[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [DSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) 4. [How DSPM Enables XDR and SOAR for Automated, Data-Centric Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar?ts=markdown) Table of Contents * [What is Data Security Posture Management? DSPM Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) * [DSPM Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-explained?ts=markdown) * [How DSPM Works](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#works?ts=markdown) * [The Importance of Data Security Posture Management](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-importance?ts=markdown) * [DSPM Capabilities](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-capabilities?ts=markdown) * [DSPM Vs. CSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-vs-cspm?ts=markdown) * [DSPM Use Cases](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-use-cases?ts=markdown) * [Data Security Posture Management Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-tools?ts=markdown) * [Data Security Posture Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#faq?ts=markdown) * [How DSPM Is Evolving: Key Trends to Watch](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends?ts=markdown) * [From Static Discovery to Dynamic Intelligence](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#static?ts=markdown) * [The Convergence of DSPM with Cloud-Native Security Architectures](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#native?ts=markdown) * [Real-Time Data Detection and Response](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#response?ts=markdown) * [AI Security and Generative AI Data Protection](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#protection?ts=markdown) * [Automation, Policy-as-Code, and DevSecOps Integration](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#automation?ts=markdown) * [DSPM Key Trends FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#faq?ts=markdown) * [DSPM Market Size: 2025 Guide](https://www.paloaltonetworks.com/cyberpedia/dspm-market?ts=markdown) * [DSPM Market Size and Financial Overview](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown) * [Growth Drivers Reshaping the DSPM Market](https://www.paloaltonetworks.com/cyberpedia/dspm-market#growth?ts=markdown) * [Market Segmentation and Adoption Patterns](https://www.paloaltonetworks.com/cyberpedia/dspm-market#market?ts=markdown) * [Palo Alto Networks DSPM Market Position](https://www.paloaltonetworks.com/cyberpedia/dspm-market#position?ts=markdown) * [DSPM Market Forecast Through 2030](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown) * [DSPM Market FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-market#faqs?ts=markdown) * [How DSPM Combats Toxic Combinations: Enabling Proactive Data-Centric Defense](https://www.paloaltonetworks.com/cyberpedia/dspm-defense?ts=markdown) * [What Are Toxic Combinations?](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#what?ts=markdown) * [The Role of Attack Path Analysis in Detection](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#role?ts=markdown) * [DSPM Capabilities for Toxic Combination Mitigation](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#dspm?ts=markdown) * [Aligning with Frameworks and Zero Trust](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#aligning?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#best?ts=markdown) * [How DSPM Combats Toxic Combinations FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#faqs?ts=markdown) * [What Is a Data Flow Diagram?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram?ts=markdown) * [Data Flow Diagram Explained](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#data?ts=markdown) * [What Symbols Are in Data Flow Diagrams?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#what?ts=markdown) * [What Are the Different Levels of DFDs?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#different?ts=markdown) * [What Are the Benefits of Using a Data Flow Diagram?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#benefits?ts=markdown) * [Data Flow FAQs](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#faqs?ts=markdown) * [What Is Data Exfiltration?](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown) * [Data Exfiltration Vs. Data Breach](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#data?ts=markdown) * [Risks of Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#risks?ts=markdown) * [Examples of Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#examples?ts=markdown) * [Data Exfiltration in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#public?ts=markdown) * [Data Exfiltration Warning Signs](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#warning?ts=markdown) * [Preventing Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#preventing?ts=markdown) * [Data Exfiltration FAQs](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#faqs?ts=markdown) * [What Is Data Movement?](https://www.paloaltonetworks.com/cyberpedia/data-movement?ts=markdown) * [Data Movement Explained](https://www.paloaltonetworks.com/cyberpedia/data-movement#explained?ts=markdown) * [Data Movement and Cloud Data Security](https://www.paloaltonetworks.com/cyberpedia/data-movement#data-security?ts=markdown) * [5 Types of Data Movement, With Examples](https://www.paloaltonetworks.com/cyberpedia/data-movement#types?ts=markdown) * [The Fragmented Landscape of Data Movement Tools](https://www.paloaltonetworks.com/cyberpedia/data-movement#tools?ts=markdown) * [Data Movements