[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) 4. [ASM Tools: Key Evaluation Criteria and How to Choose the Right One](https://www.paloaltonetworks.com/cyberpedia/asm-tools?ts=markdown) Table of Contents * [What Is Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) * [Importance of Knowing Your Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#importance?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#types?ts=markdown) * [Attack Vectors Commonly Exploited](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#attack?ts=markdown) * [Measuring and Assessing Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#measuring?ts=markdown) * [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#surface?ts=markdown) * [Reducing the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#reducing?ts=markdown) * [Real-World Examples of ASM](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#real?ts=markdown) * [Attack Surface Management (ASM) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#faqs?ts=markdown) * [What Is Exposure Management?](https://www.paloaltonetworks.com/cyberpedia/exposure-management?ts=markdown) * [Exposure Management Explained](https://www.paloaltonetworks.com/cyberpedia/exposure-management#exposure-management?ts=markdown) * [Components of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/exposure-management#components?ts=markdown) * [How Exposure Management Operates Across the Security Lifecycle](https://www.paloaltonetworks.com/cyberpedia/exposure-management#lifecycle?ts=markdown) * [Capabilities of an Exposure Management Platform](https://www.paloaltonetworks.com/cyberpedia/exposure-management#capabilities?ts=markdown) * [The Challenges](https://www.paloaltonetworks.com/cyberpedia/exposure-management#challenges?ts=markdown) * [Exposure Management Solutions](https://www.paloaltonetworks.com/cyberpedia/exposure-management#solutions?ts=markdown) * [Exposure Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/exposure-management#best-practices?ts=markdown) * [Exposure Management FAQs](https://www.paloaltonetworks.com/cyberpedia/exposure-management#faq?ts=markdown) * [What Are the Types and Roles of Attack Surface Management (ASM)?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles?ts=markdown) * [The 4 Most Commonly Observed Security Attacks](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#the?ts=markdown) * [Types of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#types?ts=markdown) * [Categories of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#categories?ts=markdown) * [The 5 Primary Roles of ASM](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#asm?ts=markdown) * [Important Functions of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#important?ts=markdown) * [Types and Roles of Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#faqs?ts=markdown) * [What Are Common Use Cases for Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management?ts=markdown) * [What Is the Purpose of Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#what?ts=markdown) * [Decoding the Attack Surface: Ten Examples](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#ten?ts=markdown) * [Understanding ASM from the Threat Actor's Perspective](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#understanding?ts=markdown) * [Ethical Hackers and Attack Surface Management: A Unique Use Case](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#the?ts=markdown) * [Examples of Attack Surface Management Use Cases](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#use?ts=markdown) * [Common Use Cases for Attack Surface Management FAQ](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#faqs?ts=markdown) * [What Is Continuous Threat Exposure Management (CTEM)?](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management?ts=markdown) * [Continuous Threat Exposure Management (CTEM) Explained](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#CTEM?ts=markdown) * [The Five Stages of Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#five-stages?ts=markdown) * [Understanding the Landscape of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#understanding-the-landscape?ts=markdown) * [Benefits of Implementing Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#benefits?ts=markdown) * [How to Deploy a CTEM Program: Best Practices](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#deploy?ts=markdown) * [CTEM FAQs](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#faq?ts=markdown) * [How Does a CISO Effectively Manage the Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management?ts=markdown) * [The Value of Modern ASM Solutions](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#asmsolutions?ts=markdown) * [A Comprehensive Approach to ASM](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#approach?ts=markdown) * [Attack Surface Measurement Defined](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#attacksurface?ts=markdown) * [5 Core Capabilities of Modern Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#modern?ts=markdown) * [A CISO's Guide to Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#faqs?ts=markdown) * [What Is the Attack Surface Management (ASM) Lifecycle?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle?ts=markdown) * [The 6 Stages of Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#the?ts=markdown) * [4 Stages of the Attack Surface Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#lifecycle?ts=markdown) * [Strategies to Complement the ASM Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#strategies?ts=markdown) * [Challenges that the ASM Lifecycle Addresses](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#challenges?ts=markdown) * [Attack Surface Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#faqs?ts=markdown) * [What is Attack Surface Assessment?