[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-security-solution?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [API Security](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1?ts=markdown) 4. [What Is Broken Object Level Authorization?](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1?ts=markdown) Table of Contents * What Is Broken Object Level Authorization? * [API1:2023 - Broken Object Level Authorization Explained](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#explained?ts=markdown) * [Understanding Object-Level Authorization in API Security](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#understanding?ts=markdown) * [How Broken Object Level Authorization Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#how?ts=markdown) * [The Business Impact of Broken Object Level Authorization](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#business?ts=markdown) * [Identifying Broken Object Level Authorization in Your APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#apis?ts=markdown) * [Preventing Broken Object Level Authorization: Best Practices](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#preventing?ts=markdown) * [Broken Object Level Authorization FAQs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#faqs?ts=markdown) * [What is Security Misconfiguration?](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8?ts=markdown) * [API8:2023 - Security Misconfiguration Explained](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8#explained?ts=markdown) * [Understanding Security Misconfiguration in API Security](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8#understanding?ts=markdown) * [How Security Misconfiguration Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8#how?ts=markdown) * [The Business Impact of Security Misconfiguration](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8#business?ts=markdown) * [Identifying Security Misconfiguration in Your APIs](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8#identifying?ts=markdown) * [Preventing Security Misconfiguration: Best Practices](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8#preventing?ts=markdown) * [Security Misconfiguration FAQs](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8#faqs?ts=markdown) * [What Is API Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security?ts=markdown) * [API Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#api?ts=markdown) * [Definition of an API](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#definition?ts=markdown) * [Why API Security Is Important](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#why?ts=markdown) * [Traditional Approach to Web Application Security](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#traditional?ts=markdown) * [Anatomy of an API Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#anatomy?ts=markdown) * [API Security Risks](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#risks?ts=markdown) * [API Security for SOAP, REST and GraphQL](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#graphql?ts=markdown) * [API Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#best?ts=markdown) * [Cortex Cloud's API Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#prisma?ts=markdown) * [API Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#faqs?ts=markdown) * [What Is API Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/api-endpoint-security?ts=markdown) * [Threats Targeting Endpoints](https://www.paloaltonetworks.com/cyberpedia/api-endpoint-security#threats?ts=markdown) * [How to Secure API Endpoints](https://www.paloaltonetworks.com/cyberpedia/api-endpoint-security#secure?ts=markdown) * [Endpoint Protection Strategies](https://www.paloaltonetworks.com/cyberpedia/api-endpoint-security#endpoint?ts=markdown) * [Building Endpoint-Aware API Security Programs](https://www.paloaltonetworks.com/cyberpedia/api-endpoint-security#programs?ts=markdown) * [API Endpoint Security FAQs](https://www.paloaltonetworks.com/cyberpedia/api-endpoint-security#faqs?ts=markdown) * [What Is Unrestricted Resource Consumption?](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption?ts=markdown) * [API4:2023 - Unrestricted Resource Consumption Explained](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption#api4?ts=markdown) * [Understanding Unrestricted Resource Consumption in API Security](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption#understanding?ts=markdown) * [How Unrestricted Resource Consumption Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption#how?ts=markdown) * [The Business Impact of Unrestricted Resource Consumption](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption#consumption?ts=markdown) * [Identifying Unrestricted Resource Consumption in Your APIs](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption#identifying?ts=markdown) * [Preventing Unrestricted Resource Consumption: Best Practices](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption#preventing?ts=markdown) * [Unrestricted Resource Consumption FAQs](https://www.paloaltonetworks.com/cyberpedia/unrestricted-resource-consumption#faqs?ts=markdown) * [API Security Monitoring](https://www.paloaltonetworks.com/cyberpedia/api-security-monitoring?ts=markdown) * [What to Monitor: Traffic, Sessions, Anomalies, Threats](https://www.paloaltonetworks.com/cyberpedia/api-security-monitoring#monitor?ts=markdown) * [Services and Tools for Monitoring