FAQs](https://www.paloaltonetworks.com/cyberpedia/data-movement#faqs?ts=markdown) * [What Is a Data Breach?](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) * [Data Breaches Explained](https://www.paloaltonetworks.com/cyberpedia/data-breach#data?ts=markdown) * [The Breach Lifecycle](https://www.paloaltonetworks.com/cyberpedia/data-breach#lifecycle?ts=markdown) * [Why Preventing Data Breaches Matter](https://www.paloaltonetworks.com/cyberpedia/data-breach#why?ts=markdown) * [Data Breach Reporting](https://www.paloaltonetworks.com/cyberpedia/data-breach#reporting?ts=markdown) * [How Do Data Breaches Happen?](https://www.paloaltonetworks.com/cyberpedia/data-breach#how?ts=markdown) * [The Prevalence of Data Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#prevalence?ts=markdown) * [Lessons from Headlining Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#lessons?ts=markdown) * [‍How to Prevent Data Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#prevent?ts=markdown) * [Data Breach FAQs](https://www.paloaltonetworks.com/cyberpedia/data-breach#faqs?ts=markdown) * [DSPM Tools: How to Evaluate and Select the Best Option](https://www.paloaltonetworks.com/cyberpedia/dspm-tools?ts=markdown) * [The Need for Data Security Posture Management (DSPM) Solutions](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#solutions?ts=markdown) * [The Key 7 Components of DSPM Tools](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#key?ts=markdown) * [How to Select the Right DSPM Solution](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#how?ts=markdown) * [Common Challenges in Implementing DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#common?ts=markdown) * [Data Security Posture Management FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#faqs?ts=markdown) * How DSPM Enables XDR and SOAR for Automated, Data-Centric Security * [Why Data Context Matters in Modern Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#why?ts=markdown) * [What DSPM Brings to XDR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#what?ts=markdown) * [How DSPM Powers SOAR Automation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#how?ts=markdown) * [The Synergy of DSPM, XDR, and SOAR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#synergy?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#best?ts=markdown) * [How DSPM Enables XDR and SOAR FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#faqs?ts=markdown) * [What Is Data Detection and Response (DDR)?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr?ts=markdown) * [Data Detection and Response Explained](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#data?ts=markdown) * [Why Is DDR Important?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#why?ts=markdown) * [Improving DSPM Solutions with Dynamic Monitoring](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#improving?ts=markdown) * [A Closer Look at Data Detection and Response (DDR)](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#ddr?ts=markdown) * [How DDR Solutions Work](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#how?ts=markdown) * [How Does DDR Fit into the Cloud Data Security Landscape?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#landscape?ts=markdown) * [Does the CISO Agenda Need an Additional Cybersecurity Tool?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#does?ts=markdown) * [Supporting Innovation Without Sacrificing Security](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#supporting?ts=markdown) * [DSPM and Data Detection and Response FAQs](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#faqs?ts=markdown) * [What Is Data-Centric Security?](https://www.paloaltonetworks.com/cyberpedia/data-centric-security?ts=markdown) * [Why a Data-Centric Security Strategy Matters](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#why?ts=markdown) * [When a Data Focus for Security Is Necessary](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#when?ts=markdown) * [Data-Centric Security FAQs](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#faqs?ts=markdown) * [What Is Unstructured Data?](https://www.paloaltonetworks.com/cyberpedia/unstructured-data?ts=markdown) * [Understanding Unstructured Data in the Cloud](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#understanding?ts=markdown) * [Unstructured Data and Challenges with Data Security](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#unstructured?ts=markdown) * [Key Aspects of Data Security for Unstructured Data](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#key?ts=markdown) * [Unstructured Data FAQs](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#faqs?ts=markdown) * [What Is Data Access Governance?](https://www.paloaltonetworks.com/cyberpedia/data-access-governance?ts=markdown) * [Data Access Governance Explained](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#data?ts=markdown) * [Data Access Governance in Compliance and Auditing](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#compliance?ts=markdown) * [Data Governance in Cloud Security](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#cloud-security?ts=markdown) * [Software Used for Data Access Governance](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#software?ts=markdown) * [Data Access Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#faqs?ts=markdown) * [DSPM for AI: Navigating Data and AI Compliance Regulations](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance?ts=markdown) * [How DSPM Secures Data Integrity and Enables Compliance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#how?ts=markdown) * [Navigating