[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown) 3. [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) 4. [What Are the Types and Roles of Attack Surface Management (ASM)?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles?ts=markdown) Table of Contents * [What Is Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) * [Importance of Knowing Your Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#importance?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#types?ts=markdown) * [Attack Vectors Commonly Exploited](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#attack?ts=markdown) * [Measuring and Assessing Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#measuring?ts=markdown) * [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#surface?ts=markdown) * [Reducing the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#reducing?ts=markdown) * [Real-World Examples of ASM](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#real?ts=markdown) * [Attack Surface Management (ASM) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#faqs?ts=markdown) * [What Is Exposure Management?](https://www.paloaltonetworks.com/cyberpedia/exposure-management?ts=markdown) * [Exposure Management Explained](https://www.paloaltonetworks.com/cyberpedia/exposure-management#exposure-management?ts=markdown) * [Components of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/exposure-management#components?ts=markdown) * [How Exposure Management Operates Across the Security Lifecycle](https://www.paloaltonetworks.com/cyberpedia/exposure-management#lifecycle?ts=markdown) * [Capabilities of an Exposure Management Platform](https://www.paloaltonetworks.com/cyberpedia/exposure-management#capabilities?ts=markdown) * [The Challenges](https://www.paloaltonetworks.com/cyberpedia/exposure-management#challenges?ts=markdown) * [Exposure Management Solutions](https://www.paloaltonetworks.com/cyberpedia/exposure-management#solutions?ts=markdown) * [Exposure Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/exposure-management#best-practices?ts=markdown) * [Exposure Management FAQs](https://www.paloaltonetworks.com/cyberpedia/exposure-management#faq?ts=markdown) * What Are the Types and Roles of Attack Surface Management (ASM)? * [The 4 Most Commonly Observed Security Attacks](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#the?ts=markdown) * [Types of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#types?ts=markdown) * [Categories of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#categories?ts=markdown) * [The 5 Primary Roles of ASM](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#asm?ts=markdown) * [Important Functions of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#important?ts=markdown) * [Types and Roles of Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#faqs?ts=markdown) * [What Are Common Use Cases for Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management?ts=markdown) * [What Is the Purpose of Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#what?ts=markdown) * [Decoding the Attack Surface: Ten Examples](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#ten?ts=markdown) * [Understanding ASM from the Threat Actor's Perspective](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#understanding?ts=markdown) * [Ethical Hackers and Attack Surface Management: A Unique Use Case](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#the?ts=markdown) * [Examples of Attack Surface Management Use Cases](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#use?ts=markdown) * [Common Use Cases for Attack Surface Management FAQ](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#faqs?ts=markdown) * [What Is Continuous Threat Exposure Management (CTEM)?](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management?ts=markdown) * [Continuous Threat Exposure Management (CTEM) Explained](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#CTEM?ts=markdown) * [The Five Stages of Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#five-stages?ts=markdown) * [Understanding the Landscape of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#understanding-the-landscape?ts=markdown) * [Benefits of Implementing Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#benefits?ts=markdown) * [How to Deploy a CTEM Program: Best Practices](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#deploy?ts=markdown) * [CTEM FAQs](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#faq?ts=markdown) * [How Does a CISO Effectively Manage the Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management?ts=markdown) * [The Value of Modern ASM Solutions](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#asmsolutions?ts=markdown) * [A Comprehensive Approach to ASM](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#approach?ts=markdown) * [Attack Surface Measurement Defined](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#attacksurface?ts=markdown) * [5 Core Capabilities of Modern Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#modern?ts=markdown) * [A CISO's Guide to Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#faqs?ts=markdown) * [What Is the Attack Surface Management (ASM) Lifecycle?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle?ts=markdown) * [The 6 Stages of Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#the?ts=markdown) * [4 Stages of the Attack Surface Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#lifecycle?ts=markdown) * [Strategies to Complement the ASM Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#strategies?ts=markdown) * [Challenges that the ASM Lifecycle Addresses](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#challenges?ts=markdown) * [Attack Surface Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#faqs?ts=markdown) * [What is Attack Surface Assessment?