[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/cyber-security?ts=markdown) 3. [Data Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations?ts=markdown) 4. [What is the Difference between FISMA and FedRAMP?](https://www.paloaltonetworks.com/cyberpedia/difference-between-fisma-and-fedramp?ts=markdown) Table of contents * [What Is Cybersecurity Compliance?](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations?ts=markdown) * [Three Pillars of Cybersecurity Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#pillars?ts=markdown) * [Understanding Cybersecurity Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#understanding?ts=markdown) * [Key Security Compliance Frameworks and Regulations](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#key?ts=markdown) * [Building an Effective Cybersecurity Compliance Program](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#building?ts=markdown) * [The Future of Cybersecurity Compliance: AI and Emerging Trends](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#future?ts=markdown) * [Cybersecurity Compliance FAQs](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#faqs?ts=markdown) * [What Is Healthcare Cybersecurity?](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity?ts=markdown) * [Why Is Cybersecurity Important to Healthcare](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#important?ts=markdown) * [Elements of Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#elements?ts=markdown) * [HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#security?ts=markdown) * [Healthcare Data Breaches](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#breaches?ts=markdown) * [Healthcare Business Continuity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#business?ts=markdown) * [Protected Healthcare Information](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#healthcare?ts=markdown) * [Key Challenges in Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#challenges?ts=markdown) * [Healthcare Cybersecurity Strategies and Solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#strategies?ts=markdown) * [The Future of Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#future?ts=markdown) * [Healthcare Cybersecurity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#faqs?ts=markdown) * [What Is GDPR Compliance?](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown) * [What Is GDPR?](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#what?ts=markdown) * [GDPR \& Data Sovereignty](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#sovereignty?ts=markdown) * [Key Principles of the GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#key?ts=markdown) * [GDPR Requirements](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#gdpr?ts=markdown) * [GDPR FAQs](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#faqs?ts=markdown) * [What Is Personal Data?](https://www.paloaltonetworks.com/cyberpedia/personal-data?ts=markdown) * [Personal Data Explained](https://www.paloaltonetworks.com/cyberpedia/personal-data#personal?ts=markdown) * [Personal Data Across Various Legislations](https://www.paloaltonetworks.com/cyberpedia/personal-data#data?ts=markdown) * [Understanding Identifiability](https://www.paloaltonetworks.com/cyberpedia/personal-data#understanding?ts=markdown) * [Important Factors When Determining Personal Data](https://www.paloaltonetworks.com/cyberpedia/personal-data#important?ts=markdown) * [How Is Understanding Personal Data Beneficial?](https://www.paloaltonetworks.com/cyberpedia/personal-data#how?ts=markdown) * [Personal Data Security Tools](https://www.paloaltonetworks.com/cyberpedia/personal-data#tools?ts=markdown) * [Personal Data FAQs](https://www.paloaltonetworks.com/cyberpedia/personal-data#faqs?ts=markdown) * [What Is HIPAA?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown) * [Is Your Organization HIPAA Compliant?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#compliant?ts=markdown) * [Understanding HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#understanding?ts=markdown) * [What Is Protected Health Information (PHI)?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#protected?ts=markdown) * [HIPAA: Breach Notification](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#breach?ts=markdown) * [HIPAA Privacy Rule: The Standard of Minimum Necessary](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#privacy?ts=markdown) * [The Security Rule: Safeguarding Electronic Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#security?ts=markdown) * [OCR Audit Protocol](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#ocr?ts=markdown) * [HIPAA for Big Tech and Startups](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#big-tech?ts=markdown) * [HIPAA Compliance Tips for DevOps and AppSec Practitioners](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#devops?ts=markdown) * [HIPAA FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#faqs?ts=markdown) * [What Is Sensitive Data?](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) * [Sensitive Data Explained](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#sensitive?ts=markdown) * [Understanding the Types of Sensitive Data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#understanding?ts=markdown) * [Navigating the Landscape of Data Privacy Regulations](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#navigating?ts=markdown) * [Sensitive Data Protection: Best Practices](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#best-practices?ts=markdown) * [Sensitive Data FAQs](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#faqs?ts=markdown) * [What