Global AI Compliance with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#navigating?ts=markdown) * [Securing the AI Lifecycle with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#lifecycle?ts=markdown) * [Integrating DSPM Across the Security Ecosystem](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#ecosystem?ts=markdown) * [The Future of DSPM: Business Value and Responsible AI](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#future?ts=markdown) * [DSPM for AI FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#faqs?ts=markdown) * [What Is Data Discovery?](https://www.paloaltonetworks.com/cyberpedia/data-discovery?ts=markdown) * [How Data Discovery Works](https://www.paloaltonetworks.com/cyberpedia/data-discovery#how?ts=markdown) * [Data Discovery: The Key to Data Classification](https://www.paloaltonetworks.com/cyberpedia/data-discovery#data?ts=markdown) * [Benefits of Data Discovery](https://www.paloaltonetworks.com/cyberpedia/data-discovery#benefits?ts=markdown) * [Data Discovery FAQs](https://www.paloaltonetworks.com/cyberpedia/data-discovery#faqs?ts=markdown) * [What Is Structured Data?](https://www.paloaltonetworks.com/cyberpedia/structured-data?ts=markdown) * [Structured Data Explained](https://www.paloaltonetworks.com/cyberpedia/structured-data#structured?ts=markdown) * [Benefits of Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#benefits?ts=markdown) * [Challenges with Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#challenges?ts=markdown) * [Internal and External Sources of Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#internal?ts=markdown) * [Structured Data FAQs](https://www.paloaltonetworks.com/cyberpedia/structured-data#faqs?ts=markdown) * [What Is Shadow Data?](https://www.paloaltonetworks.com/cyberpedia/shadow-data?ts=markdown) * [Shadow Data Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-data#shadow?ts=markdown) * [The Dangers of Shadow Data](https://www.paloaltonetworks.com/cyberpedia/shadow-data#the?ts=markdown) * [Mitigating Shadow Data Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-data#mitigating?ts=markdown) * [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-data#faqs?ts=markdown) * [How DSPM Enables Continuous Compliance and Data Governance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance?ts=markdown) * [Why Traditional Compliance Approaches Fall Short](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#why?ts=markdown) * [DSPM as a Foundation for Continuous Compliance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#dspm?ts=markdown) * [Strengthening Data Governance with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#strengthening?ts=markdown) * [Regulatory Alignment and Business Enablement](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#regulatory?ts=markdown) * [Implementation Considerations and Best Practices](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#implementation?ts=markdown) * [DSPM for Continuous Compliance and Data Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#faqs?ts=markdown) * [What Is Data Classification?](https://www.paloaltonetworks.com/cyberpedia/data-classification?ts=markdown) * [Data Classification Explained](https://www.paloaltonetworks.com/cyberpedia/data-classification#data?ts=markdown) * [Why Data Classification Matters](https://www.paloaltonetworks.com/cyberpedia/data-classification#why?ts=markdown) * [Data Classification Levels](https://www.paloaltonetworks.com/cyberpedia/data-classification#levels?ts=markdown) * [Data Classification Use Cases](https://www.paloaltonetworks.com/cyberpedia/data-classification#usecases?ts=markdown) * [How Does Data Classification Improve Data Security?](https://www.paloaltonetworks.com/cyberpedia/data-classification#how?ts=markdown) * [Data Classification FAQs](https://www.paloaltonetworks.com/cyberpedia/data-classification#faqs?ts=markdown) * [DSPM Vs. CSPM: Key Differences and How to Choose](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm?ts=markdown) * [Understand the Fundamentals --- What Are CSPM and DSPM?](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#understand?ts=markdown) * [DSPM Vs. CSPM: What's the Difference?](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#difference?ts=markdown) * [Pros and Cons of Each Approach](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#pros-and-cons?ts=markdown) * [Use Cases: When to Use DSPM, CSPM, or Both](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#use-cases?ts=markdown) * [Choosing the Right Approach (or Integrating Both)](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#approach?ts=markdown) * [DSPM Vs. CSPM FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#faqs?ts=markdown) * [What Is Cloud Data Protection?](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection?ts=markdown) * [Why Companies Need Cloud Data Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#why?ts=markdown) * [How Companies Can Better Protect Their Data in Cloud Environments](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#how?ts=markdown) * [The Benefits of Cloud Data Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#benefits?ts=markdown) * [Cloud Data Protection FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#faqs?ts=markdown) # How DSPM Enables XDR and SOAR for Automated, Data-Centric Security 5 min. read Table of Contents * * [Why Data Context Matters in Modern Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#why?ts=markdown) * [What DSPM Brings to XDR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#what?ts=markdown) * [How DSPM Powers SOAR Automation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#how?ts=markdown) * [The Synergy of DSPM, XDR, and SOAR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#synergy?