[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [DSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) 4. [What Is Data Discovery?](https://www.paloaltonetworks.com/cyberpedia/data-discovery?ts=markdown) Table of Contents * [What is Data Security Posture Management? DSPM Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) * [DSPM Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-explained?ts=markdown) * [How DSPM Works](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#works?ts=markdown) * [The Importance of Data Security Posture Management](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-importance?ts=markdown) * [DSPM Capabilities](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-capabilities?ts=markdown) * [DSPM Vs. CSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-vs-cspm?ts=markdown) * [DSPM Use Cases](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-use-cases?ts=markdown) * [Data Security Posture Management Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-tools?ts=markdown) * [Data Security Posture Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#faq?ts=markdown) * [How DSPM Is Evolving: Key Trends to Watch](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends?ts=markdown) * [From Static Discovery to Dynamic Intelligence](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#static?ts=markdown) * [The Convergence of DSPM with Cloud-Native Security Architectures](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#native?ts=markdown) * [Real-Time Data Detection and Response](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#response?ts=markdown) * [AI Security and Generative AI Data Protection](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#protection?ts=markdown) * [Automation, Policy-as-Code, and DevSecOps Integration](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#automation?ts=markdown) * [DSPM Key Trends FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#faq?ts=markdown) * [DSPM Market Size: 2025 Guide](https://www.paloaltonetworks.com/cyberpedia/dspm-market?ts=markdown) * [DSPM Market Size and Financial Overview](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown) * [Growth Drivers Reshaping the DSPM Market](https://www.paloaltonetworks.com/cyberpedia/dspm-market#growth?ts=markdown) * [Market Segmentation and Adoption Patterns](https://www.paloaltonetworks.com/cyberpedia/dspm-market#market?ts=markdown) * [Palo Alto Networks DSPM Market Position](https://www.paloaltonetworks.com/cyberpedia/dspm-market#position?ts=markdown) * [DSPM Market Forecast Through 2030](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown) * [DSPM Market FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-market#faqs?ts=markdown) * [How DSPM Combats Toxic Combinations: Enabling Proactive Data-Centric Defense](https://www.paloaltonetworks.com/cyberpedia/dspm-defense?ts=markdown) * [What Are Toxic Combinations?](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#what?ts=markdown) * [The Role of Attack Path Analysis in Detection](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#role?ts=markdown) * [DSPM Capabilities for Toxic Combination Mitigation](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#dspm?ts=markdown) * [Aligning with Frameworks and Zero Trust](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#aligning?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#best?ts=markdown) * [How DSPM Combats Toxic Combinations FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#faqs?ts=markdown) * [What Is a Data Flow Diagram?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram?ts=markdown) * [Data Flow Diagram Explained](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#data?ts=markdown) * [What Symbols Are in Data Flow Diagrams?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#what?ts=markdown) * [What Are the Different Levels of DFDs?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#different?ts=markdown) * [What Are the Benefits of Using a Data Flow Diagram?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#benefits?ts=markdown) * [Data Flow FAQs](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#faqs?ts=markdown) * [What Is Data Exfiltration?](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown) * [Data Exfiltration Vs. Data Breach](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#data?ts=markdown) * [Risks of Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#risks?ts=markdown) * [Examples of Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#examples?ts=markdown) * [Data Exfiltration in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#public?ts=markdown) * [Data Exfiltration Warning Signs](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#warning?ts=markdown) * [Preventing Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#preventing?ts=markdown) * [Data Exfiltration FAQs](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#faqs?ts=markdown) * [What Is Data Movement?](https://www.paloaltonetworks.com/cyberpedia/data-movement?ts=markdown) * [Data Movement Explained](https://www.paloaltonetworks.com/cyberpedia/data-movement#explained?ts=markdown) * [Data Movement and Cloud Data Security](https://www.paloaltonetworks.com/cyberpedia/data-movement#data-security?ts=markdown) * [5 Types of Data Movement, With Examples](https://www.paloaltonetworks.com/cyberpedia/data-movement#types?ts=markdown) * [The Fragmented Landscape of Data Movement Tools](https://www.paloaltonetworks.com/cyberpedia/data-movement#tools?ts=markdown) * [Data Movements FAQs](https://www.paloaltonetworks.com/cyberpedia/data-movement#faqs?ts=markdown) * [What