve high-level objectives without constant human intervention. Key Points * **Operational Scope**: AI agents perform narrow, repetitive tasks while agentic AI manages complex, end-to-end workflows and goals. \* **Decision Autonomy**: Agentic systems exhibit independent reasoning and strategic planning, whereas standard agents operate within fixed programmatic boundaries. \* **Orchestration Layer**: Agentic AI utilizes a centralized "brain" to coordinate multiple specialized agents, tools, and data sources. \* **Adaptive Intelligence**: While AI agents follow fixed rules, agentic AI reasons over context and feedback to adjust its tactics within a task or session, drawing on memory of prior interactions. \* **Cybersecurity Impact** : [Unit 42 research](https://www.paloaltonetworks.com/blog/2025/05/unit-42-develops-agentic-ai-attack-framework?ts=markdown) indicates that agentic AI can accelerate attack lifecycles by 100x, requiring a shift toward autonomous, platform-based defense. ![Agentic AI uses a continuous feedback loop to solve complex problems compared to the single-task nature of standard AI agents.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/agentic-ai-vs-ai-agents.png "Agentic AI uses a continuous feedback loop to solve complex problems compared to the single-task nature of standard AI agents.") *Figure 1: Agentic AI uses a continuous feedback loop to solve complex problems compared to the single-task nature of standard AI agents.* ## Agentic AI and AI Agents Explained Understanding the distinction between these two concepts is vital for security leaders navigating the current "AI era." An AI agent is a specialized digital assistant. It is purpose-built to handle a singular function, such as parsing email headers for [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) indicators or rotating encryption keys on a set schedule. These agents are highly efficient but lack situational awareness; they cannot "see" the broader security objective beyond their immediate task. Agentic AI represents a leap from execution to agency. Instead of waiting for a prompt to perform a task, an agentic system is given a goal, such as "neutralize this [ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown) outbreak", and independently determines which sequence of actions will achieve it. It may dispatch one agent to isolate infected hosts, another to audit access logs, and a third to initiate backup recovery, all while continuously monitoring the environment for new [lateral movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown). This shift is significant because it moves the human analyst from a "pilot" role (directing every move) to a "commander" role (setting objectives and governing the AI's autonomous decisions). In an era where Unit 42 has observed attack speeds increasing 4x in a single year, the ability of agentic AI to react at machine speed across fragmented identity and cloud surfaces is no longer a luxury but a defensive necessity. ## Structural Differences: From Task-Based to Goal-Oriented The primary differentiator between these two technologies lies in the underlying architecture of decision-making. Standard AI agents rely on chain-of-thought prompting or static playbooks to move from point A to point B. Agentic AI employs a recursive reasoning loop that allows it to evaluate its own progress and pivot if a specific tactic fails. ### Autonomy and Decision Logic Standard agents operate on reactive logic. They require a specific input to produce a specific output. If the input deviates from the expected parameters, the agent typically fails or requires human troubleshooting. Agentic AI uses proactive logic. It assesses the current state of a system against the desired "gold" state and independently selects the tools required to bridge that gap. ### The Orchestration Layer Agentic AI functions as a system of systems. It includes an orchestration layer that acts as a central nervous system. This layer manages a "swarm" of specialized agents, assigning them tasks based on their specific strengths. For example, the orchestrator might task a natural language agent with interpreting a new CISA directive while simultaneously tasking a technical agent with scanning the network for the newly identified vulnerabilities. ### Persistence and Long-Term Memory Unlike traditional agents that often operate in a stateless manner, forgetting the context once a task is complete, agentic systems maintain long-term memory. They record which strategies were successful in past incidents and apply those lessons to future planning. This persistence allows the system to build a contextual map of an organization's unique environment, including "normal" behavior patterns and critical asset locations. ## The Evolving Role of AI in the Security Operations Center (SOC) The transition to agentic systems is redefining the maturity model of the [modern SOC](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown). Security leaders must understand where their current capabilities sit on this spectrum to close the gap against automated adversaries effectively. ### Level 1: Point Automation and Scripting Most organizations begin here. This level involves using basic scripts or [SOAR](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown) playbooks to automate repetitive actions. These are not agents in the true sense, as they lack any internal reasoning capability. They follow a strict "if-this-then-that" logic. ### Level 2: Specialized AI Agents for Triage At this stage, organizations deploy LLM-powered agents to assist analysts. These agents can summarize alerts, explain complex code snippets, or suggest remediation steps. However, they still require a human to trigger every action and verify the output before moving to the next step in the incident lifecycle. ### Level 3: Full Agentic Orchestration for Incident Response This represents the emerging frontier of cyber defense. In mature implementations, agentic systems handle much of the detection and investigation pipeline autonomously, propose or execute response actions with defined guardrails, and escalate higher-stakes decisions for human authorization. Full autonomous TDIR remains aspirational for most environments. ## Why the Distinction Matters for Cyber Defense The rise of agentic AI is not limited to defenders. Threat actors are already leveraging agentic frameworks to automate the reconnaissance and exploitation phases of an [attack](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack?ts=markdown). ### Countering Agentic Attacks Agentic attack tools can perform thousands of permutations of an exploit in seconds, searching for the one path that bypasses a specific [firewall configuration](https://www.paloaltonetworks.com/cyberpedia/what-is-firewall-configuration?ts=markdown). To counter an agentic attacker, defenders must move beyond manual intervention. A human-speed response cannot win against a machine-speed attack. ### Managing Identity and Agent Hijacking As agentic systems gain more autonomy, they also gain more permissions. This creates a new attack surface known as agent hijacking. If an attacker compromises the credentials an agentic system uses to authenticate its tools (API keys, OAuth tokens, service account credentials), they gain an autonomous "insider" capable of moving laterally