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#best?ts=markdown) * [How DSPM Enables XDR and SOAR FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#faqs?ts=markdown) 1. Why Data Context Matters in Modern Security * * [Why Data Context Matters in Modern Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#why?ts=markdown) * [What DSPM Brings to XDR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#what?ts=markdown) * [How DSPM Powers SOAR Automation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#how?ts=markdown) * [The Synergy of DSPM, XDR, and SOAR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#synergy?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#best?ts=markdown) * [How DSPM Enables XDR and SOAR FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#faqs?ts=markdown) DSPM transforms XDR threat detection and SOAR remediation by injecting critical data context into security operations. Modern enterprises face exponential data sprawl across multicloud environments while advanced persistent threats exploit this complexity. [DSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) serves as an intelligence layer that enriches XDR's detection capabilities with data classification and risk context, while feeding SOAR with actionable data insights that enable faster, more targeted automated security operations. ## Why Data Context Matters in Modern Security Enterprise data architectures have evolved beyond traditional perimeter models, creating complex visibility challenges that traditional security tools struggle to address. Organizations now manage sensitive data across fragmented environments spanning multiple [cloud providers](https://www.paloaltonetworks.com/cyberpedia/cloud-service-provider?ts=markdown), [SaaS](https://www.paloaltonetworks.com/cyberpedia/what-is-saas?ts=markdown) platforms, and hybrid infrastructures where conventional security boundaries have dissolved. ### Data Sprawl Across Distributed Environments Enterprises operate across SaaS applications, IaaS platforms, and [PaaS](https://www.paloaltonetworks.com/cyberpedia/what-is-pass?ts=markdown) services simultaneously, creating unprecedented data sprawl. Critical business information flows through Salesforce, resides in AWS S3 buckets, processes through Azure Functions, and gets analyzed in Snowflake environments. [Shadow IT](https://www.paloaltonetworks.com/cyberpedia/shadow-it?ts=markdown) amplifies complexity as departments deploy unauthorized cloud services, creating invisible data repositories outside the security team's visibility. [Sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) protection becomes exponentially more difficult when organizations discover databases they never knew existed. Financial records appear in forgotten development environments, customer [PII](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown) gets replicated across testing platforms, and intellectual property spreads through collaboration tools without proper [data classification](https://www.paloaltonetworks.com/cyberpedia/data-classification?ts=markdown) or [access controls](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown). ### Sophisticated Attacks Exploit Data-Rich Targets Threat actors now target data directly rather than simply compromising infrastructure. [Advanced persistent threats](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt?ts=markdown) conduct reconnaissance to identify high-value datastores before initiating [lateral movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown). [Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown) operators prioritize the encryption of critical databases and backup systems. Nation-state actors exfiltrate intellectual property from research repositories and customer databases. Data-centric security addresses these evolved attack patterns by focusing protection efforts on the assets that matter most. Traditional infrastructure-focused approaches miss threats that target datastores directly or exploit legitimate access pathways to sensitive information. ### Siloed Security Tools Create Operational Gaps Security teams manage separate tools for endpoint protection, network monitoring, [cloud security posture management](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown), and data loss prevention. Each tool generates independent alerts without contextual understanding of data sensitivity or business impact. Alert fatigue overwhelms analysts who spend time investigating low-risk incidents while missing critical data exposure events. Unified visibility, combining data posture intelligence with threat telemetry, enables [security operations](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations?ts=markdown) to prioritize response efforts based on actual business risk rather than alert volume. ## What DSPM Brings to XDR DSPM transforms [XDR](https://www.paloaltonetworks.com/cyberpedia/what-is-extended-detection-response-XDR?ts=markdown) from a reactive detection platform into an intelligent threat detection system that understands data context and business impact. Integration between DSPM and XDR creates security operations workflows that prioritize threats based on actual risk to sensitive data rather than infrastructure-level indicators alone. ### Data Sensitivity Context Enrichment DSPM enriches XDR alerts with granular data sensitivity