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) * [What Is an Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#attack-surface?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#types?ts=markdown) * [Examples of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#examples?ts=markdown) * [How to Reduce Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#reduce?ts=markdown) * [Attack Surface Assessment FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#faqs?ts=markdown) * [ASM Tools: How to Evaluate and Select the Best Option](https://www.paloaltonetworks.com/cyberpedia/asm-tools?ts=markdown) * [The Need for Attack Surface Management (ASM) Solutions](https://www.paloaltonetworks.com/cyberpedia/asm-tools#need?ts=markdown) * [The Key 7 Components of ASM Tools](https://www.paloaltonetworks.com/cyberpedia/asm-tools#key?ts=markdown) * [How to Select and Evaluate the Right ASM Solution](https://www.paloaltonetworks.com/cyberpedia/asm-tools#how?ts=markdown) * [Common Challenges in Implementing ASM](https://www.paloaltonetworks.com/cyberpedia/asm-tools#common?ts=markdown) * [Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/asm-tools#faqs?ts=markdown) * [What is the Difference Between Attack Surface and Threat Surface?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface?ts=markdown) * [Defining the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#defining?ts=markdown) * [Attack Vectors and Threat Vectors](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#attack?ts=markdown) * [Attack Surface Management and Analysis](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#analysis?ts=markdown) * [Real-World Examples of Attack Surface Exploits](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#real?ts=markdown) * [Protecting Your Digital and Physical Assets](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#protecting?ts=markdown) * [Frequently Asked Questions](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#faqs?ts=markdown) * [What Is External Attack Surface Management (EASM)?](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management?ts=markdown) * [External Attack Surface Management Explained](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#external?ts=markdown) * [Internal vs. External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#vs?ts=markdown) * [How External Attack Surface Management Works](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#how?ts=markdown) * [Why EASM Is Important](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#why?ts=markdown) * [Use Cases for External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#use?ts=markdown) * [Benefits of EASM](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#benefits?ts=markdown) * [Approaches to Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#approaches?ts=markdown) * [EASM Challenges](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#challenges?ts=markdown) * [How to Choose an Attack Surface Management Platform](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#platform?ts=markdown) * [External Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#faqs?ts=markdown) # What Are the Types and Roles of Attack Surface Management (ASM)? 3 min. read Table of Contents * * [The 4 Most Commonly Observed Security Attacks](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#the?ts=markdown) * [Types of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#types?ts=markdown) * [Categories of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#categories?ts=markdown) * [The 5 Primary Roles of ASM](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#asm?ts=markdown) * [Important Functions of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#important?ts=markdown) * [Types and Roles of Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#faqs?ts=markdown) 1. The 4 Most Commonly Observed Security Attacks * * [The 4 Most Commonly Observed Security Attacks](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#the?ts=markdown) * [Types of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#types?ts=markdown) * [Categories of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#categories?ts=markdown) * [The 5 Primary Roles of ASM](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#asm?ts=markdown) * [Important Functions of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#important?ts=markdown) * [Types and Roles of Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#faqs?ts=markdown) Attack surface management (ASM) involves identifying, monitoring, and reducing potential security vulnerabilities in an organization's IT infrastructure. ASM can be divided into several types, each playing a distinct role in creating a comprehensive security strategy. This ensures that both external and internal threats are effectively managed, human factors are addressed, and third-party and digital risks are minimized. The roles involved in minimizing an organization's exposure to cyberattacks include continuous asset discovery, [risk assessment](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown), prioritization, [remediation](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management?ts=markdown), and continuous monitoring. ## The 4 Most Commonly Observed Security Attacks Among the myriad of security threats, four types stand out due to their prevalence and impact: [malware attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown), [phishing attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown), [denial of service (DoS)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos?ts=markdown) and [distributed denial of service (DDoS) attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack?ts=markdown), and man-in-the-middle (MitM) attacks. Each of these attacks exploits different elements of an organization's attack surface, underscoring the need