APIs](https://www.paloaltonetworks.com/cyberpedia/api-security-monitoring#services?ts=markdown) * [Response Mechanisms: Threat Detection, Response, Remediation for APIs](https://www.paloaltonetworks.com/cyberpedia/api-security-monitoring#response?ts=markdown) * [Ensuring the Best API Security Posture with Monitoring and Continuous Improvement](https://www.paloaltonetworks.com/cyberpedia/api-security-monitoring#ensuring?ts=markdown) * [Building a Monitoring-Driven API Security Lifecycle](https://www.paloaltonetworks.com/cyberpedia/api-security-monitoring#building?ts=markdown) * [API Security Monitoring FAQs](https://www.paloaltonetworks.com/cyberpedia/api-security-monitoring#faqs?ts=markdown) * [What Is Broken Function Level Authorization?](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization?ts=markdown) * [API5:2023 - Broken Function Level Authorization Explained](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization#broken?ts=markdown) * [Understanding Broken Function Level Authorization in API Security](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization#understanding?ts=markdown) * [How Broken Function Level Authorization Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization#how?ts=markdown) * [The Business Impact of Broken Function Level Authorization](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization#business?ts=markdown) * [Identifying Broken Function Level Authorization in Your APIs](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization#identifying?ts=markdown) * [Preventing Broken Function Level Authorization: Best Practices](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization#preventing?ts=markdown) * [Broken Function Level Authorization FAQs](https://www.paloaltonetworks.com/cyberpedia/broken-function-level-authorization#faqs?ts=markdown) * [What Is Unrestricted Access to Sensitive Business Flows?](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows?ts=markdown) * [API6:2023 - Unrestricted Access to Sensitive Business Flows Explained](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows#explained?ts=markdown) * [Understanding Unrestricted Access to Sensitive Business Flows in API Security](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows#understanding?ts=markdown) * [How Unrestricted Access to Sensitive Business Flows Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows#how?ts=markdown) * [The Business Impact of Unrestricted Access to Sensitive Business Flows](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows#flows?ts=markdown) * [Identifying Unrestricted Access to Sensitive Business Flows in Your APIs](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows#identifying?ts=markdown) * [Preventing Unrestricted Access to Sensitive Business Flows: Best Practices](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows#preventing?ts=markdown) * [Unrestricted Access to Sensitive Business Flows FAQs](https://www.paloaltonetworks.com/cyberpedia/unrestricted-access-sensitive-business-flows#faqs?ts=markdown) * [What Is Broken Object Property Level Authorization?](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization?ts=markdown) * [API3:2023 - Broken Object Property Level Authorization Explained](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization#explained?ts=markdown) * [Understanding Broken Object Property Level Authorization](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization#understanding?ts=markdown) * [How Broken Object Property Level Authorization Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization#how?ts=markdown) * [The Business Impact of Broken Object Property Level Authorization](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization#business?ts=markdown) * [Identifying Broken Object Property Level Authorization in Your APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization#identifying?ts=markdown) * [Preventing Broken Object Property Level Authorization: Best Practices](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization#preventing?ts=markdown) * [Broken Object Property Level Authorization FAQs](https://www.paloaltonetworks.com/cyberpedia/broken-object-property-level-authorization#faqs?ts=markdown) * [Cloud API Security: Strategy for the DevOps Era](https://www.paloaltonetworks.com/cyberpedia/cloud-api-security-strategy?ts=markdown) * [The Role of API Keys and Secrets in Cloud APIs --- Risks and Misuses](https://www.paloaltonetworks.com/cyberpedia/cloud-api-security-strategy#role?ts=markdown) * [The Gateway Layer in Cloud APIs: Why a Web API Security Gateway Is Critical](https://www.paloaltonetworks.com/cyberpedia/cloud-api-security-strategy#gateway?ts=markdown) * [Monitoring and Protecting APIs in Real Time in Cloud/DevOps Contexts](https://www.paloaltonetworks.com/cyberpedia/cloud-api-security-strategy#monitoring?ts=markdown) * [Strategy Checklist: Best Practices for Cloud API Security in DevOps](https://www.paloaltonetworks.com/cyberpedia/cloud-api-security-strategy#strategy?ts=markdown) * [Conclusion: Bridging DevOps Velocity with Secure API Posture](https://www.paloaltonetworks.com/cyberpedia/cloud-api-security-strategy#conclusion?ts=markdown) * [Cloud API Security FAQs](https://www.paloaltonetworks.com/cyberpedia/cloud-api-security-strategy#faqs?ts=markdown) * [API Security Checklist for Modern Application Teams](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist?ts=markdown) * [Discover and Classify All