[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [AI Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/artificial-intelligence-cybersecurity?ts=markdown) 3. [How to Build a Generative AI Security Policy](https://www.paloaltonetworks.com/cyberpedia/ai-security-policy?ts=markdown) Table of contents * [What is an AI security policy?](#what-is-an-ai-security-policy) * [Why do organizations need a GenAI security policy?](#why-do-organizations-need-a-genai-security-policy) * [What should an AI security policy include?](#what-should-an-ai-security-policy-include) * [How to implement an effective AI security policy](#how-to-implement-an-effective-ai-security-policy) * [How to use AI standards and frameworks to shape your GenAI security policy](#how-to-use-ai-standards-and-frameworks) * [Who should own the AI security policy in the organization?](#who-should-own-the-ai-security-policy-in-the-organization) * [AI security policy FAQs](#ai-security-policy-faqs) # How to Build a Generative AI Security Policy 5 min. read Table of contents * [What is an AI security policy?](#what-is-an-ai-security-policy) * [Why do organizations need a GenAI security policy?](#why-do-organizations-need-a-genai-security-policy) * [What should an AI security policy include?](#what-should-an-ai-security-policy-include) * [How to implement an effective AI security policy](#how-to-implement-an-effective-ai-security-policy) * [How to use AI standards and frameworks to shape your GenAI security policy](#how-to-use-ai-standards-and-frameworks) * [Who should own the AI security policy in the organization?](#who-should-own-the-ai-security-policy-in-the-organization) * [AI security policy FAQs](#ai-security-policy-faqs) 1. What is an AI security policy? * [1. What is an AI security policy?](#what-is-an-ai-security-policy) * [2. Why do organizations need a GenAI security policy?](#why-do-organizations-need-a-genai-security-policy) * [3. What should an AI security policy include?](#what-should-an-ai-security-policy-include) * [4. How to implement an effective AI security policy](#how-to-implement-an-effective-ai-security-policy) * [5. How to use AI standards and frameworks to shape your GenAI security policy](#how-to-use-ai-standards-and-frameworks) * [6. Who should own the AI security policy in the organization?](#who-should-own-the-ai-security-policy-in-the-organization) * [7. AI security policy FAQs](#ai-security-policy-faqs) An effective generative AI security policy can be developed by aligning policy goals with real-world AI use, defining risk-based rules, and implementing enforceable safeguards. It should be tailored to how GenAI tools are used across the business, not just modeled after general IT policy. The process includes setting access controls, defining acceptable use, managing data, and assigning clear responsibility. ## What is an AI security policy? An [AI security](https://www.paloaltonetworks.com/cyberpedia/ai-security) policy is a set of rules and procedures that define how an organization governs the use of [artificial intelligence](https://www.paloaltonetworks.com/cyberpedia/artificial-intelligence-ai)---especially generative AI. It outlines what's allowed, what's restricted, and how to manage AI-related risks like data exposure, model misuse, and unauthorized access. Basically, it's a formal way to set expectations for safe and responsible AI use across the business. That includes third-party AI tools, in-house models, and everything in between. !\[A circular diagram titled 'Essential elements of an organizational GenAI security policy' is shown with six color-coded segments branching out from a central circle labeled 'GenAI security policy.' Each segment includes a number, icon, and label. At the top center in green, segment 1 is labeled 'Model integrity \& security' with an icon of a networked chip. Moving clockwise, segment 2 is dark gray and labeled 'Data privacy \& ethical use' with a person silhouette icon. Segment 3 in bright blue is labeled 'Robustness \& resilience to attacks' with a shield and checkmark icon. Segment 4 in light blue is labeled 'Transparency \& explainability' with an icon showing a document and magnifying glass. Segment 5 in red-orange is labeled 'Compliance with AI-specific regulations \& standards' with a clipboard and checkmark icon. Segment 6 in teal is labeled 'Policy on shadow AI' with an icon showing a hidden figure. The diagram is adapted from 'Generative AI Security (K. Huang et al., eds.)'.