Is a Data Breach?](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) * [Data Breaches Explained](https://www.paloaltonetworks.com/cyberpedia/data-breach#data?ts=markdown) * [The Breach Lifecycle](https://www.paloaltonetworks.com/cyberpedia/data-breach#lifecycle?ts=markdown) * [Why Preventing Data Breaches Matter](https://www.paloaltonetworks.com/cyberpedia/data-breach#why?ts=markdown) * [Data Breach Reporting](https://www.paloaltonetworks.com/cyberpedia/data-breach#reporting?ts=markdown) * [How Do Data Breaches Happen?](https://www.paloaltonetworks.com/cyberpedia/data-breach#how?ts=markdown) * [The Prevalence of Data Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#prevalence?ts=markdown) * [Lessons from Headlining Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#lessons?ts=markdown) * [‍How to Prevent Data Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#prevent?ts=markdown) * [Data Breach FAQs](https://www.paloaltonetworks.com/cyberpedia/data-breach#faqs?ts=markdown) * [DSPM Tools: How to Evaluate and Select the Best Option](https://www.paloaltonetworks.com/cyberpedia/dspm-tools?ts=markdown) * [The Need for Data Security Posture Management (DSPM) Solutions](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#solutions?ts=markdown) * [The Key 7 Components of DSPM Tools](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#key?ts=markdown) * [How to Select the Right DSPM Solution](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#how?ts=markdown) * [Common Challenges in Implementing DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#common?ts=markdown) * [Data Security Posture Management FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#faqs?ts=markdown) * [How DSPM Enables XDR and SOAR for Automated, Data-Centric Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar?ts=markdown) * [Why Data Context Matters in Modern Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#why?ts=markdown) * [What DSPM Brings to XDR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#what?ts=markdown) * [How DSPM Powers SOAR Automation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#how?ts=markdown) * [The Synergy of DSPM, XDR, and SOAR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#synergy?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#best?ts=markdown) * [How DSPM Enables XDR and SOAR FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#faqs?ts=markdown) * [What Is Data Detection and Response (DDR)?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr?ts=markdown) * [Data Detection and Response Explained](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#data?ts=markdown) * [Why Is DDR Important?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#why?ts=markdown) * [Improving DSPM Solutions with Dynamic Monitoring](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#improving?ts=markdown) * [A Closer Look at Data Detection and Response (DDR)](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#ddr?ts=markdown) * [How DDR Solutions Work](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#how?ts=markdown) * [How Does DDR Fit into the Cloud Data Security Landscape?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#landscape?ts=markdown) * [Does the CISO Agenda Need an Additional Cybersecurity Tool?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#does?ts=markdown) * [Supporting Innovation Without Sacrificing Security](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#supporting?ts=markdown) * [DSPM and Data Detection and Response FAQs](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#faqs?ts=markdown) * [What Is Data-Centric Security?](https://www.paloaltonetworks.com/cyberpedia/data-centric-security?ts=markdown) * [Why a Data-Centric Security Strategy Matters](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#why?ts=markdown) * [When a Data Focus for Security Is Necessary](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#when?ts=markdown) * [Data-Centric Security FAQs](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#faqs?ts=markdown) * [What Is Unstructured Data?](https://www.paloaltonetworks.com/cyberpedia/unstructured-data?ts=markdown) * [Understanding Unstructured Data in the Cloud](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#understanding?ts=markdown) * [Unstructured Data and Challenges with Data Security](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#unstructured?ts=markdown) * [Key Aspects of Data Security for Unstructured Data](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#key?ts=markdown) * [Unstructured Data FAQs](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#faqs?ts=markdown) * [What Is Data Access Governance?](https://www.paloaltonetworks.com/cyberpedia/data-access-governance?ts=markdown) * [Data Access Governance Explained](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#data?ts=markdown) * [Data Access Governance in Compliance and Auditing](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#compliance?ts=markdown) * [Data Governance in Cloud Security](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#cloud-security?ts=markdown) * [Software Used for Data Access Governance](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#software?ts=markdown) * [Data Access Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#faqs?ts=markdown) * [DSPM for AI: Navigating Data and AI Compliance Regulations](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance?ts=markdown) * [How DSPM Secures Data Integrity and Enables Compliance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#how?ts=markdown) * [Navigating