Is SOC 2 Compliance?](https://www.paloaltonetworks.com/cyberpedia/soc-2?ts=markdown) * [SOC 2 Explained](https://www.paloaltonetworks.com/cyberpedia/soc-2#soc?ts=markdown) * [Why SOC 2 Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/soc-2#why?ts=markdown) * [SOC 2 Requirements](https://www.paloaltonetworks.com/cyberpedia/soc-2#requirements?ts=markdown) * [Who Can Perform a SOC Audit?](https://www.paloaltonetworks.com/cyberpedia/soc-2#who?ts=markdown) * [SOC 2 Audit Checklist](https://www.paloaltonetworks.com/cyberpedia/soc-2#checklist?ts=markdown) * [SOC 1 Vs. SOC 2](https://www.paloaltonetworks.com/cyberpedia/soc-2#vs?ts=markdown) * [SOC 2 FAQs](https://www.paloaltonetworks.com/cyberpedia/soc-2#faqs?ts=markdown) * [What Is Healthcare Business Continuity?](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare?ts=markdown) * [Why Is Business Continuity Important to Healthcare?](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#important?ts=markdown) * [Potential Disruptions to Healthcare Organizations' Continuity](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#potential?ts=markdown) * [The Growing Threat of Ransomware in Healthcare](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#ransomware?ts=markdown) * [Why Healthcare Is a Prime Target for Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#target?ts=markdown) * [How Healthcare Business Continuity Directly Impacts Lives](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#healthcare?ts=markdown) * [Costs of Downtime in the Healthcare Sector](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#costs?ts=markdown) * [How to Ensure Business Continuity in Healthcare](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#business?ts=markdown) * [Benefits of Business Continuity Planning](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#planning?ts=markdown) * [Healthcare Business Continuity FAQs](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#faqs?ts=markdown) * [What Are HIPAA Security Rules?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules?ts=markdown) * [Why Is the HIPAA Security Rule Important?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#why?ts=markdown) * [Overview of the HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#overview?ts=markdown) * [HIPAA Security Rule Requirements](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#requirements?ts=markdown) * [The HIPAA Breach Notification Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#breach-notification-rule?ts=markdown) * [HIPAA Compliance and Enforcement](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#compliance-and-enforcement?ts=markdown) * [Best Practices for HIPAA Compliance](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#best-practices?ts=markdown) * [Potential Trends in HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#trends?ts=markdown) * [HIPAA Security Rule FAQs](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#faq?ts=markdown) * [What Is Protected Health Information (PHI)?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi?ts=markdown) * [Why Is Protected Health Information (PHI) Important?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#important?ts=markdown) * [Examples of Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#protected?ts=markdown) * [What Is ePHI?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#ephi?ts=markdown) * [Securing Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#securing?ts=markdown) * [What Is a PHI Breach?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#breach?ts=markdown) * [Evolving Landscape: Emerging Technologies and PHI Security](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#landscape?ts=markdown) * [Protected Health Information (PHI) FAQs](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#faqs?ts=markdown) * [What Is the California Consumer Privacy Act (CCPA)?](https://www.paloaltonetworks.com/cyberpedia/ccpa?ts=markdown) * [California Consumer Privacy Act (CCPA) Explained](https://www.paloaltonetworks.com/cyberpedia/ccpa#ccpa?ts=markdown) * [How Does the CCPA Define Personal Information?](https://www.paloaltonetworks.com/cyberpedia/ccpa#how?ts=markdown) * [CCPA Vs. GDPR](https://www.paloaltonetworks.com/cyberpedia/ccpa#compare?ts=markdown) * [Container Firewall FAQs](https://www.paloaltonetworks.com/cyberpedia/ccpa#faq?ts=markdown) * [An Overview of FedRAMP and Why You Should Care About It](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview?ts=markdown) * [Advantages of FedRAMP for Federal Agencies](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#advantages?ts=markdown) * [Other Parties That May Be Interested in FedRAMP](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#other?ts=markdown) * [More Information](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#more?ts=markdown) * [What Is Data Governance?](https://www.paloaltonetworks.com/cyberpedia/data-governance?ts=markdown) * [Data Governance Explained](https://www.paloaltonetworks.com/cyberpedia/data-governance#data?ts=markdown) * [Why Data Governance Matters](https://www.paloaltonetworks.com/cyberpedia/data-governance#why?ts=markdown) * [The Benefits of Data Governance](https://www.paloaltonetworks.com/cyberpedia/data-governance#benefits?ts=markdown) * [Enterprise Data Governance Challenges](https://www.paloaltonetworks.com/cyberpedia/data-governance#enterprise?ts=markdown) * [Cloud Data Governance Challenges](https://www.paloaltonetworks.com/cyberpedia/data-governance#cloud?ts=markdown) * [Data Governance