\](https://www.paloaltonetworks.com/content/dam/pan/en\_US/images/cyberpedia/ai-security-policy/AI security policy 2025\_1-Essential elements of an organizational GenAI security policy-.png "A circular diagram titled 'Essential elements of an organizational GenAI security policy' is shown with six color-coded segments branching out from a central circle labeled 'GenAI security policy.' Each segment includes a number, icon, and label. At the top center in green, segment 1 is labeled 'Model integrity \& security' with an icon of a networked chip. Moving clockwise, segment 2 is dark gray and labeled 'Data privacy \& ethical use' with a person silhouette icon. Segment 3 in bright blue is labeled 'Robustness \& resilience to attacks' with a shield and checkmark icon. Segment 4 in light blue is labeled 'Transparency \& explainability' with an icon showing a document and magnifying glass. Segment 5 in red-orange is labeled 'Compliance with AI-specific regulations \& standards' with a clipboard and checkmark icon. Segment 6 in teal is labeled 'Policy on shadow AI' with an icon showing a hidden figure. The diagram is adapted from 'Generative AI Security (K. Huang et al., eds.)'.") The goal of the policy is to protect [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data), enforce [access controls](https://www.paloaltonetworks.com/cyberpedia/access-control), and prevent misuse---intentional or not. It also supports compliance with regulations that apply to AI, data privacy, or sector-specific governance. For generative AI, the policy often covers issues like prompt input risks, plugin oversight, and visibility into shadow AI usage. Important: An AI security policy doesn't guarantee protection. But it gives your organization a baseline for risk management. A good policy will make it easier to evaluate tools, educate employees, and hold teams accountable for responsible AI use. Without one, it's hard to know who's using what, where the data is going, or what security blind spots exist. ## Why do organizations need a GenAI security policy? Organizations need a [GenAI security](https://www.paloaltonetworks.com/cyberpedia/what-is-generative-ai-security) policy because the risks introduced by generative AI are unique, evolving, and already embedded in how people work. Employees are using GenAI tools---often without approval---to draft documents, analyze data, or automate tasks. Some of those tools retain input data or use it for model training. According to McKinsey's survey, "[The state of AI: How organizations are rewiring to capture value,](https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai)" 71% of respondents say their organizations regularly use generative AI in at least one business function. That's up from 65% in early 2024 and 33% in 2023. That means confidential business information could inadvertently end up in public models. Without a policy, organizations can't define what's safe or enforce how data is shared. "By 2027, more than 40% of AI-related data breaches will be caused by the improper use of generative AI (GenAI) across borders," according to Gartner, Inc. [- Gartner Press Release, "Gartner Predicts 40% of AI Data Breaches Will Arise from Cross-Border GenAI Misuse by 2027," February 17, 2025.](https://www.gartner.com/en/newsroom/press-releases/2025-02-17-gartner-predicts-forty-percent-of-ai-data-breaches-will-arise-from-cross-border-genai-misuse-by-2027) On top of that, attackers are using GenAI too. They can craft more convincing [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing) attempts, inject prompts to override safeguards, or poison training data. "Although still in early stages, malicious use of GenAI is already transforming the cyberthreat landscape. Attackers use AI-driven methods to enable more convincing phishing campaigns, automate malware development and accelerate progression through the attack chain, making cyberattacks both harder to detect and faster to execute. While adversarial GenAI use is more evolutionary than revolutionary at this point, make no mistake: GenAI is already transforming offensive attack capabilities." [- Palo Alto Networks, ​​Unit 42 Global Incident Response Report 2025](https://www.paloaltonetworks.com/resources/research/2025-incident-response-report) A policy helps establish how to evaluate and mitigate these risks. And it provides structure for reviewing AI applications, applying role-based access, and detecting unapproved use. In other words: A GenAI security policy is the foundation that supports risk mitigation, safe adoption, and accountability. It gives organizations the ability to enable AI use without compromising data, trust, or compliance. | ***Further reading:*** * [*Top GenAI Security Challenges: Risks, Issues, \& Solutions*](https://www.paloaltonetworks.com/cyberpedia/generative-ai-security-risks) * [*What Is a Prompt Injection Attack? \[Examples \& Prevention\]*](https://www.paloaltonetworks.com/cyberpedia/what-is-a-prompt-injection-attack) * [*What Is AI Prompt Security? Secure Prompt