Global AI Compliance with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#navigating?ts=markdown) * [Securing the AI Lifecycle with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#lifecycle?ts=markdown) * [Integrating DSPM Across the Security Ecosystem](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#ecosystem?ts=markdown) * [The Future of DSPM: Business Value and Responsible AI](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#future?ts=markdown) * [DSPM for AI FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#faqs?ts=markdown) * What Is Data Discovery? * [How Data Discovery Works](https://www.paloaltonetworks.com/cyberpedia/data-discovery#how?ts=markdown) * [Data Discovery: The Key to Data Classification](https://www.paloaltonetworks.com/cyberpedia/data-discovery#data?ts=markdown) * [Benefits of Data Discovery](https://www.paloaltonetworks.com/cyberpedia/data-discovery#benefits?ts=markdown) * [Data Discovery FAQs](https://www.paloaltonetworks.com/cyberpedia/data-discovery#faqs?ts=markdown) * [What Is Structured Data?](https://www.paloaltonetworks.com/cyberpedia/structured-data?ts=markdown) * [Structured Data Explained](https://www.paloaltonetworks.com/cyberpedia/structured-data#structured?ts=markdown) * [Benefits of Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#benefits?ts=markdown) * [Challenges with Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#challenges?ts=markdown) * [Internal and External Sources of Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#internal?ts=markdown) * [Structured Data FAQs](https://www.paloaltonetworks.com/cyberpedia/structured-data#faqs?ts=markdown) * [What Is Shadow Data?](https://www.paloaltonetworks.com/cyberpedia/shadow-data?ts=markdown) * [Shadow Data Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-data#shadow?ts=markdown) * [The Dangers of Shadow Data](https://www.paloaltonetworks.com/cyberpedia/shadow-data#the?ts=markdown) * [Mitigating Shadow Data Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-data#mitigating?ts=markdown) * [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-data#faqs?ts=markdown) * [How DSPM Enables Continuous Compliance and Data Governance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance?ts=markdown) * [Why Traditional Compliance Approaches Fall Short](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#why?ts=markdown) * [DSPM as a Foundation for Continuous Compliance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#dspm?ts=markdown) * [Strengthening Data Governance with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#strengthening?ts=markdown) * [Regulatory Alignment and Business Enablement](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#regulatory?ts=markdown) * [Implementation Considerations and Best Practices](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#implementation?ts=markdown) * [DSPM for Continuous Compliance and Data Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#faqs?ts=markdown) * [What Is Data Classification?](https://www.paloaltonetworks.com/cyberpedia/data-classification?ts=markdown) * [Data Classification Explained](https://www.paloaltonetworks.com/cyberpedia/data-classification#data?ts=markdown) * [Why Data Classification Matters](https://www.paloaltonetworks.com/cyberpedia/data-classification#why?ts=markdown) * [Data Classification Levels](https://www.paloaltonetworks.com/cyberpedia/data-classification#levels?ts=markdown) * [Data Classification Use Cases](https://www.paloaltonetworks.com/cyberpedia/data-classification#usecases?ts=markdown) * [How Does Data Classification Improve Data Security?](https://www.paloaltonetworks.com/cyberpedia/data-classification#how?ts=markdown) * [Data Classification FAQs](https://www.paloaltonetworks.com/cyberpedia/data-classification#faqs?ts=markdown) * [DSPM Vs. CSPM: Key Differences and How to Choose](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm?ts=markdown) * [Understand the Fundamentals --- What Are CSPM and DSPM?](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#understand?ts=markdown) * [DSPM Vs. CSPM: What's the Difference?](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#difference?ts=markdown) * [Pros and Cons of Each Approach](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#pros-and-cons?ts=markdown) * [Use Cases: When to Use DSPM, CSPM, or Both](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#use-cases?ts=markdown) * [Choosing the Right Approach (or Integrating Both)](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#approach?ts=markdown) * [DSPM Vs. CSPM FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#faqs?ts=markdown) * [What Is Cloud Data Protection?](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection?ts=markdown) * [Why Companies Need Cloud Data Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#why?ts=markdown) * [How Companies Can Better Protect Their Data in Cloud Environments](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#how?ts=markdown) * [The Benefits of Cloud Data Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#benefits?ts=markdown) * [Cloud Data Protection FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#faqs?ts=markdown) # What Is Data Discovery? 