APIs](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist#discover?ts=markdown) * [Apply Core API Security Controls](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist#apply?ts=markdown) * [Protect API Data at Every Layer](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist#protect?ts=markdown) * [Secure API Endpoints and Runtime Behavior](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist#secure?ts=markdown) * [Continuously Monitor, Test, and Improve](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist#monitor?ts=markdown) * [Building Resilience Through Systematic Execution](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist#resilience?ts=markdown) * [API Security Checklist FAQs](https://www.paloaltonetworks.com/cyberpedia/api-security-checklist#faqs?ts=markdown) * [What Is Broken Authentication?](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2?ts=markdown) * [API2:2023 - Broken Authentication Explained](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2#API2-2023?ts=markdown) * [Understanding Broken Authentication in API Security](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2#understanding?ts=markdown) * [How Broken Authentication Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2#broken?ts=markdown) * [The Business Impact of Broken Authentication](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2#business?ts=markdown) * [Identifying Broken Authentication in Your APIs](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2#identifying?ts=markdown) * [Preventing Broken Authentication: Best Practices](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2#preventing?ts=markdown) * [Broken Authentication FAQs](https://www.paloaltonetworks.com/cyberpedia/broken-authentication-api2#faqs?ts=markdown) # What Is Broken Object Level Authorization? 3 min. read Table of Contents * * [API1:2023 - Broken Object Level Authorization Explained](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#explained?ts=markdown) * [Understanding Object-Level Authorization in API Security](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#understanding?ts=markdown) * [How Broken Object Level Authorization Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#how?ts=markdown) * [The Business Impact of Broken Object Level Authorization](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#business?ts=markdown) * [Identifying Broken Object Level Authorization in Your APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#apis?ts=markdown) * [Preventing Broken Object Level Authorization: Best Practices](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#preventing?ts=markdown) * [Broken Object Level Authorization FAQs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#faqs?ts=markdown) 1. API1:2023 - Broken Object Level Authorization Explained * * [API1:2023 - Broken Object Level Authorization Explained](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#explained?ts=markdown) * [Understanding Object-Level Authorization in API Security](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#understanding?ts=markdown) * [How Broken Object Level Authorization Manifests in Real-World APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#how?ts=markdown) * [The Business Impact of Broken Object Level Authorization](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#business?ts=markdown) * [Identifying Broken Object Level Authorization in Your APIs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#apis?ts=markdown) * [Preventing Broken Object Level Authorization: Best Practices](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#preventing?ts=markdown) * [Broken Object Level Authorization FAQs](https://www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1#faqs?ts=markdown) Broken object level authorization ranks as the top API security vulnerability by OWASP. Attackers exploit BOLA by manipulating object identifiers in API requests to access data belonging to other users or organizations. The vulnerability stems from authorization checks that validate function access but fail to verify permissions at the object level. ## API1:2023 - Broken Object Level Authorization Explained Broken object-level authorization represents a fundamental failure in [access control](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) where an API grants users access to data objects they shouldn't reach. OWASP ranks broken object-level authorization (BOLA) as the number one [API security](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security?ts=markdown) risk because attackers exploit it with devastating ease and frequency across cloud environments. ### The Core Authorization Failure Authorization mechanisms exist at two distinct levels within API architectures. 1. Function-level authorization determines whether a user can access an API endpoint or invoke a specific operation. 