Engineering Guide*](https://www.paloaltonetworks.com/cyberpedia/what-is-ai-prompt-security) * [*What Is Shadow AI? How It Happens and What to Do About It*](https://www.paloaltonetworks.com/cyberpedia/what-is-shadow-ai) ![Unit 42 assement icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ai-security-policy/icon-unit-42-assessment.svg) ## Understand your generative AI adoption risk. Learn about the Unit 42 AI Security Assessment. [Learn more](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment) ## What should an AI security policy include? ![A radial diagram features a large central circle labeled 'What your GenAI security policy should cover,' with sixteen smaller blue circles radiating outward, each labeled with a policy component and accompanied by a simple white icon. Starting from the top left and moving clockwise: 'Roles \& responsibilities' has an icon of two people; 'Shadow AI discovery \& mitigation' shows a hidden figure; 'Application classification' features a document; 'Acceptable use' shows a clipboard with a checkmark; 'Scope' has a globe icon; 'Access control' is represented by a padlock; 'Consequences for violation' shows a warning triangle; 'Compliance \& regulatory alignment' includes a globe and checklist; 'Risk management' shows a shield and gear; 'Monitoring \& enforcement' has a computer screen with data; 'User education' is represented by a graduation cap; 'Transparency \& explainability' shows a document with a magnifying glass; 'Purpose' includes a target with an arrow; 'Data handling \& protection' shows a database icon; the entire diagram is structured like a sunburst chart with uniform spacing and gray dotted lines connecting each point to the center.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ai-security-policy/AI-security-policy-2025_2-What.png) A GenAI security policy needs to be practical, enforceable, and tailored to the way generative AI is actually being used across the business. That means going beyond generic guidelines and addressing specific risk points tied to tools, access, and behavior. The following sections explain what your policy should cover and why each part matters: * **Purpose** The policy should start by stating its purpose. This defines why the document exists and what it's trying to achieve. In the case of GenAI, that usually includes enabling safe AI adoption, protecting sensitive data, and aligning usage with ethical and regulatory standards. * **Scope** Scope explains where the policy applies. It should identify which teams, tools, systems, and use cases are in scope. Without clear boundaries, it's hard to enforce or interpret what the policy actually governs. * **Roles and responsibilities** This section outlines who owns what. It's where you define responsibilities for security, compliance, model development, and oversight. Everyone from developers to business users should know their part in keeping GenAI use secure. * **Application classification** GenAI apps should be grouped into sanctioned, tolerated, or unsanctioned categories. Why? Because not all tools pose the same risk. Classification helps define how to apply access controls and where to draw the line on usage. * **Acceptable use** This is the part that tells users what they can and can't do. It should specify whether employees can input confidential data, whether outputs can be reused, and which apps are approved for different tasks. * **Access control** Granular access policies help restrict usage based on job function and business need. That might mean limiting which teams can use certain models, or applying role-based controls to GenAI plugins inside SaaS platforms. * **Data handling and protection** The policy should define how data is used, stored, and monitored when interacting with GenAI. This includes outbound prompt data, generated output, and any AI-generated content stored in third-party systems. It's critical for managing privacy and reducing leakage risk. * **Shadow AI discovery and mitigation** Not every GenAI tool in use will be officially approved. The policy should include steps to detect unsanctioned usage and explain how those tools will be reviewed, blocked, or brought under control. * **Transparency and explainability** Some regulations require model transparency. Even if yours don't, it's still good practice to document how outputs are generated. This section should explain expectations around model interpretability and what audit capabilities must be built in. * **Risk management** AI introduces different types of risks---from prompt injection to data poisoning. Your policy should state how risk assessments are conducted, how often they're reviewed, and what steps are taken to address high-risk areas. * **Compliance and regulatory