for a comprehensive and proactive ASM strategy. Understanding these common attack vectors is essential for developing robust defenses and ensuring the resilience of an organization's digital assets. ![What Your Attack Surface Includes](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/asm-types-and-roles/attack-surface.png "What Your Attack Surface Includes") *An attack surface is the total number of entry points, vulnerabilities and weaknesses an adversary can exploit to gain unauthorized access to a system or network* ## Types of Attack Surface Management Under the umbrella of [attack surface management](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown), several specialized categories focus on specific types of assets and their related attack surfaces. All of these attack surface management solutions provide [continuous monitoring](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle?ts=markdown), identify internal assets and their configurations, assess security controls, and ensure compliance with security policies (e.g., keeping systems up to date and supporting access controls). They include: * [External ASM (EASM)](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management?ts=markdown) * Internal ASM (IASM) * Cyber Asset ASM (CAASM) * Open Source ASM (OSASM) ### External Attack Surface Management (EASM) EASM solutions address attack surfaces in a network environment, providing continuous discovery and assessment of any internet-facing asset, such as public web servers, APIs, SSL certificates, and cloud services. They track changes and analyze vulnerabilities to deliver real-time insights into vast and dynamic surfaces. Exposures detected with EASM include exposed servers, credentials, public cloud service misconfigurations, deep web and dark web disclosures, and third-party partner software code vulnerabilities. ### Internal Attack Surface Management (IASM) This attack surface management solution focuses on managing risks within an organization's internal network. Issues addressed with internal attack surface management solutions include unauthorized access, privilege misappropriation, and service disruptions. IASM aims to reduce the risk of threats originating from within an organization. ### Cyber Asset Attack Surface Management (CAASM) CAASM centers around the comprehensive visibility of asset inventory, both internal and external. Essentially, CAASM combines the capabilities of IASM and EASM to provide a holistic view of an organization's digital footprint, including endpoints, servers, devices, and applications. Data is gathered from internal sources like asset discovery, IT asset management, [endpoint security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security?ts=markdown), vulnerability management, and patch management tools. External sources, such as ticketing systems, also provide data via API integrations. CAASM identifies vulnerabilities and gaps in security controls. ### Open Source Attack Surface Management (OSASM) This specialty area addresses a growing concern of CISOs---risks associated with open-source components, which can include issues related to maintenance, licensing, and dependencies. These tools help identify exposed assets, detect vulnerabilities, and monitor for changes that could increase risk for solutions that have open-source components. ## Categories of Attack Surfaces Understanding the different categories of attack surfaces ensures that cybersecurity measures adhere to acceptable security ratings. To do this, specific strategies and tools are required to protect the entire attack surface. Security teams must consider three categories of attack surfaces when using attack service management solutions. ### Physical Attack Surface The physical attack surface includes any physical access points into an organization's IT infrastructure. Examples of physical attack surfaces include: * Discarded hardware---devices that contain user data or login credentials * Endpoint devices---desktop systems, laptops, mobile devices, and USB ports * Environmental controls---temperature and humidity controls; systems for air filtration systems, fire suppression, and water detection systems; redundant power supplies; and physical security measures, such as surveillance cameras, controlled access, and security personnel * Network infrastructure---servers, ports, wiring, network cables, and data centers * Physical security breaches---unauthorized personnel gaining access to secure locations or passwords being physically stolen or copied when passwords are written on physical materials (e.g., notepad, whiteboard, or sticky note) ### Human Attack Surface The behaviors and interactions of any person with access to an organization's systems, applications, or data can be considered a vulnerability or risk. Managing the human attack surface involves educating and training employees, implementing strong security policies, and fostering a culture of cybersecurity awareness to minimize the risk of human-related vulnerabilities. The human attack surface includes these members whom cyber attackers can exploit in the following ways: * Social Engineering: Techniques like phishing, pretexting, and baiting that manipulate individuals into divulging sensitive information or performing actions that compromise security. * Insider Threats: Risks posed by employees, contractors, or other insiders who intentionally or unintentionally cause harm to the organization's security, such as leaking information or mishandling [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown). * Human Errors: Mistakes made by employees, such as misconfiguring systems, using weak passwords, or falling for phishing scams, that can lead to security breaches. * Training and Awareness Gaps: Lack of proper cybersecurity training and awareness among staff, making them more susceptible