2. Object-level authorization validates whether a user has permission to interact with a particular data object once they've accessed the function. BOLA vulnerabilities emerge when developers implement the first layer but neglect the second. An authenticated user reaches an API endpoint designed for legitimate use. The API verifies the user's identity and grants access to the function. Yet the API fails to verify whether the user should access the specific object referenced by the request parameter. Modern API architectures exacerbate this vulnerability through their reliance on direct object references. RESTful design patterns encourage developers to expose resource identifiers in URLs, path parameters, and request bodies. Each GET /api/users/{userId} or DELETE /api/documents/{docId} creates an attack surface where manipulating the ID parameter grants unauthorized access. ### BOLA Distinguished from Related Vulnerabilities Function-level authorization failures represent a different attack vector altogether. Broken function-level authorization (BFLA) occurs when an attacker accesses an API endpoint they shouldn't reach at all. A standard user invoking an administrative function exemplifies BFLA. BOLA assumes the user legitimately accesses the function but manipulates object references to reach unauthorized data. The distinction matters operationally. BFLA requires privilege escalation at the endpoint level. BOLA requires only parameter manipulation within authorized endpoints. Attackers don't need elevated credentials or sophisticated exploitation techniques. They enumerate IDs and modify request parameters. ### The Inadequacy of Session-Based Checks Many development teams implement a partial solution that compares the user ID from the session token against the requested object ID. JWT tokens contain user identifiers, making this check straightforward to implement. Yet comparing session user IDs against requested object IDs addresses only direct user-to-user attacks. Real authorization models operate with greater complexity. Users belong to organizations, teams, and projects with hierarchical permissions. Documents have owners and collaborators with varying access levels. A user might legitimately access objects owned by colleagues, shared resources within their organization, or data associated with multiple accounts they manage. The vulnerable parameter rarely represents another user's identifier. More commonly, it references a document, transaction, vehicle, medical record, or infrastructure resource. Proper object-level authorization requires checking the user's permissions against the specific object's access control list, ownership metadata, or organizational hierarchy. Session ID comparison fails to enforce these nuanced authorization rules. ## Understanding Object-Level Authorization in API Security Authorization operates independently from authentication in API security architectures. Authentication verifies identity through credentials, tokens, or certificates. Authorization determines what authenticated identities can access. Most BOLA vulnerabilities stem from organizations conflating these distinct security controls. ### Access Control Models in API Architectures Role-based access control (RBAC) assigns permissions to user roles rather than individual identities. A user with an "editor" role gains access to editing functions across multiple resources. RBAC solves function-level authorization efficiently but struggles with object-level granularity. The editor role grants permission to edit documents, yet RBAC alone won't determine which specific documents the user may modify. Attribute-based access control (ABAC) evaluates permissions through attributes of the user, resource, and environment. ABAC policies check whether the user's department matches the document's department, whether the request originates from an approved network, or whether the current time falls within allowed access hours. [Cloud-native applications](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-native?ts=markdown) increasingly adopt ABAC for its flexibility in distributed environments. Relationship-based access control (ReBAC) models permissions through connections between entities. The user owns the resource, belongs to the resource's organization, or has been explicitly granted access by the owner. Social platforms and collaborative tools rely heavily on ReBAC because their authorization logic centers on entity relationships rather than static roles. ### REST and GraphQL Authorization Patterns RESTful APIs expose authorization complexity through their resource-oriented design. Each endpoint represents a resource type, and path parameters identify specific instances. [DevOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devops?ts=markdown) must implement authorization checks within each handler function, validating the authenticated user's permissions against the requested resource identifier. GraphQL compounds the authorization challenge through its flexible query structure. A single GraphQL query can request dozens of related objects across multiple resource types. Authorization must execute at the field resolver level rather than the endpoint level. Each resolver function needs its own authorization logic to validate access to the specific object being resolved. Field-level authorization in GraphQL requires checking permissions for every node in the response graph. A query requesting a user's profile, their documents, and each document's comments demands authorization checks at three distinct levels. Skipping any resolver's authorization check creates a BOLA vulnerability. ### Token-Based Authorization Standards JWT tokens carry claims about the authenticated user but don't enforce authorization. The token proves identity and might include role information. Yet the API service bears responsibility for interpreting those claims and enforcing [access control](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) policies. OAuth 2.0 delegates authentication