alignment** AI-related regulations are still evolving. But some requirements already exist, especially around data privacy and ethics. The policy should reference applicable standards and describe how the organization plans to stay aligned as those requirements change. * **Monitoring and enforcement** Policy is only effective if it's enforced. This section should explain how usage will be logged, what gets reviewed, and how violations are handled. That might include alerting, blocking access, or escalating to HR or legal depending on the issue. * **User education** Users play a major role in AI risk. The policy should outline what kind of GenAI training will be required and how employees will stay informed about safe and appropriate use. * **Consequences for violation** Finally, your policy should clearly explain what happens if someone breaks the rules. This includes internal disciplinary actions and, where applicable, legal or compliance consequences. Clarity here reduces ambiguity and supports enforcement. ![I con of a browser](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-llm-security/icon-llm-browser.svg) ## See firsthand how to make sure GenAI apps are used safely. Get a personalized AI Access Security demo. [Register](https://start.paloaltonetworks.com/ai-access-contact-us.html) ## How to implement an effective AI security policy ![A vertical, two-column flowchart illustrates six steps under the heading 'How to implement an effective AI security policy,' which appears in bold on the left side over a light gray background. Each step is numbered in bold orange text and paired with a circular gray icon. In the first column, Step 1 is 'Align the policy with business needs' with a bullseye icon; Step 2 is 'Operationalize the AI security policy' with an icon of two people connected by a line; Step 3 is 'Integrate into security processes' with a flowchart icon. An arrow curves down the left column and then up to the second column. In the second column, Step 4 is 'Establish access governance' with a padlock icon; Step 5 is 'Define data management procedures' with a checklist icon; Step 6 is 'Plan for ongoing operations and response' with a gear icon. Colored chevrons mark the start and end points at the top and bottom of the path.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ai-security-policy/AI-security-policy-2025_3-How.png "A vertical, two-column flowchart illustrates six steps under the heading 'How to implement an effective AI security policy,' which appears in bold on the left side over a light gray background. Each step is numbered in bold orange text and paired with a circular gray icon. In the first column, Step 1 is 'Align the policy with business needs' with a bullseye icon; Step 2 is 'Operationalize the AI security policy' with an icon of two people connected by a line; Step 3 is 'Integrate into security processes' with a flowchart icon. An arrow curves down the left column and then up to the second column. In the second column, Step 4 is 'Establish access governance' with a padlock icon; Step 5 is 'Define data management procedures' with a checklist icon; Step 6 is 'Plan for ongoing operations and response' with a gear icon. Colored chevrons mark the start and end points at the top and bottom of the path.") Establishing an AI security policy is only half the battle. The harder part is putting it into practice. That means turning the policy's goals and rules into real-world actions, systems, and safeguards that can adapt as AI evolves. Let's walk through the core steps to actually implement an AI security policy in your organization. ### Step 1: Align the policy with business needs Start by understanding what your organization actually does with generative AI. Are you building models? Using off-the-shelf apps? Letting employees try public tools? Each of these comes with different risks and obligations. The implementation process should directly reflect how GenAI is used in practice. That means defining responsibilities, setting clear goals, and making sure the policy fits the organization's size, industry, and existing infrastructure. ***Tip:*** *Avoid extremes. A policy that's too vague won't be followed. And one that's too strict could slow down innovation. Make sure your policy is specific enough to act on but flexible enough to evolve.* ### Step 2: Operationalize the AI security policy Once the policy is aligned, it has to be operationalized. That means translating policy statements into concrete processes, controls, and behaviors. Start by mapping the policy to specific actions. **For example(s):** * If the policy says "prevent unauthorized GenAI use," then implement app control or proxy rules to block unapproved tools. * If the policy requires "model confidentiality," then set up monitoring and [data loss prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-data-loss-prevention-dlp) for inference requests. Also make sure you have procedures for onboarding, training, enforcement, and periodic review. ***Tip:*** *Reuse what already works. AI policy implementation often overlaps with broader governance, risk, and compliance efforts. Rely on those systems where possible.