Strategy](https://www.paloaltonetworks.com/cyberpedia/data-governance#data-governance?ts=markdown) * [Building a Strong Data Governance Framework](https://www.paloaltonetworks.com/cyberpedia/data-governance#building?ts=markdown) * [Data Governance Best Practices: Tips and Strategies](https://www.paloaltonetworks.com/cyberpedia/data-governance#best-practices?ts=markdown) * [Securing Data Access: The Importance of Data Access Governance](https://www.paloaltonetworks.com/cyberpedia/data-governance#securing?ts=markdown) * [Unlock the Full Potential of Your Data with Comprehensive Data Governance Capabilities](https://www.paloaltonetworks.com/cyberpedia/data-governance#unlock?ts=markdown) * [Data Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-governance#faqs?ts=markdown) * What is the Difference between FISMA and FedRAMP? * [Simplified Healthcare Compliance and Risk Management with Prisma Cloud](https://www.paloaltonetworks.com/cyberpedia/simplified-healthcare-compliance-and-risk-management-with-prisma-cloud?ts=markdown) * [What Is Data Privacy?](https://www.paloaltonetworks.com/cyberpedia/data-privacy?ts=markdown) * [Data Privacy Explained](https://www.paloaltonetworks.com/cyberpedia/data-privacy#data?ts=markdown) * [Why Is Data Privacy Crucial for Businesses and Consumers?](https://www.paloaltonetworks.com/cyberpedia/data-privacy#why?ts=markdown) * [What Are the Use Cases for Data Privacy?](https://www.paloaltonetworks.com/cyberpedia/data-privacy#what?ts=markdown) * [‍Data Privacy FAQs](https://www.paloaltonetworks.com/cyberpedia/data-privacy#faqs?ts=markdown) * [How to Maintain AWS Compliance](https://www.paloaltonetworks.com/cyberpedia/how-to-maintain-aws-compliance?ts=markdown) * [What Is Data Compliance?](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown) * [Data Compliance Explained](https://www.paloaltonetworks.com/cyberpedia/data-compliance#data?ts=markdown) * [Why Is Data Compliance Important?](https://www.paloaltonetworks.com/cyberpedia/data-compliance#why?ts=markdown) * [Cloud Challenges Data Compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance#cloud?ts=markdown) * [Data Compliance Varies Across Industries](https://www.paloaltonetworks.com/cyberpedia/data-compliance#varies?ts=markdown) * [Meeting Data Compliance Standards](https://www.paloaltonetworks.com/cyberpedia/data-compliance#meeting?ts=markdown) * [Data Compliance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-compliance#faqs?ts=markdown) * [What Is NIST?](https://www.paloaltonetworks.com/cyberpedia/nist?ts=markdown) * [NIST Explained](https://www.paloaltonetworks.com/cyberpedia/nist#nist?ts=markdown) * [The NIST Secure Software Development Framework (SSDF)](https://www.paloaltonetworks.com/cyberpedia/nist#the?ts=markdown) * [What Do Nist Guidelines Cover?](https://www.paloaltonetworks.com/cyberpedia/nist#what?ts=markdown) * [CSF Vs. SSDF](https://www.paloaltonetworks.com/cyberpedia/nist#vs?ts=markdown) * [‍NIST FAQs](https://www.paloaltonetworks.com/cyberpedia/nist#faqs?ts=markdown) * [What Is Data Privacy Compliance?](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance?ts=markdown) * [Database Security in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#database?ts=markdown) * [Elements of Database Security](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#elements?ts=markdown) * [Database Security: 8 Best Practices](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#security?ts=markdown) * [Database Security FAQs](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#faqs?ts=markdown) * [How The Next-Generation Security Platform Contributes to GDPR Compliance](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance?ts=markdown) * [Data Breach Prevention](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#data?ts=markdown) * [Managing Security Processes Centrally](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#managing?ts=markdown) * [Preventing Data Exfiltration or Leakage](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#preventing?ts=markdown) * [Data Breach Notification](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#breach?ts=markdown) * [What Is PCI DSS?](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown) * [PCI DSS Explained](https://www.paloaltonetworks.com/cyberpedia/pci-dss#pci?ts=markdown) * [Why PCI DSS Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/pci-dss#why?ts=markdown) * [PCI DSS Requirements](https://www.paloaltonetworks.com/cyberpedia/pci-dss#dss?ts=markdown) * [Technical Best Practices for PCI DSS Compliance](https://www.paloaltonetworks.com/cyberpedia/pci-dss#technical?ts=markdown) * [Preparing for a PCI DSS Assessment](https://www.paloaltonetworks.com/cyberpedia/pci-dss#preparing?ts=markdown) * [PCI DSS FAQs](https://www.paloaltonetworks.com/cyberpedia/pci-dss#faqs?ts=markdown) * [What Is PII?](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown) * [Personally Identifiable Information (PII) Explained](https://www.paloaltonetworks.com/cyberpedia/pii#personally?ts=markdown) * [Why Is PII Important?](https://www.paloaltonetworks.com/cyberpedia/pii#why?ts=markdown) * [PII Worldwide](https://www.paloaltonetworks.com/cyberpedia/pii#pii?ts=markdown) * [Personal Data Vs. PII](https://www.paloaltonetworks.com/cyberpedia/pii#vs?ts=markdown) * [PHI Vs. PII](https://www.paloaltonetworks.com/cyberpedia/pii#phi?ts=markdown) * [PII Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/pii#best?ts=markdown) * [PII FAQs](https://www.paloaltonetworks.com/cyberpedia/pii#faqs?ts=markdown) # What is the Difference between FISMA and FedRAMP? Compare FISMA vs. FedRAMP, their differences in compliance, security requirements, and how they regulate federal information systems and cloud security. 