to identity providers while leaving authorization logic to resource servers. OAuth scopes grant coarse-grained permissions to API clients. A scope like "read:documents" permits document access but doesn't specify which documents. Resource servers must layer object-level authorization on top of scope validation. The scope proves the client has general permission to read documents. Object-level checks determine whether the client may access the specific requested document. ## How Broken Object Level Authorization Manifests in Real-World APIs Cloud-native applications expose BOLA vulnerabilities through predictable patterns that attackers exploit systematically across REST, GraphQL, and gRPC architectures. ### Multitenant SaaS Platform Enumeration A project management [SaaS platform](https://www.paloaltonetworks.com/cyberpedia/what-is-saas?ts=markdown) implements workspace isolation through organization IDs. Each API request includes an orgId parameter that determines which workspace's data the API returns. The authentication middleware validates the JWT token and extracts the user's identity. The authorization logic checks whether the user belongs to an organization, but fails to verify whether the requested orgId matches the user's actual organization membership. ``` python # Vulnerable implementation @app.route('/api/projects/ ' ) @require_auth def get_project(project_id): project = db.query(Project).filter(Project.id == project_id).first() return jsonify(project.to_dict()) ``` An attacker enumerates project IDs through sequential or UUID-based guessing. Each request returns project data from different organizations. The vulnerability grants horizontal privilege escalation across tenant boundaries. ``` python # Secure implementation @app.route('/api/projects/ ' ) @require_auth def get_project (project_id): user_org = current_user.organization_id project = db.query (Project).filter( Project.id == project_id, Project.organization_id == user_org ).first() if not project: return jsonify({'error': 'Not found'}), 404 return jsonify (project.to_dict()) ``` ### GraphQL Nested Query Exploitation A social platform exposes user profiles through GraphQL. The schema allows querying posts, comments, and private messages through nested resolvers. The top-level user query validates authorization, but nested resolvers fetch related objects without additional permission checks. ``` graphql query { user(id: "user123") { name privateMessages { id content sender {name} } } } ``` Attackers query arbitrary user IDs and receive private messages belonging to other users. Each resolver function must independently validate the authenticated user's access to the requested object. Relying on parent resolver authorization creates gaps in the security model. ### Mobile Banking API Parameter Tampering A banking application's mobile API implements transaction history retrieval through account numbers. The authentication layer verifies customer credentials. The API endpoint accepts an accountNumber parameter and returns transaction records. Developers assumed authenticated customers would only request their own account data. ``` http GET /api/v2/transactions?accountNumber=987654321 Authorization: Bearer eyJhbGci0iJIUZI1NiIs... ``` Attackers modify the accountNumber parameter and access transactions for accounts they don't own. Sequential account number schemes enable the complete enumeration of customer financial data. The API requires explicit validation that the authenticated customer owns or has authorized access to the requested account. ### gRPC Service Authorization Gaps A [microservices](https://www.paloaltonetworks.com/cyberpedia/what-are-microservices?ts=markdown) architecture uses gRPC for inter-service communication. The order service accepts order IDs through RPC methods. Service mesh authentication verifies the calling service identity but doesn't validate which customer's orders the calling service should access. An inventory service legitimately calls the order service but can query orders beyond its operational scope. Proper authorization requires passing the customer context through RPC metadata and validating that context against the requested order's customer association. Service-to-service authentication alone proves caller identity without enforcing data access boundaries. ## The Business Impact of Broken Object Level Authorization Authorization failures at the object level create cascading financial exposure that extends beyond immediate breach costs into long-term competitive and regulatory consequences. ### Regulatory Enforcement Actions European data protection authorities assess [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown) fines based on the severity of technical control failures. Authorization vulnerabilities demonstrate gross negligence in implementing Article 32 security requirements. Supervisory authorities calculate penalties using revenue multiples, making API authorization flaws particularly expensive for high-revenue SaaS platforms. Recent enforcement patterns show regulators treating authorization gaps as systemic control failures rather than isolated incidents. Healthcare APIs that expose patient records trigger mandatory breach notifications under [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown). The Department of Health and Human Services publishes breach details affecting 500 or more individuals on the "[Wall of