* ### Step 3: Integrate into security processes AI security doesn't exist in a vacuum. It should be woven into your broader security operations. That means: * Incorporating GenAI into threat modeling and risk assessments * Applying secure development practices to AI pipelines * Expanding monitoring and [incident response](https://www.paloaltonetworks.com/cyberpedia/what-is-incident-response) to cover AI inputs and outputs * Maintaining patch and configuration management for models, APIs, and underlying infrastructure GenAI should be a dimension **in** your existing controls, not a parallel track. ***Tip:*** *Make GenAI systems fully visible in your asset inventory. Tag models, inference APIs, and data pipelines so they show up in vulnerability scans, patching cycles, and monitoring tools. It's the simplest way to avoid blind spots.* ### Step 4: Establish access governance Effective access governance starts with knowing who is using GenAI and what they're using it for. Then, you can enforce limits. This includes: * Verifying identities of all users and systems accessing models * Controlling access to training data, inference APIs, and GenAI outputs * Using role-based access control, strong authentication, and audit trails Remember: GenAI can generate sensitive or proprietary content. If access isn't tightly controlled, misuse is easy---and hard to detect. ***Tip:*** *Don't just manage access. Log it with context. Capture who accessed GenAI systems, what prompts or data they used, and why. That audit trail will be critical if something goes wrong.* ### Step 5: Define data management procedures AI models are only as secure as the data they rely on. That's why data handling needs its own set of safeguards. This step includes: * Classifying and labeling data used for training or inference * Enforcing [encryption](https://www.paloaltonetworks.com/cyberpedia/data-encryption), anonymization, and retention policies * Monitoring how data is used, shared, and stored * Setting up secure deletion processes for expired or high-risk data Important: Many AI incidents stem from overlooked or poorly managed data. Solid data procedures are foundational to any AI security effort. ***Tip:*** *Watch for sensitive data leaking through embeddings, RAG queries, or model drift, even if the training set was clean. Map how data flows through each GenAI interaction so you can flag violations in real time. It's not just about input hygiene anymore.* | ***Further reading:** [DSPM for AI: Navigating Data and AI Compliance Regulations](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance)* ### Step 6: Plan for ongoing operations and response AI systems change fast. New models get deployed. Old ones get retrained. Threats evolve. So implementation can't be static. This step covers: * Monitoring model behavior, user activity, and system logs * Running regular security assessments and red teaming exercises * Preparing incident response playbooks specific to GenAI misuse or model compromise * Maintaining rollback options for model changes or misbehavior ***Tip:*** *Aim for resilience, not perfection. Even well-secured AI models can fail or be manipulated. Build response plans that assume something will go wrong and focus on minimizing damage and recovery time.* ![Icon of a network](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-llm-security/icon-llm-browser_1.svg) ## See how to discover, secure, and monitor your AI environment. Take the Prisma AIRS interactive tour. [Start demo](hhttps://start.paloaltonetworks.com/prisma-airs-demo.html#bodysec-content-heading) ## How to use AI standards and frameworks to shape your GenAI security policy You don't have to start from scratch. A growing set of AI security standards and frameworks can guide your policy decisions. Especially in areas where best practices are still emerging. These resources help you do three things: * Identify and classify risks specific to AI and GenAI. * Align your policies with regulatory and ethical expectations. * Operationalize security controls across the GenAI lifecycle. Let's break down the most relevant frameworks and how they can help. | Standard or framework | What it is | How to use it in policy development | |--------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | [MITRE ATLAS Matrix](https://atlas.mitre.org/) | A framework for