5 min. read Table of Contents * * [How Data Discovery Works](https://www.paloaltonetworks.com/cyberpedia/data-discovery#how?ts=markdown) * [Data Discovery: The Key to Data Classification](https://www.paloaltonetworks.com/cyberpedia/data-discovery#data?ts=markdown) * [Benefits of Data Discovery](https://www.paloaltonetworks.com/cyberpedia/data-discovery#benefits?ts=markdown) * [Data Discovery FAQs](https://www.paloaltonetworks.com/cyberpedia/data-discovery#faqs?ts=markdown) 1. How Data Discovery Works * * [How Data Discovery Works](https://www.paloaltonetworks.com/cyberpedia/data-discovery#how?ts=markdown) * [Data Discovery: The Key to Data Classification](https://www.paloaltonetworks.com/cyberpedia/data-discovery#data?ts=markdown) * [Benefits of Data Discovery](https://www.paloaltonetworks.com/cyberpedia/data-discovery#benefits?ts=markdown) * [Data Discovery FAQs](https://www.paloaltonetworks.com/cyberpedia/data-discovery#faqs?ts=markdown) Data discovery is the process of identifying and exploring data within an organization to better understand the data's meaning and potential uses. The core processes of data discovery involve analyzing and visualizing data from various sources to identify patterns, trends, and relationships to gain insights and inform decision-making. As it pertains to [data security](https://www.paloaltonetworks.com/cyberpedia/what-is-data-security?ts=markdown) in the cloud, data discovery focuses on the identification, analysis, and understanding of data assets within an organization's cloud infrastructure. With the increasing complexity of application environments, data discovery becomes essential to maintaining security and compliance, as it helps organizations gain visibility into their data, uncovering its sources, storage locations, and usage patterns. Organizations can then make informed decisions when establishing proper [access controls](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown), enforce encryption, and ensure [compliance with data protection regulations](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown). ![Data discovery](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/data-discovery/data-discovery.jpg) **Figure 1**: Data discovery ## How Data Discovery Works Data discovery plays a pivotal role in enabling organizations to grasp the nuances of their expansive datasets. Though organizations frequently wrestle with data sprawl --- exacerbated by ceaseless data accumulation and an absence of visibility in their data repositories --- data discovery facilitates informed decision-making. The typical data discovery process leverages data profiling, exploration, and visualization methodologies. These techniques illuminate the data's structure, content, and quality, providing users with a fundamental understanding. Data discovery tools get consumed by data analysts, business analysts, and other stakeholders to explore data and uncover hidden insights. These tools can include data profiling software, visualization tools, and analytics platforms that allow them to analyze data in real time. As the [data flow](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram) is neverending, automated tooling helps keep organizations on top of the evolving landscape, adapting their security posture to address the change. Without automated tooling, the information gathered would become stale and ineffective, exposing the organization. [Shadow data](https://www.paloaltonetworks.com/cyberpedia/shadow-data) presents a significant concern in this context. Data discovery efforts help uncover these hidden repositories, typically residing outside the official channels and overlooked due to their obscured nature. The adoption of [microservices](https://www.paloaltonetworks.com/cyberpedia/what-are-microservices?ts=markdown) and the complex tapestry of multicloud frameworks exacerbate the challenge. ### Data Discovery in the Cloud In terms of cloud security, data discovery involves locating and examining data stored across various cloud platforms, including public, private, and hybrid clouds. Modern [data security posture management (DSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm) solutions automate this process by continuously scanning across all cloud providers, services, and data stores to discover sensitive data assets. It enables organizations to identify sensitive information, assess potential risks, and implement appropriate security controls. In addition to shadow data, data discovery helps uncover shadow IT resources, which may contain unprotected data or introduce vulnerabilities. Through continuous monitoring and data analysis, security teams can respond to emerging threats, adapt to changes in the threat landscape, and uphold regulatory compliance. ## Data Discovery: The Key to Data Classification Data discovery and [data classification](https://www.paloaltonetworks.com/cyberpedia/data-classification?ts=markdown) are closely intertwined processes, as both contribute to safeguarding data and ensuring [compliance with data protection regulations](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown) in cloud environments. By categorizing data based on its sensitivity and regulatory requirements, data classification allows organizations to determine the right security controls for each data asset. Data discovery facilitates classification by first locating and understanding the data. Organizations can then implement tailored security measures for each data category, ensuring that sensitive information is adequately protected. Additionally, data discovery and classification enable organizations to maintain a proactive security posture and achieve regulatory compliance in the cloud. By continuously monitoring and analyzing data, security teams can identify potential vulnerabilities, misconfigurations, or unauthorized access to sensitive data. Teams can then respond to emerging threats and adapt security controls as needed, ultimately ensuring the safety and integrity of their