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) * [What Is an Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#attack-surface?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#types?ts=markdown) * [Examples of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#examples?ts=markdown) * [How to Reduce Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#reduce?ts=markdown) * [Attack Surface Assessment FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#faqs?ts=markdown) * ASM Tools: How to Evaluate and Select the Best Option * [The Need for Attack Surface Management (ASM) Solutions](https://www.paloaltonetworks.com/cyberpedia/asm-tools#need?ts=markdown) * [The Key 7 Components of ASM Tools](https://www.paloaltonetworks.com/cyberpedia/asm-tools#key?ts=markdown) * [How to Select and Evaluate the Right ASM Solution](https://www.paloaltonetworks.com/cyberpedia/asm-tools#how?ts=markdown) * [Common Challenges in Implementing ASM](https://www.paloaltonetworks.com/cyberpedia/asm-tools#common?ts=markdown) * [Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/asm-tools#faqs?ts=markdown) * [What is the Difference Between Attack Surface and Threat Surface?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface?ts=markdown) * [Defining the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#defining?ts=markdown) * [Attack Vectors and Threat Vectors](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#attack?ts=markdown) * [Attack Surface Management and Analysis](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#analysis?ts=markdown) * [Real-World Examples of Attack Surface Exploits](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#real?ts=markdown) * [Protecting Your Digital and Physical Assets](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#protecting?ts=markdown) * [Frequently Asked Questions](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#faqs?ts=markdown) * [What Is External Attack Surface Management (EASM)?](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management?ts=markdown) * [External Attack Surface Management Explained](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#external?ts=markdown) * [Internal vs. External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#vs?ts=markdown) * [How External Attack Surface Management Works](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#how?ts=markdown) * [Why EASM Is Important](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#why?ts=markdown) * [Use Cases for External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#use?ts=markdown) * [Benefits of EASM](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#benefits?ts=markdown) * [Approaches to Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#approaches?ts=markdown) * [EASM Challenges](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#challenges?ts=markdown) * [How to Choose an Attack Surface Management Platform](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#platform?ts=markdown) * [External Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#faqs?ts=markdown) # ASM Tools: Key Evaluation Criteria and How to Choose the Right One 3 min. read Table of Contents * * [The Need for Attack Surface Management (ASM) Solutions](https://www.paloaltonetworks.com/cyberpedia/asm-tools#need?ts=markdown) * [The Key 7 Components of ASM Tools](https://www.paloaltonetworks.com/cyberpedia/asm-tools#key?ts=markdown) * [How to Select and Evaluate the Right ASM Solution](https://www.paloaltonetworks.com/cyberpedia/asm-tools#how?ts=markdown) * [Common Challenges in Implementing ASM](https://www.paloaltonetworks.com/cyberpedia/asm-tools#common?ts=markdown) * [Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/asm-tools#faqs?ts=markdown) 1. The Need for Attack Surface Management (ASM) Solutions * * [The Need for Attack Surface Management (ASM) Solutions](https://www.paloaltonetworks.com/cyberpedia/asm-tools#need?ts=markdown) * [The Key 7 Components of ASM Tools](https://www.paloaltonetworks.com/cyberpedia/asm-tools#key?ts=markdown) * [How to Select and Evaluate the Right ASM Solution](https://www.paloaltonetworks.com/cyberpedia/asm-tools#how?ts=markdown) * [Common Challenges in Implementing ASM](https://www.paloaltonetworks.com/cyberpedia/asm-tools#common?ts=markdown) * [Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/asm-tools#faqs?ts=markdown) Attack surface management (ASM) is an ongoing process focused on identifying, cataloging, categorizing, and tracking an organization's external digital resources. ASM solutions assist in detecting vulnerable systems, configuration errors, and unauthorized IT assets that could be exploited by attackers, providing early visibility into potential threats. As organizations navigate more complex digital landscapes and encounter advanced security risks, developing an effective [attack surface management](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) strategy and adopting ASM tools has become increasingly critical. ## The Need for Attack Surface Management (ASM) Solutions Modern enterprises operate in increasingly complex digital environments with continuously expanding attack surfaces. The shift to cloud platforms and the proliferation of IoT devices has created a labyrinth of potential entry points for attackers, from misconfigured cloud instances and exposed APIs to forgotten subdomains and shadow IT. Digital expansion creates significant blind spots, with over [35 billion records breached](https://www.itgovernance.co.uk/blog/global-data-breaches-and-cyber-attacks-in-2024) across nearly 9,500 publicly disclosed incidents in 2024 alone, primarily through [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) and stolen credentials. Security teams face the challenge of