Shame](https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf)" database. Each exposed record generates notification costs per patient across mail, call centers, and credit monitoring services. Payment processors lose their certification to handle card transactions when authorization flaws violate [PCI DSS](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown) standards. Requirement 6.5.8 mandates access control validation in all payment applications. Failed quarterly audits trigger immediate suspension of card processing capabilities. E-commerce platforms experience revenue cessation until remediation achieves compliance validation. ### Market Valuation Damage Public companies experience measurable stock price declines following breach disclosures linked to API vulnerabilities. Equity research analysts downgrade security posture ratings when authorization flaws indicate broader engineering quality issues. SaaS companies lose enterprise deals during security review processes when prospects discover historical BOLA incidents. Customer acquisition costs spike as marketing teams combat negative brand perception. Conversion rates drop following security incidents that expose customer data. Sales cycles extend as enterprise buyers demand additional security certifications and contractual protections. ### Competitive Intelligence Leakage Beyond customer data exposure, BOLA vulnerabilities leak business operations data that competitors weaponize. Attackers enumerate pricing tiers, feature configurations, and customer counts through administrative APIs. Product roadmaps become visible when internal project management tools lack proper authorization enforcement. Startups face existential threats when larger competitors extract strategic intelligence through systematic API enumeration. Supply chain partners lose trust when authorization failures expose shared operational data. Integration partners receive breach notifications revealing their customer data appeared in another company's security incident. B2B relationships dissolve when API vulnerabilities compromise confidential manufacturing specifications, inventory levels, or transaction volumes. BOLA vulnerabilities also enable attackers to map organizational structures through employee directory APIs. Recruiters target key personnel. Social engineering campaigns leverage accurate org charts. Nation-state actors build comprehensive intelligence profiles by correlating exposed internal communications and project assignments. ## Identifying Broken Object Level Authorization in Your APIs Detection requires systematic evaluation of authorization logic across every endpoint that accepts object identifiers as parameters. ### Code-Level Warning Signals Review API handlers that extract user identity from tokens but fail to validate relationships between authenticated users and requested resources. Query patterns that filter only by object ID without including user ownership or permission clauses indicate potential vulnerabilities. ``` python #Warning sign: Single-condition query order = db.query(Order).filter(Order.id == order_id).first() # Proper pattern: Multi-condition with ownership order = db.query(Order).filter( Order.id == order_id, Order.customer_id == current_user.id ).first() ``` GraphQL resolvers that access databases directly without authorization middleware deserve scrutiny. Field resolvers often bypass gateway-level security because developers assume parent resolvers handle permission checks. Each resolver function requires independent authorization validation. Object-relational mapping (ORM) relationships that automatically populate related objects create blind spots. Loading a user object that automatically includes their private messages through eager loading bypasses field-level authorization. Lazy loading with explicit authorization checks at each relationship traversal prevents unintended data exposure. ### Manual Testing Techniques Authentication bypass attempts represent the first testing phase. Valid credentials prove the tester can access the API legitimately. Parameter manipulation follows authentication. Replace object identifiers in requests with values belonging to other users or organizations. Sequential ID enumeration works when applications use predictable identifiers. Test /api/documents/1, /api/documents/2, /api/documents/3 to determine whether authorization checks block access to documents outside the authenticated user's scope. UUID-based identifiers require different tactics. Capture object IDs from legitimate responses and replay them in contexts where access should fail. Cross-tenant testing applies to multi-tenant architectures. Create accounts in two separate organizations. Use Account A's credentials to request resources associated with Account B's organization identifier. Successful responses indicate tenant isolation failures. ### Automated Detection Strategies Burp Suite extensions like Autorize automate authorization testing by replaying requests with different user contexts. Configure Autorize with credentials for a low-privilege user and a high-privilege user. The extension replays each request using both credential sets and flags responses that should fail but succeed. OWASP ZAP's access control testing scans modify object identifiers systematically. Configure authentication for multiple user roles. ZAP replays requests across user contexts and reports authorization discrepancies. API security platforms observe normal access