data. ## Benefits of Data Discovery Organizations are inundated with data from many sources, heightening the complexity of understanding and accurately classifying it. It's not merely about distinguishing between diverse data types. Organizations must grasp the intricacies of the data's origins, interrelationships, and associated risks. Every dataset --- from customer details and internal communications to proprietary algorithms --- necessitates security measures based on inherent risks and value. While correct classification is paramount to safeguarding sensitive data, the sheer volume and the evolving digital landscape amplify the challenges. The advent of remote work, multicloud strategies, and the proliferation of Internet of Things (IoT) devices further obscure the boundaries of data storage and transfer. Ensuring it has the appropriate protections is virtually impossible without understanding what data exists and its proper classification. ### Better Decision-Making Data discovery helps organizations make better, data-driven decisions by providing insights into their data. By uncovering patterns, trends, and relationships in the data, organizations can make informed decisions based on accurate and relevant information. ### Maintaining Compliance Data discovery helps identify various types of sensitive data controlled by legal or regulatory frameworks. The data may have stringent requirements for how it is protected and shared, with significant consequences if not handled properly. ### Improved Data Quality Data discovery can help identify data quality issues, such as missing or inconsistent data. By addressing these issues, organizations can improve the overall quality of their data, improving the accuracy of their decisions. ### Increased Efficiency Data discovery can help organizations save time and resources by quickly accessing the needed data, which eliminates the need for manual data exploration and analysis, saving time-consuming and reducing errors. ### Competitive Advantage Organizations that can effectively leverage their data through data discovery have a competitive advantage over those that don't. Organizations can stay ahead of the competition by using data to make informed decisions and identify opportunities. ### Reasons for Data Discovery Modern enterprises collect and process vast amounts of information while doing business. The data may originate from external parties such as vendors or customers, but it may also be generated throughout the course of operations. Organizations need a complete understanding of where their data resides and what is contained in it to avoid exposing themselves. * **Data classification**: Data discovery can help organizations classify their data based on sensitivity and criticality. Organizations can then apply appropriate security controls and comply with data protection regulations. * **Access control**: Data discovery can help organizations identify who has access to what data. Knowing this they can ensure that access is appropriate and in compliance with regulations. * **Privacy compliance** : Data discovery can help organizations identify personal data and ensure its protection aligns with privacy regulations such as GDPR, [CCPA](https://www.paloaltonetworks.com/cyberpedia/ccpa?ts=markdown), and [HIPAA](https://www.paloaltonetworks.com/cyberpedia/hipaa?ts=markdown). * **Threat detection**: Data discovery can help organizations identify potential security threats by monitoring data access and usage patterns, which helps organizations to detect and respond to security incidents before they cause significant damage. * **Audit and compliance reporting**: Data discovery can help organizations generate audit reports and compliance documentation to demonstrate compliance with regulations such as PCI-DSS, SOX, and FISMA. * **Data retention and disposal**: Data discovery can help organizations identify data that has exceeded its retention period and should be disposed of in compliance with regulations. ### Efficient Data Management Manual processes for data discovery and data analysis are only sufficient for the smallest of organizations. As organizations grow, the volume of data to locate and analyze rapidly outgrows what can be discovered through manual assessment. Automated data discovery solutions are necessary to analyze modern enterprises. Basic tools will be able to discover and analyze data in expected data storage locations such as databases and shared storage. Discovering all data organizations have stored in the cloud or [shadow IT](https://www.paloaltonetworks.com/cyberpedia/shadow-it?ts=markdown) requires more advanced tooling. Shadow IT encompasses all unknown systems and services that may be created temporarily to accomplish an IT goal but linger well beyond their intended purpose. These systems often house sensitive information yet are poorly maintained. Cloud resources are another challenge for automated tools, as many discovery tools are designed for on-premises. Advanced discovery tools can analyze all cloud providers used by an organization to discover the locations where data resides and classify it by what it contains, allowing teams to decide if it should remain in that location or if new security controls are required to protect it. ## Data Discovery FAQs ### What is access control for data? Access control for data refers to the process of defining and enforcing who can access specific data resources within an organization. It ensures that only authorized users have access to sensitive information, protecting it from unauthorized access, disclosure, modification, or destruction. Access