understanding attack tactics targeting AI systems | Use it to build threat models, define mitigation strategies, and educate teams about real-world attack scenarios | | [AVID (AI Vulnerability Database)](https://avidml.org/) | An open-source index of AI-specific vulnerabilities | Reference it to identify risk patterns and reinforce policy coverage for model, data, and system-level threats | | [NIST AI Risk Management Framework (AI RMF)](https://www.nist.gov/itl/ai-risk-management-framework) | A U.S. government framework for managing AI risk | Apply it to shape governance structure, assign responsibilities, and ensure continuous risk monitoring | | [OWASP Top 10 for LLMs](https://owasp.org/www-project-top-10-for-large-language-model-applications/) | A list of the most critical security risks for [large language models](https://www.paloaltonetworks.com/cyberpedia/large-language-models-llm) | Use it to ensure your policy explicitly addresses common vulnerabilities like prompt injection and [data leakage](https://www.paloaltonetworks.com/cyberpedia/data-leak) | | [Cloud Security Alliance (CSA) AI Safety Initiative](https://cloudsecurityalliance.org/ai-safety-initiative) | A set of guidelines, controls, and training recommendations for GenAI | Adopt CSA-aligned controls and map them to your GenAI tools, especially for cloud and SaaS environments | | [Frontier Model Forum](https://www.frontiermodelforum.org/) | An industry collaboration focused on safe development of frontier models | Use it to stay informed on evolving best practices, particularly if you're using cutting-edge foundation models | | [NVD and CVE Extensions for AI](https://nvd.nist.gov/) | U.S. government vulnerability listings adapted for AI contexts | Monitor these sources for AI-specific CVEs and apply relevant patches or compensating controls | | [Google Secure AI Framework (SAIF)](https://saif.google/) | A security framework from Google for securing AI systems | Use it to shape secure development and deployment practices, especially in production environments | ***Tip:*** *Don't worry about frameworks overlapping. Use the common ground between them to validate your policy and spot any gaps you may have missed.* | ***Further reading:*** * [*What Is AI Governance?*](https://www.paloaltonetworks.com/cyberpedia/ai-governance) * [*AI Risk Management Frameworks: Everything You Need to Know*](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework) * [*NIST AI Risk Management Framework (AI RMF)*](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework) * [*What Is Google's Secure AI Framework (SAIF)?*](https://www.paloaltonetworks.com/cyberpedia/google-secure-ai-framework) ![Icon of a browser](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-llm-security/icon-llm-browser_1.svg) ## Test your response to real-world AI infrastructure attacks. Explore Unit 42 Tabletop Exercises (TTX). [Learn more](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise) ## Who should own the AI security policy in the organization? ![A diagram titled 'AI security policy ownership model' showing a large white circle on the left labeled 'AI security policy owner (e.g., CISO)' with an icon of a person carrying a briefcase. Dashed lines extend from the owner circle to three labeled blue circles on the right: 'Engineering' with a crossed tools icon, 'Legal' with a balanced scale icon, and 'Compliance' with a document and shield icon. A fourth circle labeled 'Product' with a cube icon is shown in gray, indicating a secondary or less central role. The word 'Collaboration' is written vertically between the owner and the three blue stakeholder circles, suggesting shared responsibility.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ai-security-policy/AI-security-policy-2025_4-AI.png "A diagram titled 'AI security policy ownership model' showing a large white circle on the left labeled 'AI security policy owner (e.g., CISO)' with an icon of a person carrying a briefcase. Dashed lines extend from the owner circle to three labeled blue circles on the right: 'Engineering' with a crossed tools icon, 'Legal' with a balanced scale icon, and 'Compliance' with a document and shield icon. A fourth circle labeled 'Product' with a cube icon is shown in gray, indicating a secondary or less central role. The word 'Collaboration' is written vertically between the owner and the three blue stakeholder circles, suggesting shared responsibility.") There's no one-size-fits-all owner for an AI security policy. But every organization should assign clear ownership. Ideally to a senior leader or cross-functional team. Who owns it will depend on how your organization is structured and how deeply GenAI is embedded into your workflows. What matters most is having someone