to cyber threats and less likely to follow security protocols effectively. ### Digital Attack Surface The digital attack surface, considered the broadest, comprises all cyber assets, such as software, hardware, and cloud-based resources, that are internet-facing. Subcategories of the digital attack surface are: * Cloud attack surface---vulnerabilities in cloud configurations, APIs, storage, services (e.g., [IaaS](https://www.paloaltonetworks.com/cyberpedia/what-is-infrastructure-as-a-service?ts=markdown), [PaaS](https://www.paloaltonetworks.com/cyberpedia/what-is-pass?ts=markdown), and [SaaS](https://www.paloaltonetworks.com/cyberpedia/what-is-saas?ts=markdown)), [containers](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container?ts=markdown), and [microservices](https://www.paloaltonetworks.com/cyberpedia/what-are-microservices?ts=markdown) * External attack surface---an internet-facing asset that is externally visible and accessible, such as public websites and web services * Internal attack surface---vulnerabilities within an organization's internal network, including applications, user privileges, and data storage * Network attack surface---all points of interaction with an organization's network, such as routers, firewalls, and network protocols * Software attack surface---vulnerabilities within software applications, such as software bugs, insufficient input validation, and insecure APIs ## The 5 Primary Roles of ASM Attack surface management proactively plays five primary roles in supporting an organization's overall security posture. Attack surface management solutions continuously poke and probe, just like an attacker would. The result is real-time insights that help security teams proactively remediate attack vectors that could be used for a cyber attack, such as [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) or ransomware attacks. ### Continuous Asset Discovery An attack surface management solution adopts the perspective of an attacker. This approach focuses on identifying all digital assets and their associated cyber risk. Continuous asset discovery ensures that security teams know an organization's attack surface. The asset discovery process involves systematically scanning and cataloging every asset connected to the organization's network. This includes discovering on-premise systems like servers and workstations and cloud-based assets such as instances and storage buckets, web applications, IoT devices, and any third-party services integrated into the organization's ecosystem. Asset discovery maintains a comprehensive, up-to-date inventory that includes not only known and managed assets but also unknown assets and potentially unauthorized (i.e., shadow IT) assets, whether on-premise, cloud-based, or hosted by a third party. ### Risk Assessment With attack surface management, the asset inventory (i.e., on-site or off-site) is analyzed. Context is provided for each asset's vulnerability and potential severity impact. This contextual data includes risk scoring and security ratings for identified vulnerabilities based on usage, ownership, location, and network connections. ### Prioritization Based on the risk assessment, security teams can prioritize responses. Attack surface management evaluates and ranks vulnerabilities based on their potential impact and likelihood of exploitation. This process starts with analyzing the vulnerabilities identified during the asset testing phase. Each vulnerability is assessed for its severity, the criticality of the affected asset, and the potential consequences of exploitation, such as data breaches or system downtime. Factors like the complexity of the remediation and compliance requirements are also considered. This prioritization enables a fine-grained, data-driven remediation approach that sees the optimal balance between severity, incident likelihood, difficulty, and available resources. ### Remediation When a potential threat is detected, an attack management solution can be set to automate immediate remediation steps for high-risk threats. Prioritization analysis dictates the timing of responses to other threats to the asset inventory. These can include anything from steps to prevent unpatched vulnerabilities from being exploited by keeping systems and software up to date to preparing incident response plans to expedite future remediation. ### Continuous Monitoring An organization's attack surface requires continuous monitoring and testing due to the dynamic nature of IT environments where new tools and users are constantly added, and threat actors change and evolve attack vectors. Continuous monitoring makes proactive security possible by regularly scanning and analyzing the entire network. It includes every endpoint, cloud service, web application, and other internet-facing asset to detect new devices, software updates, and configuration changes, identifying potential vulnerabilities as they arise. This real time surveillance provides security teams with valuable threat intelligence that helps them promptly identify potential vulnerabilities caused by new assets being added, unauthorized changes, or signs of compromise. ## Important Functions of Attack Surface Management In addition to the primary roles of attack surface management, ASM encompasses a number of other core functions. These work in concert to provide a comprehensive view of cyber risk and enable a proactive approach to managing and securing an organization's asset inventory against attack vectors exploitable by threat actors. ### Addressing Misconfigurations Attack surface management systematically scans and analyzes an organization's asset inventory to identify misconfigured networks, servers, applications, and cloud services. Scans and analysis include checking for improper security settings, default credentials, unnecessary open