maintaining visibility across their entire digital footprint while effectively prioritizing remediation efforts. Attack surface management solutions address these challenges by providing continuous discovery and monitoring of all externally and internally facing assets. By implementing ASM tools, organizations gain real-time visibility into unauthorized systems, exposed ports, vulnerable services, and certificate issues that might otherwise remain undetected. Effective ASM follows a clear lifecycle: mapping all possible attack vectors, assessing vulnerabilities, remediating weaknesses, and implementing continuous monitoring. Such a proactive approach not only reduces blind spots but also enables security teams to prioritize remediation based on actual risk rather than arbitrary severity ratings. The financial impact of cybercrime continues to rise, with global losses [projected to reach 15.63 trillion U.S. dollars by 2029](https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide). Beyond the financial toll, attack surface management (ASM) offers significant operational advantages by bolstering vulnerability management efforts, enhancing digital risk mitigation, and improving preparedness for incidents. In today's environment, organizations can't afford prolonged exposure to vulnerabilities, especially as the average time to exploit a new vulnerability has reduced to just five days. By providing a comprehensive and continuously updated view of the attack surface, ASM solutions allow security teams to swiftly address emerging threats and maintain a resilient security posture amidst an increasingly dynamic threat landscape. The global adoption of ASM reflects its critical importance, with [the market projected to grow](https://www.fortunebusinessinsights.com/attack-surface-management-market-110386) from $1,031.2 million in 2025 to $4,291.1 million by 2032, exhibiting a compound annual growth rate of 22.6%. The surge underscores how enterprises increasingly recognize that you can't defend what you don't know exists, making comprehensive attack surface visibility not just beneficial but essential for modern cybersecurity strategies. ## The Key 7 Components of ASM Tools The top-performing ASM solutions integrate several critical components to deliver comprehensive visibility and protection across an organization's expanding digital footprint. Successful ASM tools have evolved beyond simple perimeter scanning to address the complex security demands of hybrid environments spanning on-premises infrastructure, cloud services, and SaaS applications. ### External Asset Discovery The cornerstone of any ASM platform is its ability to continuously scan and identify internet-facing assets. The automated discovery process identifies all potential entry points that attackers can exploit, including known infrastructure and undocumented or shadow assets that operate outside IT governance. Effective ASM tools employ multiple discovery techniques beyond basic IP scanning, including DNS enumeration, certificate analysis, and web crawling to build a complete inventory. They leverage telemetry from various data sources such as vulnerability scans, port scans, system fingerprinting, domain name searches, and TLS certificate analysis to provide an attacker's perspective of your organization. ### Shadow IT Detection As organizations accelerate digital transformation initiatives, departments increasingly deploy resources without proper IT oversight. Shadow IT refers to systems and applications that may have bypassed proper approval processes, like productivity applications purchased by individuals or teams. Good ASM solutions continuously monitor for unauthorized assets. Their detection capabilities must extend beyond traditional network boundaries to include cloud services, mobile devices, and IoT endpoints that might otherwise remain invisible to security teams. ### Port and Protocol Scanning Comprehensive ASM solutions map exposed network services through detailed port and protocol scanning. The tools monitor assets 24/7 for newly discovered security vulnerabilities, weaknesses, misconfigurations, and compliance issues. ASM tools identify risky configurations like unnecessary open ports, insecure protocols, and exposed administrative interfaces that attackers could leverage. They also conduct these scans with minimal performance impact and provide detailed fingerprinting of services to identify vulnerable software versions and outdated components across the entire attack surface. ### Vulnerability Correlation ASM tools transform raw vulnerability data into actionable intelligence by correlating detected issues with known CVEs and threat intelligence. By doing so, they provide proactive identification of vulnerabilities and SSL weaknesses across the environment. Advanced ASM solutions don't just identify vulnerabilities --- they determine exploitation potential by analyzing accessibility, authentication requirements, and real-world attack scenarios. By mapping vulnerabilities to specific assets and business functions, the ASM solution helps security teams understand which weaknesses pose the greatest risk to critical operations. ### Risk Prioritization With organizations facing thousands of vulnerabilities across their infrastructure, effective ASM tools employ contextual risk scoring to focus remediation efforts. Risk-based prioritization gives teams a coherent sense of order and direction while addressing the most critical vulnerabilities first. Advanced ASM solutions consider multiple factors, including vulnerability severity, asset importance, exploitability, [cyber threat intelligence](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown), and business context. The holistic approach helps security teams catch potential threats before they