accountable for aligning the policy to real risks and driving it forward. In most cases, the CISO or a central security leader should take point. They already oversee broader risk and compliance efforts, so anchoring AI security policy there keeps it integrated and consistent. But they shouldn't act alone. Here's why: GenAI risk spans more than cybersecurity. You need legal, compliance, engineering, and product involved too. Some organizations may benefit from a formal AI governance board. Others might designate domain-specific policy owners or security champions across business units. What matters most is cross-functional coordination with clear roles and accountability. ## AI security policy FAQs ### How to write an AI policy Start by identifying how GenAI is used in your organization. Then define purpose, scope, roles, access, data handling, and enforcement. Align it with business needs and operationalize it through real-world controls and training. ### What does a good AI policy look like? A good AI policy is specific, enforceable, and aligned with how GenAI is actually used. It outlines who's responsible, what's allowed, and how risk is managed and monitored. ### What are the contents of an AI policy? Key contents include purpose, scope, acceptable use, access control, data handling, risk management, shadow AI, enforcement, and user education. ### What points must AI policies always cover? At minimum: usage rules, data protection, access control, monitoring, and consequences for violations. ### Who should own the AI policy? Ideally a senior leader like the CISO, with input from legal, compliance, and engineering. Ownership depends on how GenAI is used and how your org is structured. ### What is an AI policy for a small company? For small orgs, the policy should still cover access, data handling, and acceptable use---but in simpler terms. Ownership may fall to a single leader or security team. ### What's the difference between an AI policy and an AI security policy? An AI policy may address general use or innovation guidelines. An AI security policy focuses specifically on risk, access, protection, and enforcement. ### Do AI security policies apply to third-party GenAI tools? Yes. Policies should define which external tools are approved, how they handle data, and what usage restrictions apply. ### How often should you update an AI security policy? Policies should be reviewed regularly---especially as AI tools, risks, or regulations change. ### What frameworks or standards can help shape an AI security policy? NIST AI RMF, MITRE ATLAS, OWASP Top 10, CSA AI Safety, and AVID can all help identify risks and structure your policy. ### What are the risks of not having an AI security policy? Lack of policy can lead to shadow AI use, data leaks, regulatory violations, and unmitigated security threats. ### Should AI security policies include enforcement or consequences? Yes. Effective policies define how violations are detected, reviewed, and acted on---both technically and through HR or legal. ### How do you roll out an AI policy across a large organization? Start with leadership buy-in. Train users, map controls to systems, and use existing governance structures to monitor adoption. ### What if employees are already using AI tools before a policy is in place? Start by identifying which tools are in use. Then evaluate risks, classify tools, and define transition rules in the policy. Related Content [Guide: The C-Suite Guide to GenAI Risk Management Gain key insights and strategies to handle the unique risks inherent in GenAI applications.](https://start.paloaltonetworks.com/The-C-Suite-Guide-to-GenAI-Risk-Management) [White paper: Establishing a Governance Framework for AI-Powered Applications Get a robust governance framework to guide your org through the complex terrain of AI-powered apps.](https://start.paloaltonetworks.com/ai-governance-whitepaper.html) [Checklist: A CISO's AI Journey Checklist Find out the most cyber resilient path for deploying AI.](https://www.paloaltonetworks.com/resources/infographics/ciso-ai-checklist?ts=markdown) [LIVEcommunity blog: Secure AI by Design Discover a comprehensive GenAI security framework.](https://live.paloaltonetworks.com/t5/community-blogs/genai-security-technical-blog-series-1-6-secure-ai-by-design-a/ba-p/589504) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=How%20to%20Build%20a%20Generative%20AI%20Security%20Policy&body=An%20effective%20GenAI%20security%20policy%20is%20developed%20by%20aligning%20policy%20goals%20with%20AI%20use%2C%20defining%20risk-based%20rules%2C%20and%20implementing%20safeguards.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/ai-security-policy) Back to Top {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language