5 min. read With its [cloud-first policy](https://cloud.cio.gov/strategy/), the U.S. government has committed to granting agencies broader authority to adopt commercially available cloud-based services. The top drivers of this adoption are improving return on investment, or ROI, for agency IT infrastructure investments, bolstering government IT security, and providing higher-quality services to the American people. According to Gartner, in mid-2018, nearly [half](https://www.gartner.com/smarterwithgartner/understanding-cloud-adoption-in-government/) of government organizations were already actively using cloud services. [Adoption is on the upswing](https://fedtechmagazine.com/article/2018/12/how-will-federal-cloud-use-evolve-2019), with hybrid cloud and multi-cloud offerings growing in prominence. If you plan to deliver cloud-based services to the government, it's more important than ever to fundamentally understand government-enacted federal IT compliance standards. Two important IT security-related compliance mandates that get discussed a lot when talking about federal IT infrastructure are FISMA and FedRAMP. FISMA and FedRAMP have the same high-level goals of protecting government data and reducing information security risk within federal information systems. Both are also built on the foundation of NIST Special Publication 800-53A controls. However, there is a distinct contrast between the two in terms of federal policy, security controls and authorization. **What Is FISMA?** Enacted in 2002, FISMA -- the Federal Information Security Management Act -- covers the compliance parameters on storage and processing of government data. It requires federal agencies and their private-sector vendors to implement information security controls that ensure data security postures of federal information systems are protected. All private-sector firms that sell services to the federal government must comply with FISMA requirements. The primary framework for FISMA compliance is [NIST SP 800-53](https://nvd.nist.gov/800-53). Put simply, for vendors to become FISMA-compliant, they must implement recommended information security controls for federal information systems as identified in the NIST SP 800-53. FISMA assessments are traditionally focused on information systems that support a single agency. FISMA-compliant vendors receive Authority to Operate, or ATO, only from the particular federal agency with which they are doing business. If a vendor has business contracts with multiple federal agencies, the vendor must obtain ATO from each agency because security controls may differ in accordance with the specific data security needs of each agency. **Let's Talk About FedRAMP** By enacting FedRAMP, the government aimed to make the cloud service provider procurement process easier on agencies. On the most basic level, FedRAMP is aimed more specifically at cloud service providers. Systems evaluated under FedRAMP for use by government agencies are commercial cloud-based systems (e.g., IaaS, PaaS, SaaS) used by private-sector enterprises. Information systems evaluated under either FISMA or FedRAMP are categorized in accordance with FIPS 199 as high, moderate, or low based on a few different criteria. Then, based on the security categorization, applicable security controls from NIST SP 800-53 are applied to the information system as high impact, moderate impact or low impact. FedRAMP requirements include additional controls above the standard NIST baseline controls in NIST SP 800-53 Revision 4. These additional controls address the unique elements of cloud computing to ensure all federal data is secure in cloud environments. Federal agencies know a cloud-based service is safe to use once it's awarded the FedRAMP stamp of approval, and unlike FISMA, FedRAMP ATO qualifies a cloud service provider to do business with any federal agency. Due to its wider scope, the FedRAMP certification process is also far more rigorous. The authorization program requires cloud providers to undergo an independent security assessment conducted by a third-party assessment organization, or [3PAO](https://whatis.techtarget.com/definition/FedRAMP-3PAO-third-party-assessment-organization), to sell government cloud services to federal agencies. **Conclusion** Federal agencies looking for a FedRAMP-compliant product or service will likely also expect it to be FISMA-compliant. Cloud service providers should comply with both FISMA and FedRAMP regulations to maintain an ATO from the U.S. government. National and federal government departments worldwide count on Palo Alto Networks to prevent successful cyberattacks, safeguard classified and sensitive data and optimize security operations. [Learn more](https://www.paloaltonetworks.com/security-for/government/federal) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20is%20the%20Difference%20between%20FISMA%20and%20FedRAMP%3F&body=Compare%20FISMA%20vs.%20FedRAMP%2C%20their%20differences%20in%20compliance%2C%20security%20requirements%2C%20and%20how%20they%20regulate%20federal%20information%20systems%20and%20cloud%20security.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/difference-between-fisma-and-fedramp) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/data-governance?ts=markdown) What Is Data Governance? [Next](https://www.paloaltonetworks.com/cyberpedia/simplified-healthcare-compliance-and-risk-management-with-prisma-cloud?ts=markdown) Simplified Healthcare Compliance and Risk Management with Prisma Cloud {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language