escalate. ### Change Monitoring Attack surfaces are highly dynamic, evolving as new resources are deployed and existing ones are modified. Effective ASM solutions implement continuous change monitoring to detect modifications that might introduce new risks. Attack surface management isn't a one-time event --- it must be a continuous process to account for the dynamic nature of IT environments, where hardware, systems, and applications are regularly replaced and new software and services are deployed. The platform generates alerts when new assets appear, configurations change, or previously secured systems suddenly expose sensitive services, enabling security teams to respond before attackers can exploit these changes. ### Remediation Guidance Beyond simply identifying issues, modern ASM solutions provide actionable remediation guidance and integration with security workflows. [Key components include](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) automated remediation capabilities alongside asset discovery, risk assessment, continuous monitoring, and third-party risk evaluation. The guidance includes detailed steps to mitigate vulnerabilities, [patch management](https://www.paloaltonetworks.com/cyberpedia/patch-management?ts=markdown) recommendations, and policy adjustments to prevent similar issues in the future. Advanced solutions integrate with ticketing systems, security orchestration platforms, and [DevSecOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops?ts=markdown) toolchains to streamline the remediation process and ensure vulnerabilities are efficiently addressed. ## How to Select and Evaluate the Right ASM Solution Choosing the optimal ASM solution requires careful evaluation across multiple dimensions to ensure it aligns with your organization's specific security requirements and technical environment. With the [ASM market projected to grow](https://www.grandviewresearch.com/industry-analysis/attack-surface-management-market-report) at a compound annual rate exceeding 30% through 2030, security leaders face an increasingly crowded marketplace of vendors making similar claims but offering substantially different capabilities. ### Depth and Frequency of Discovery and Scanning The foundation of any effective ASM solution lies in its ability to continuously discover and monitor your expanding attack surface. Comprehensive visibility into all internet-facing assets through continuous scanning enables organizations to proactively address security gaps before they become entry points for attackers. Ask about the ASM solution's scanning frequency. Daily scans are now considered a minimum requirement, while near real-time monitoring represents the gold standard for organizations with dynamic infrastructure. The discovery methodology should employ multiple techniques, including passive reconnaissance, active scanning, certificate analysis, and DNS monitoring, to build a complete asset inventory without creating excessive noise or disruption. ### Diversity of Asset Types The growth of the market is largely driven by the increasing complexity of attack methods, coupled with the expanding variety and intricacy of IT environments. As organizations adopt third-party services, SaaS applications, cloud storage, and IoT devices, they inadvertently introduce additional vulnerabilities. Your ASM solution should be capable of managing the breadth of your digital assets --- domains, subdomains, IP ranges, cloud infrastructures, APIs, certificates, and external services. When assessing coverage, ensure that the ASM provider can effectively handle hybrid and multicloud environments. ### Accuracy and Reduction of False Positives False positives waste security resources and contribute to alert fatigue --- a critical problem when many security teams already struggle with resource constraints. You'll want to evaluate the accuracy of the ASM solution via customer references and by reviewing the ASM vendor's approach to vulnerability verification. ASM solutions combining automated scanning with human validation typically deliver more accurate results than purely automated platforms. Consider solutions that provide context for each finding rather than relying solely on severity ratings, as contextual awareness helps teams understand the true risk and business impact. ### Risk Context and Scoring Approach Not all vulnerabilities carry the same level of risk for your organization. A robust ASM solution utilizes advanced risk scoring that goes beyond simple CVSS ratings. These tools categorize assets based on factors such as criticality, sensitivity, and the potential consequences of a breach, allowing security teams to focus their efforts effectively. When selecting an ASM tool, ensure it integrates business context, exploitability insights, threat intelligence, and asset importance into its scoring system. The risk prioritization framework should be clear, flexible, and able to be tailored to fit your organization's risk tolerance and security goals. ### Integration with Existing Security Infrastructure The value of an ASM solution multiplies when it integrates seamlessly with your existing security stack. Ideal ASM tools should include integrated workflows addressing the complete risk treatment lifecycle, including remediation workflows for instantly assigning risk responses, risk assessment workflows for in-depth evaluations, and reporting workflows for keeping stakeholders informed. Look for ASM solutions that can integrate with your SIEM, SOAR, vulnerability management tools, and ticketing systems. Native integrations reduce manual effort and enable automated workflows for vulnerability management and incident response. Ask ASM vendors for documentation on their API capabilities and integration partnerships to ensure compatibility