classifications that enable precise threat assessment. When XDR detects suspicious activity on a database server, DSPM provides immediate context about whether the system contains PII, financial records, intellectual property, or development test data. XDR platforms receive real-time data classification intelligence that transforms generic security events into business-relevant incidents. Risk prioritization becomes surgical when XDR understands data criticality. An attempted lateral movement targeting a server with customer financial data triggers high-priority workflows, while similar activity against development environments receives lower precedence. DSPM's continuous [data discovery](https://www.paloaltonetworks.com/cyberpedia/data-discovery?ts=markdown) and classification ensure XDR maintains current awareness of data sensitivity across dynamic cloud environments. ### Advanced Threat Detection Through Data Lineage Data lineage visibility enables XDR to detect sophisticated attack patterns that traditional monitoring misses. DSPM maps data flows between systems, applications, and cloud services, providing XDR with a comprehensive understanding of [data movement pathways](https://www.paloaltonetworks.com/cyberpedia/data-movement?ts=markdown). When threat actors attempt to access sensitive data through indirect routes or compromised service accounts, XDR correlates unusual access patterns with known data flows to identify potential breaches. Anomaly detection becomes more accurate when XDR analyzes user behavior against expected data access patterns. DSPM provides a baseline understanding of normal data interactions, enabling XDR to identify deviations that indicate credential compromise or insider threats. Machine learning algorithms improve detection accuracy by incorporating data sensitivity and access context into behavioral analysis models. ### Reduced False Positives Through Contextual Analysis DSPM significantly reduces XDR false positive rates by providing data context that distinguishes legitimate business activities from potential threats. Automated data processing workflows that appear suspicious in isolation become clearly benign when XDR understands the underlying data classification and business purpose. Analytics platforms accessing anonymized datasets generate different alert priorities than similar tools processing customer PII. Security operations teams spend investigation time on actual threats rather than routine business processes. XDR platforms equipped with DSPM intelligence automatically filter alerts based on data sensitivity, access authorization, and business context. Alert volumes decrease while detection accuracy increases through intelligent risk-based filtering. ### Data-Driven Threat Hunting Operations DSPM transforms threat hunting from infrastructure-focused searches into data-centric investigations. Security analysts gain visibility into complete data ecosystems, allowing hunters to construct queries based on data classifications rather than system types. When investigating potential compromises, hunters can immediately identify which sensitive data repositories require priority attention and assessment. Hunting operations benefit from DSPM's continuous asset discovery and classification updates. Analysts can track data movement patterns to identify unusual flows that indicate potential [exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown) attempts or unauthorized data migration. Data sensitivity intelligence enables hunters to focus investigation resources on systems containing high-value information while deprioritizing activities involving nonsensitive datasets. ## How DSPM Powers SOAR Automation DSPM integration transforms [SOAR](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown) platforms from generic automation engines into intelligent incident response systems that understand data context and regulatory requirements. Data sensitivity intelligence drives automatic playbook selection, remediation prioritization, and [data compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown) enforcement workflows that adapt to specific data classifications and business impact levels. ### Intelligent Playbook Orchestration DSPM triggers targeted SOAR playbooks based on data sensitivity classifications and exposure contexts. When DSPM detects unencrypted PII in a public cloud storage bucket, SOAR automatically initiates data protection workflows that encrypt the data, restrict access permissions, and notify compliance teams. Financial data exposures trigger different playbooks that include immediate isolation, audit trail preservation, and regulatory notification procedures. Security automation becomes contextually aware through DSPM's real-time data intelligence. SOAR platforms receive continuous updates about data classifications, enabling dynamic playbook adjustments as data sensitivity changes. Intellectual property incidents generate different response workflows than [healthcare information breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown), with SOAR selecting appropriate remediation steps based on data type and regulatory requirements. ### Automated Risk-Based Remediation DSPM enables SOAR to prioritize remediation actions based on actual data exposure risk rather than alert severity scores. High-value data repositories receive immediate automated protection measures, including access revocation, network isolation, and backup verification. Lower-sensitivity data incidents trigger monitoring and notification workflows while preserving business