control mechanisms include role-based access control (RBAC), attribute-based access control (ABAC), and mandatory access control (MAC). By implementing proper access control measures, organizations can maintain data security, protect intellectual property, and comply with data protection regulations. ### What is data sprawl? Data sprawl refers to the growing volumes of data produced by organizations and the difficulties this creates in data managing and monitoring. As organizations collect more data and increase the amount of storage systems and data formats, it can become difficult to understand which data is stored where. Lacking this understanding can lead to increased cloud costs, inefficient data operations, and data security risks as the organization loses track of where sensitive data is stored --- and consequently fails to apply adequate security measures. To mitigate the impact of data sprawl, automated data discovery and classification solutions can be used to scan repositories and classify sensitive data. Establishing policies to deal with data access permissions can also help. Data loss prevention (DLP) tools can detect and block sensitive data leaving the organizational perimeter, while data detection and response tools offer similar functionality in public cloud deployments. ### What is shadow data? Shadow data refers to information stored or processed outside of an organization's official IT systems, often unknown to IT or security teams. The data may be created by employees using unsanctioned applications, personal devices, or cloud services for work-related tasks. Shadow data poses significant security risks as it may contain sensitive information without proper protection or governance. Identifying and managing shadow data is crucial for maintaining data security, ensuring regulatory compliance, and mitigating potential data breaches. ### What is data inventory? A data inventory is a comprehensive record of an organization's data assets, including the types of data, their locations, and the processes involved in their collection, storage, and processing. Data inventory helps organizations understand the flow of data within their systems and identify potential security risks. By maintaining a data inventory, organizations can ensure compliance with data protection regulations, manage [data access controls](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown), and implement effective data governance practices. A data inventory should include information about data ownership, classification, retention periods, and the legal basis for processing. ### What is data mapping? Data mapping is the process of creating visual representations of the relationships and flows of data within an organization's systems and processes. It helps organizations understand how data is collected, stored, processed, and shared across different systems, applications, and third parties. Data mapping is essential for complying with data protection regulations, as it enables organizations to identify potential risks, maintain data accuracy, and respond effectively to data subject rights requests. By creating a data map, organizations can optimize data management processes, implement robust security measures, and enhance data governance. ### What is data at rest? Data at rest refers to data that is stored in a persistent state --- typically on a hard drive, a server, a database, or in blob storage. It's in contrast to data in motion, which is data that is actively being transmitted over an internal network or the internet. ### What is data in motion? Data in motion refers to data that is actively being transmitted or transferred over a network or through some other communication channel. This could include data being sent between devices, such as from a computer to a server or from a smartphone to a wireless router. It could also refer to data being transmitted over the internet or other networks, such as between local on-premises storage to a cloud database. Data in motion is distinct from data at rest, which is data that is stored in a persistent state. ### What is data in use? Data in use refers to data that is actively stored in computer memory, such as RAM, CPU caches, or CPU registers. It's not passively stored in a stable destination but moving through various systems, each of which could be vulnerable to attacks. Data in use can be a target for exfiltration attempts as it might contain sensitive information such as PCI or PII data. To protect data in use, organizations can use encryption techniques such as end-to-end encryption (E2EE) and hardware-based approaches such as confidential computing. On the policy level, organizations should implement user authentication and authorization controls, review user permissions, and monitor file events. [Data loss prevention (DLP)](https://www.paloaltonetworks.com/cyberpedia/what-is-data-loss-prevention-dlp?ts=markdown) can identify and alert security teams that data in use is being attacked. In public cloud deployments, this is better achieved through the use of data detection and response tools. ### What is data management? Data management refers to the optimal organization, storage, processing, and protection of data. This involves implementing best practices, such as data classification, [access control](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown), data quality assurance, and data lifecycle management, as well as leveraging automation, advanced analytics, and modern data management tools. Efficient data management enables organizations to quickly access and analyze relevant