with your environment. ### Real-time Change Detection Attack surfaces evolve as teams deploy new resources, modify configurations, and decommission assets. New workloads, API updates, and misconfigurations can introduce fresh vulnerabilities, making continuous monitoring with tools like activity logging and risk-based prioritization essential to catch potential threats before they escalate. Evaluate ASM solutions based on their ability to detect changes in near real-time and generate immediate alerts for high-risk modifications. The platform should maintain a historical record of your attack surface evolution, enabling security teams to understand how exposures have changed over time and identify trends requiring attention. ### Ease of Deployment and Automation Options Implementation complexity can significantly impact time-to-value and ongoing operational costs. Look for ASM vendors that offer a streamlined onboarding process, on-demand training materials, user-friendly design, easy-to-digest dashboards, and human support as needed during implementation. Consider factors like authentication requirements, network access needs, deployment architecture, and required configurations. ASM solutions should offer deployment flexibility through cloud-hosted, on-premises, or hybrid options to accommodate your security and compliance requirements. Before committing to any ASM vendor, conduct a proof of concept (PoC) with a limited scope to validate the solution's effectiveness in your environment. Selecting the right attack surface management platform means balancing environment complexity, integration needs, and available resources, as different solutions serve different purposes --- from [container security](https://www.paloaltonetworks.com/cyberpedia/what-is-container-security?ts=markdown) to brand tracking. A practical evaluation will allow you to assess asset coverage accuracy, false positive rates, integration capabilities, and reporting quality. ## Common Challenges in Implementing ASM Organizations implementing attack surface management solutions often encounter several significant hurdles that can impede their security objectives and diminish the effectiveness of their ASM programs. Understanding these challenges upfront helps security teams to develop strategies to overcome them and maximize the value of their ASM investments. ### High Volume of Unmanaged Asset Alerts The rapid expansion of digital environments often results in a high volume of alerts and overwhelmed security teams. Organizations frequently find that their attack surface is far larger than expected, with attack surface management tools revealing as much as 35% more assets than initially known. The surge in newly discovered assets can create a bottleneck, making it difficult for teams to effectively prioritize and manage alerts without strategies for triage and automation. ### Limited Context to Prioritize Real Threats Raw vulnerability data without business context makes effective risk prioritization nearly impossible. Security teams often attempt to manually correlate asset information in spreadsheets from various sources to combine business context with security controls, a time-consuming process that produces information often outdated by the next morning. Without contextual intelligence about asset criticality, exploitation likelihood, and potential business impact, organizations struggle to focus their remediation efforts on vulnerabilities that pose genuine risk rather than those with merely high severity scores. ### Difficulty Integrating into Existing Vulnerability Workflows Many organizations have established vulnerability management processes that resist integration with new ASM solutions. Integration complexity can be particularly challenging in diverse IT environments, requiring native integrations with multiple parts of the environment or custom integrations that demand specialized knowledge. The disconnect between ASM findings and existing security workflows creates operational friction, often resulting in parallel processes that increase workload rather than streamlining operations. Without seamless integration with ticketing systems, [SIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-siem?ts=markdown) platforms, and remediation tools, security teams must perform manual steps that slow response times and introduce opportunities for error. ### Lack of Ownership or Responsibility for Shadow IT Shadow IT assets frequently emerge with unclear ownership, creating accountability gaps for remediation. When ASM solutions identify these unauthorized assets, security teams often struggle to determine who should address the associated vulnerabilities. Without established protocols for handling newly discovered assets, critical security issues may remain unresolved despite being detected. ### Difficult to Maintain a Continuous and Accurate Asset Inventory Traditional asset management approaches fail to keep pace with the dynamic nature of modern IT environments. Cloud environments change, with new workloads, API updates, and misconfigurations introducing vulnerabilities that require continuous monitoring. The ephemerality of cloud resources, frequent deployment of temporary assets, and rapid change cycles make maintaining an accurate inventory particularly challenging. Without automated discovery and continuous monitoring capabilities, organizations develop blind spots in their security posture as new assets appear and existing ones transform or disappear. Addressing these implementation challenges requires not just technological solutions but also organizational alignment, clear governance structures, and well-defined processes. Organizations that anticipate and proactively manage these obstacles position themselves to realize the full potential of