patterns during authenticated sessions and test whether parameter modifications grant unauthorized access. Integration with [CI/CD pipelines](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown) catches authorization regressions before production deployment. ### Security Review Questions Development teams should answer: Where does the code validate that the authenticated user has permission to access the specific requested object? What happens when a valid user supplies an object ID belonging to someone else? Do database queries include both object ID and authorization predicates? ## Preventing Broken Object Level Authorization: Best Practices Effective BOLA prevention requires embedding authorization checks at the data access layer rather than relying on endpoint-level validation. ### Centralized Authorization Policy Enforcement Policy engines separate authorization logic from business logic, creating maintainable security architectures. Open Policy Agent provides declarative policy definition using Rego language. Applications query OPA with user context and requested resource identifiers. OPA evaluates policies and returns permit or deny decisions. Integrate OPA as middleware in API gateways or as libraries within application code. Policy definitions live in version-controlled repositories alongside application code. Security teams review policy changes through standard pull request workflows. Centralized policies prevent authorization logic drift across microservices. AWS Verified Permissions and Google Zanzibar offer managed authorization services for cloud-native applications. Define relationships between users, resources, and permissions through API calls. Query the authorization service before data access operations. Managed services handle policy evaluation, scaling, and consistency across distributed systems. ### Framework-Specific Implementation Patterns Spring Boot applications benefit from method-level security annotations combined with SpEL expressions. Apply @PreAuthorize annotations to service methods that accept resource identifiers. Expressions validate the authenticated principal's permissions against requested resources. ``` java @PreAuthorize ("@authService.canAccess Document (authentication, #docId)") public Document getDocument (Long docId) { return documentRepository.findById(docId); } ``` Django Rest Framework requires custom permission classes that override has\_object\_permission. DRF invokes permission checks after retrieving objects from querysets. Permission classes access both the authenticated user and the retrieved object to enforce authorization rules. Express.js applications need authorization middleware positioned after authentication middleware. Middleware functions query authorization services or evaluate inline policies before invoking route handlers. Pass authorization context through request objects to maintain user identity throughout the request lifecycle. ### Query-Level Authorization Predicates Object-relational mapping frameworks should incorporate authorization filters at query construction. SQLAlchemy query objects accept filter clauses that combine object identifiers with user ownership predicates. Construct queries that physically prevent unauthorized data retrieval rather than filtering results post-query. Row-Level Security in PostgreSQL enforces authorization at the database layer. Define RLS policies that evaluate session variables containing authenticated user identifiers. Database queries automatically include authorization predicates without application code changes. RLS provides defense-in-depth when application authorization logic fails. ### Indirect Object References Replace direct database identifiers with user-scoped tokens in API interfaces. Map tokens to actual database IDs within application logic after validating user permissions. Attackers who enumerate tokens gain no information about the underlying data structure or ID sequences. Generate cryptographically random tokens with sufficient entropy to prevent enumeration attacks. Store token-to-ID mappings in cache layers for performance. Expire tokens based on session lifetime to limit exposure windows. Indirect references complicate exploitation even when authorization checks contain bugs. ### Authorization Testing in CI/CD Integrate authorization tests into continuous integration pipelines. Write test cases that attempt cross-user and cross-tenant access using different credential sets. Failed authorization should return 404 rather than 403 to prevent information disclosure about object existence. Contract testing verifies authorization behavior across API versions. Define expected authorization failures in contract specifications. Automated tests catch regressions when refactoring changes the authorization logic inadvertently. ## Broken Object Level Authorization FAQs ### How do BOLA and broken function level authorization (BFLA) differ? BOLA and BFLA differ fundamentally in whether the failure involves a specific resource or a restricted action. * **BOLA (The What)**: The attacker targets data horizontal to their own. They have permission to use the function (e.g., "View Account"), but they provide a different ID to access a record they do not own. * **BFLA (The Who)**: The attacker targets privilege levels vertical to their own. They attempt to access a function they should not be able to reach at all (e.g., "Delete Account"). In a BOLA attack, the server