information, streamline decision-making, reduce operational costs, and maintain data security and compliance. ### What is a data lifecycle? The data lifecycle describes the stages involved in a data project --- from generating the data records to interpreting the results. While definitions vary, lifecycle stages typically include: * Data generation * Collection * Processing * Storage * Management * Analysis * Visualization * Interpretation Managing data governance, classification, and retention policies can all be seen as part of a broader data lifecycle management effort. ### What is data retention and disposal? Data retention and disposal involve defining and implementing policies for the storage, preservation, and deletion of data in accordance with legal, regulatory, and business requirements. Data retention policies specify how long data should be stored based on its type, purpose, and associated regulatory obligations. It ensures that data is securely deleted or destroyed when it reaches the end of its retention period or is no longer required. Proper data retention and disposal practices help organizations reduce the risk of data breaches and maintain compliance while minimizing storage costs. ### What is shadow IT? Shadow IT refers to the use of technology, applications, or services within an organization without the knowledge or approval of the IT or security departments. It can include the use of unauthorized cloud services, personal devices, or software applications for work-related tasks. Shadow IT poses significant risks to data security, compliance, and overall IT governance, as it often bypasses established security controls and policies. To mitigate these risks, organizations should implement monitoring and discovery tools, enforce strict access controls, and establish clear guidelines and policies for technology usage. ### What is compliance in data management? Compliance in data management involves adhering to legal, regulatory, and industry-specific requirements related to the collection, storage, processing, and transfer of data. Compliance measures include implementing security controls, data classification, access control, encryption, and regular audits. Key regulations that organizations may be required to comply with include: * General Data Protection Regulation (GDPR) * [California Consumer Privacy Act (CCPA)](https://www.paloaltonetworks.com/cyberpedia/ccpa?ts=markdown) * [Health Insurance Portability and Accountability Act (HIPAA)](https://www.paloaltonetworks.com/cyberpedia/hipaa?ts=markdown) * Payment Card Industry Data Security Standard (PCI DSS) ### What is threat detection in data management? Threat detection in data management involves identifying and analyzing potential security threats and anomalies within an organization's data infrastructure. By monitoring data access, usage patterns, and network traffic, security teams can detect malicious activities, unauthorized access, or data exfiltration attempts. Advanced techniques, such as machine learning and artificial intelligence, can be employed to automate threat detection, allowing for real-time analysis and response. Implementing robust threat detection mechanisms helps organizations protect [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown), mitigate [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown), and maintain regulatory compliance. ### What is audit reporting for data compliance? Audit reporting for data compliance refers to the process of documenting and presenting evidence of an organization's adherence to data protection regulations, industry standards, and internal policies. These reports are typically generated by internal or external auditors and include assessments of data management processes, security controls, access permissions, and data handling practices. Related Content [DSPM: Do You Need It? Discover five predominant approaches to data security, along with use cases and applications for each data security approach.](https://www.paloaltonetworks.com/resources/datasheets/why-dspm?ts=markdown) [Protecting Data and AI in 2024: What CISOs Need to Know Join data security experts to find out how the latest advancements in data security can help you discover, classify, protect and govern data in cloud environments.](https://start.paloaltonetworks.com/PrismaCloud-DSPM-on-demand-Webinar-Protecting-Data-and-AI-in-2024-What-CISOs-Need-to-Know.html) [Securing the Data Landscape with DSPM and DDR Stay ahead of the data security risks. Learn how data security posture management (DSPM) with data detection and response (DDR) fills the security gaps to strengthen your security ...](https://www.paloaltonetworks.com/resources/guides/dspm-ddr-big-guide?ts=markdown) [The Buyer's Guide to DSPM and DDR Learn what to look for in a cloud data security provider and how DSPM and DDR can significantly enhance your organization's security posture.](https://www.paloaltonetworks.com/resources/guides/data-centric-dspm-ddr-buyers-guide?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Data%20Discovery%3F&body=Data%20discovery%20is%20essential%20in%20the%20era%20of%20big%20data.%20Use%20data%20discovery%20tools%20and%20techniques%20for%20sensitive%20data%20security%2C%20compliance%2C%20and%20decision-making.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/data-discovery) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance?ts=markdown) DSPM for AI: Navigating Data and AI Compliance Regulations [Next](https://www.paloaltonetworks.com/cyberpedia/structured-data?ts=markdown) What Is Structured Data? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language