their ASM initiatives and substantially reduce their exposure to external threats. ## Attack Surface Management FAQs ### What is asset discovery? Asset discovery is the systematic process of identifying and cataloging all digital assets connected to an organization's network, including shadow IT and shadow cloud assets. Effective asset discovery uses multiple methods like network scanning, DNS analysis, and cloud API integration to create a complete inventory of your digital footprint. For security teams, this provides the all-important foundation of all security efforts, as you can't protect what you don't know exists. ### What is attack path analysis? Attack path analysis is the methodology of mapping potential routes that attackers could take to reach your critical assets. The analysis identifies sequences of vulnerabilities, misconfigurations, and trust relationships that, when chained together, create viable paths for attackers to move laterally through your environment. Modern attack path analysis uses graph theory and attack simulation to visualize these paths, helping security teams understand which seemingly minor vulnerabilities become dangerous when combined, and where to focus remediation efforts for maximum impact. ### What is continuous monitoring? Continuous monitoring is the practice of observing your attack surface in near real time to detect changes, new vulnerabilities, or suspicious activities. Unlike point-in-time assessments, continuous monitoring provides ongoing visibility into your security posture as it evolves. The approach allows security teams to quickly identify when new assets appear, when configurations drift, or when previously remediated vulnerabilities resurface. With digital environments changing rapidly, continuous monitoring has become essential for maintaining an accurate understanding of your security status at all times. ### What is exposure management? Exposure management is the proactive identification, assessment, and mitigation of security weaknesses before attackers can exploit them. It goes beyond traditional vulnerability management by considering broader attack vectors like misconfigurations, excessive permissions, and insecure business processes. Exposure Management focuses on understanding how various weaknesses could be leveraged in real-world attacks and addressing the underlying issues. Taking a holistic approach helps organizations reduce their overall risk by eliminating potential entry points and attack vectors. ### What is vulnerability chaining? Vulnerability chaining is the technique of linking multiple lower-severity vulnerabilities together to create an exploit path that poses a significantly higher risk than any individual vulnerability on its own. For example, combining a low-privilege access point with a series of privilege escalation weaknesses can ultimately lead to complete system compromise. Security practitioners must understand this concept to avoid the dangerous mistake of dismissing "minor" vulnerabilities that could become critical when chained. Modern attack surface management tools now analyze vulnerability chains to identify these complex attack scenarios that traditional vulnerability scanners might miss. ### What is supply chain risk? Supply chain risk refers to the security vulnerabilities and potential threats introduced through an organization's network of vendors, suppliers, partners, and service providers. Third-party relationships often involve system integrations, data sharing, or network access that can create entry points for attackers. The interconnected nature of modern business means that your security is only as strong as the weakest link in your supply chain. Security practitioners must assess how partners handle access management, [code security](https://www.paloaltonetworks.com/cyberpedia/what-is-code-security?ts=markdown), and vulnerability remediation, as compromises of these entities can lead directly to breaches of your environment. Related Content [The State of Cloud-Native Security Report Gain multi-industry intelligence to inform your cloud security strategies in our annual security report, which explores top security wins, wants, gaps and challenges.](https://www.paloaltonetworks.com/content/pan/en_US/state-of-cloud-native-security?ts=markdown) [Comprehensive Guide to CNAPPs Start reading the O'Reilly Cloud Native Application Protection Platforms: A Guide to CNAPPs and the Foundations of Comprehensive Cloud Security.](https://www.paloaltonetworks.com/resources/ebooks/oreilly-cnapp-cloud-security-foundations?ts=markdown) [The Definitive Guide to Container Security Securing your containerized applications is a critical component of maintaining the integrity, confidentiality and availability of your cloud services.](https://www.paloaltonetworks.com/resources/ebooks/container-security-definitive-guide?ts=markdown) [The Buyer's Guide to DSPM and DDR Learn what to look for in a cloud data security provider and how DSPM and DDR can significantly enhance your organization's security posture.](https://www.paloaltonetworks.com/resources/guides/data-centric-dspm-ddr-buyers-guide?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=ASM%20Tools%3A%20How%20to%20Evaluate%20and%20Select%20the%20Best%20Option&body=Use%20key%20criteria%20for%20evaluating%20attack%20surface%20management%20tools.%20Overcome%20implementation%20challenges%20and%20learn%20essential%20components%20for%20effective%20ASM.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/asm-tools) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) What is Attack Surface Assessment? [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface?ts=markdown) What is the Difference Between Attack Surface and Threat Surface? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language