correctly identifies the user's role but fails to verify their ownership of a specific data object. The attacker manipulates a resource ID---like an account number---to access a record that belongs to someone else at their same privilege level. The system grants access because it assumes that if a user can see one record, they can see any record. In contrast, BFLA involves a failure to restrict access to sensitive administrative or system functions. Here, the attacker moves vertically by invoking endpoints or HTTP methods reserved for higher-level roles, such as managers or administrators. The system fails because it checks if the user is logged in, but neglects to verify if that user's role permits them to execute the specific command or access the restricted path. BOLA essentially exposes unauthorized data, while BFLA exposes unauthorized capabilities. ### What is insecure direct object reference (IDOR)? Insecure Direct Object Reference occurs when applications expose internal implementation objects like database keys, file paths, or system identifiers directly in API parameters. Attackers modify these references to access unauthorized resources. IDOR represents the underlying pattern that enables BOLA exploitation, where predictable or enumerable identifiers allow systematic unauthorized access across an application's entire data set. ### What is horizontal privilege escalation? Horizontal privilege escalation enables attackers to access resources belonging to users at the same privilege level. Unlike vertical escalation where attackers gain administrative rights, horizontal attacks let regular users view other regular users' data. BOLA vulnerabilities primarily enable horizontal escalation, allowing one customer to access another customer's orders, documents, or account information within multi-tenant systems. ### What is a policy decision point (PDP)? Policy Decision Points evaluate authorization requests against defined security policies and return permit or deny decisions. PDPs separate authorization logic from application code, centralizing permission evaluation across distributed systems. Applications query the PDP with user context and resource identifiers. The PDP applies organizational policies, attribute rules, and relationship constraints to determine access permissions consistently. ### What is context-aware authorization? Context-aware authorization evaluates access permissions using environmental factors beyond user identity and resource ownership. Authorization decisions consider request origin, time of day, device type, network location, and behavioral patterns. Cloud applications implement context-aware controls to restrict API access from unexpected geographies, prevent access during maintenance windows, or require additional authentication when users exhibit anomalous behavior patterns. ### What is the confused deputy problem? The confused deputy problem occurs when a privileged component performs actions on behalf of less privileged users without validating whether those users should execute the requested operations. In APIs, service accounts with elevated permissions accept requests from authenticated users and execute database queries or system operations. The service validates caller authentication but fails to verify caller authorization for the specific requested action. ### What is capability-based security? Capability-based security grants access through unforgeable tokens that encapsulate both identity and permissions for specific operations. Capabilities combine authentication credentials with authorization rights into single-use or time-limited tokens. APIs issue capability tokens that permit access to particular resources rather than accepting arbitrary resource identifiers. Possession of a valid capability proves authorization, eliminating separate permission checks during resource access. Related Content [Secure Your Application Programming Interfaces (APIs) API security is critical for application protection. Gain complete visibility, protect against threats, and eliminate blind spots with our tipsheet.](https://www.paloaltonetworks.com/resources/datasheets/tip-sheet-secure-your-apis?ts=markdown) [Securing the API Attack Surface In partnership with the ESG research team, we surveyed IT, cybersecurity and application development professionals to uncover the latest trends in API security.](https://www.paloaltonetworks.com/resources/research/api-security-statistics-report?ts=markdown) [API Security API security involves real-time protection against OWASP Top 10 attacks, DoS, and bot attacks, including SQL injection and cross-site scripting.](https://www.paloaltonetworks.com/cortex/cloud/api-security?ts=markdown) [Web Application and API Security | WAAS Discover Cortex Cloud's WAAS module and automatically detect and protect your microservices-based web applications and APIs.](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Broken%20Object%20Level%20Authorization%3F&body=Broken%20Object%20Level%20Authorization%20is%20the%20%231%20API%20security%20risk.%20Learn%20how%20to%20detect%2C%20test%2C%20and%20prevent%20BOLA%20vulnerabilities%20in%20cloud-native%20applications%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/broken-object-level-authentication-api1) Back to Top [Next](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8?ts=markdown) What is Security Misconfiguration? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language