and exfiltrating data without further external commands. [Securing the identity](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-security?ts=markdown) and "thinking process" of agentic AI is a critical new pillar of enterprise security. ### Prompt Injection and Manipulation Agentic systems that process external data, whether web content, emails, documents, or tool outputs, are vulnerable to prompt injection. An attacker embeds malicious instructions in content the agent will read, causing it to take unintended actions using its own legitimate permissions. Unlike credential theft, no authentication boundary is crossed; the agent follows the injected instructions as if they came from its operator. This makes prompt injection one of the most immediate security concerns for agentic deployments. ## Use Cases \& Real-World Examples Unit 42 research highlights the double-edged nature of this technology. Threat actors now use agentic AI to accelerate attack lifecycles. * **Autonomous Attack Chains** : Unit 42 developed an [Agentic AI Attack Framework](https://www.paloaltonetworks.com/blog/2025/05/unit-42-develops-agentic-ai-attack-framework?ts=markdown) demonstrating that AI can compress a ransomware attack from initial compromise to exfiltration into just 25 minutes. * **Adaptive Phishing** : Attackers use agents to scrape LinkedIn data and generate hyper-realistic lures. These agents "self-prompt" to try alternative [social engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering?ts=markdown) channels if the first attempt fails. * **Identity Exploitation** : [Unit 42's 2026 Incident Response Report](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) indicates that identity weaknesses are implicated in nearly 90% of investigations. Agentic AI can bridge human and machine identities to act independently across cloud and SaaS environments. ## Implementing an Agentic Security Strategy Moving toward agentic AI requires more than just new software; it requires a fundamental shift in how security teams trust and govern their tools. ### Transitioning from Narrow Agents to Orchestrated Systems * **Consolidate or Federate Data Access**: Agentic AI needs reliable, queryable access to the data required for reasoning. This can be achieved through unified data platforms, federated access layers, or tool-based retrieval from existing systems. * **Enable Tool Access** : For an orchestrator to be effective, it must have secure access to the tools and data it needs, from [EDR](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection-and-response-edr?ts=markdown) to [cloud security posture management (CSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown). Emerging standards like Model Context Protocol (MCP) provide a consistent interface for agent tool access, though any integration path requires strong authentication and least-privilege scoping. * **Define Clear Objectives**: Shift from writing "scripts" to defining "intents." Instead of telling the AI how to block an IP, tell it to ensure no traffic leaves the country from this segment. ## Establishing Guardrails and Human-in-the-Loop Governance Autonomy does not mean a lack of control. Effective agentic deployment utilizes "constrained autonomy." This involves setting hard boundaries that the AI cannot cross, such as shutting down a production database, without explicit human authorization. This ensures that while the system moves fast, it stays aligned with business continuity requirements. ## Agentic AI Best Practices Securing autonomous systems requires shifting focus from model outputs to the entire execution workflow. | Category | Technical Implementation Step | Strategic Goal | | [Identity](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-security?ts=markdown) | Issue cryptographic workload identities (e.g., [SPIFFE](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe?ts=markdown), cloud-native IAM) with [Just-in-Time (JIT) access](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown) for all AI agents. | Limit the blast radius of compromised agents and reduce reliance on static credentials. | | Governance | Define explicit "prohibited actions" in the agent's system prompt. | Prevent autonomous scope creep and misuse. | | Visibility | Log every tool invocation and reasoning step in a central [SIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-siem?ts=markdown). | Ensure full auditability of autonomous decisions. | | Trust | Apply [zero trust](https://www.paloaltonetworks.com/cyberpedia/what-is-zero-trust?ts=markdown) "Never Trust, Always Verify" to agent-to-agent talk. | Prevent [lateral movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown) between autonomous agents. | | Platform | Implement a unified control plane for discovering, monitoring, and protecting agentic workflows. | Centralize runtime security and [identity governance](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga?ts=markdown). | |-----------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------| ## Agentic AI vs. AI Agents FAQs ### What is the main difference between an AI agent and agentic AI? The main difference is the level of autonomy and reasoning. An AI agent is a tool that performs a specific task when asked. Agentic AI is a system that takes a high-level goal and figures out the tasks, sequence, and tools needed to achieve it independently. ### Can agentic AI work without human supervision? While agentic AI can operate autonomously, it is best implemented with human-in-the-loop governance. Humans set the high-level objectives and guardrails, while the AI handles the complex execution and technical orchestration. ### Are AI agents and agentic AI the same as Generative AI? No. Generative AI is the underlying technology (like an LLM) that provides the "brain." AI agents and agentic AI are the "bodies" or "frameworks" that use that brain to perform actions in the real world or across software environments. ### How does agentic AI improve incident response times? By removing the "human-speed" bottleneck. Agentic AI can perform investigation steps---like querying logs across multiple clouds and correlating them with threat intelligence---simultaneously and instantaneously, reducing response times from hours to seconds. ### What are the risks of using agentic AI in cybersecurity? The primary risks include "hallucinations" in the reasoning process, where the AI might take an incorrect action, and "agent hijacking," where an attacker takes control of a highly privileged autonomous system. ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=Agentic%20AI%20vs.%20AI%20Agents%3A%20Differences%2C%20Risks%20%26%20Security&body=Understand%20the%20shift%20from%20task-based%20AI%20agents%20to%20autonomous%20agentic%20AI.%20Learn%20about%20identity%20risks%2C%20Unit%2042%20research%2C%20and%20Zero%20Trust%20security%20for%20AI.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/agentic-ai-vs-ai-agents) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207?ts=markdown) What Is NIST SP 800-207? zero trust Architecture Framework [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-access-certification?ts=markdown) What Is Access Certification? Benefits and Best Practices {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/ai-security?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language