ports, and incorrectly set permissions. Once identified, these misconfigurations are reported for remediation. Attack surface management also supports implementing best practices and guidelines for configurations to prevent such issues from arising in the future. ### Testing Assets In attack surface management, identified assets are rigorously tested for vulnerabilities on an ongoing basis. This process involves various tools and techniques, such as [vulnerability scanners](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning?ts=markdown), penetration testing, and security audits. The objective is to assess assets' resilience against potential cyber threats by uncovering attack vectors like software bugs, misconfigurations, outdated systems, and insecure APIs. The test results provide insights into each asset's security posture to facilitate remediation prioritization. Regularly testing assets ensures an organization can proactively address security gaps and adapt to emerging threats. ### Providing Asset Inventory Context Contextualization takes ASM's asset identification a step further, providing details about how, where, and by whom these assets are used, along with their connectivity to other systems. This insight allows security teams to deploy targeted security measures based on the role and importance of assets within the organization. Examples of ASM contextualization are identifying a server as a publicly facing web server or a database that stores sensitive data, such as [protected health information (PHI)](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi?ts=markdown), that requires heightened security to meet [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown) compliance requirements. ### Vulnerability Management The [vulnerability management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) component of attack surface management covers systematic processes that continuously identify, classify, remediate, and mitigate vulnerabilities within an organization's digital assets. This involves continuously scanning and assessing the network, applications, and systems to identify security weaknesses. Each vulnerability is evaluated for its severity, potential impact, and susceptibility to exploit. This assessment helps prioritize which vulnerabilities require immediate attention and which can be scheduled for later remediation. ## Types and Roles of Attack Surface Management FAQs ### Why is attack surface management critical? Attack surface management is essential and gives security teams insights with supporting data to help them maintain a proactive security posture. This means that they can better identify and neutralize threat actors quickly, with targeted responses to a cyber attack, whether it is a known, evolving, or zero-day attack. ### What is the difference between internal and external attack surface management? While these both protect against threats, they focus on different parts of the attack surface. Internal attack surface management (IASM) identifies vulnerabilities within an organization's internal network, including servers, databases, and user devices. It detects vulnerabilities, such as misconfigurations, unpatched software, or rogue devices that could be exploited by an insider threat or a threat actor who has gained unauthorized access. External attack surface management (EASM) monitors an organization's public-facing digital presence, such as websites, cloud services, or exposed APIs. ### What does attack surface management mean to CISOs? Attack surface management is strategically crucial to CISOs because it gives them a comprehensive understanding of their organization's cybersecurity posture. The details ASM gives about the entire asset inventory, including those previously unknown or unaccounted for, help CISOs prioritize resources and budgets to most effectively handle vulnerability remediation. ASM's insights and control allow CISOs to safeguard their organizations proactively, align security strategies with business objectives, and build resilience against cyberattacks. Related content [What is the Attack Surface Management Lifecycle? The attack surface management lifecycle facilitates more aggressive tactics that seek out vulnerabilities on the digital attack surface to enhance the overall security posture.](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle?ts=markdown) [Cortex Xpanse Cortex Xpanse is an advanced attack surface management solution that proactively finds and fixes exposures on your internet-connected assets before attackers can exploit them.](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) [Expander for Cortex Xpanse Actively Discover and Automatically Respond to Your Unmanaged IT Infrastructure Risks---Without Manual Work](https://www.paloaltonetworks.com/engage/attack-surface-management/cortex-xpanse-datasheet-expander) \[ASM Buyer's Toolkit Learn * WHY ASM is essential in a complex digital world * HOW a strong ASM platform makes all the difference * WHO has strong capabilities according to ind...\](https://www.paloaltonetworks.com/resources/ebooks/sase-cio-ebook-driving-the-future-of-work-through-enterprise-wide-sase?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Are%20the%20Types%20and%20Roles%20of%20Attack%20Surface%20Management%20%28ASM%29%3F&body=Uncover%20the%20types%20and%20roles%20of%20attack%20surface%20management%20and%20their%20impact%20on%20an%20organization%27s%20security%20posture.%20Learn%20how%20to%20identify%2C%20prioritize%2C%20and%20mitigate%20vulnerabilities.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/exposure-management?ts=markdown) What Is Exposure Management? [Next](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management?ts=markdown) What Are Common Use Cases for Attack Surface Management? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language