continuity. Remediation speed increases dramatically when SOAR understands data context. Rather than requiring manual analyst review to determine appropriate responses, SOAR platforms equipped with DSPM intelligence automatically execute protection measures tailored to specific data types. Customer databases receive different treatment than development datasets, with remediation intensity matching actual business risk. ### Proactive Compliance Enforcement DSPM feeds SOAR with compliance intelligence that enables automatic regulatory requirement enforcement. When DSPM identifies [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown)-protected personal data in unauthorized locations, SOAR immediately executes data protection playbooks that ensure compliance with data residency requirements. [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown)-covered health information triggers different workflows that include encryption verification, access logging, and breach notification procedures. Compliance automation extends beyond reactive incident response to proactive policy enforcement. SOAR platforms monitor DSPM-identified sensitive data for compliance violations, automatically correcting misconfigurations before they become reportable incidents. [PCI DSS](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown)-scoped cardholder data receives continuous monitoring with automatic remediation of policy violations. ### Orchestrated Multisystem Response DSPM enables SOAR to coordinate responses across multiple security tools and business systems based on data sensitivity requirements. Identity management systems receive automatic access revocation requests for compromised accounts with sensitive data access. Backup systems execute data protection workflows when DSPM identifies at-risk repositories. Cloud security tools apply additional monitoring and protection measures to systems containing high-value data. [Incident response](https://www.paloaltonetworks.com/cyberpedia/what-is-incident-response?ts=markdown) becomes more efficient when SOAR orchestrates actions based on actual data impact rather than system-level alerts. Data exfiltration incidents trigger coordinated responses including network isolation, identity revocation, legal notification, and customer communication workflows. SOAR platforms equipped with DSPM intelligence execute comprehensive response plans that address both technical remediation and business continuity requirements. ## The Synergy of DSPM, XDR, and SOAR Integrated security operations emerge when DSPM, XDR, and SOAR function as a unified ecosystem rather than independent tools. Data context flows seamlessly between detection, analysis, and response phases, creating security operations workflows that understand business impact and regulatory requirements while maintaining operational efficiency through intelligent automation. ### Unified Data-Centric Security Operations Model DSPM establishes the foundational data intelligence layer that informs both XDR detection algorithms and SOAR remediation workflows. Data sensitivity classifications, access patterns, and compliance requirements become consistent inputs across all security operations activities. XDR leverages DSPM's data context to prioritize threat detection efforts on high-value assets, while SOAR uses the same intelligence to select appropriate response playbooks and escalation procedures. Risk mitigation becomes more effective when all security tools operate from a shared understanding of data criticality and business impact. Security operations teams gain unified visibility into threats targeting sensitive data, enabling coordinated responses that address both immediate security concerns and long-term compliance requirements. Alert prioritization aligns with actual business risk rather than technical severity scores. ### Real-World Implementation: Insider Threat Detection and Response Let's look at an example of how a financial services organization demonstrates integrated security operations through automated [insider threat](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown) detection and response. DSPM continuously monitors customer financial data across cloud databases, identifying unusual access patterns and data movement activities. When a privileged user begins downloading large volumes of customer account information outside normal business hours, DSPM triggers XDR analysis workflows that correlate the activity with historical access patterns and data sensitivity classifications. [XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) identifies the behavior as anomalous based on DSPM's data context intelligence, automatically escalating the incident to high priority because of the financial data sensitivity. SOAR receives the alert with complete data context, including specific customer accounts accessed, regulatory compliance requirements, and potential business impact. Automated response workflows immediately revoke the user's access credentials, preserve audit logs, initiate legal hold procedures, and notify compliance teams of the potential breach. ### Automated Cloud Data Protection: Misconfiguration Response Another example of a healthcare organization showcases the power of integrated security through automated response to cloud storage misconfigurations. DSPM discovers a newly created AWS S3 bucket containing [patient health records](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi?ts=markdown) with public read permissions, triggering immediate XDR analysis to determine if the misconfiguration represents accidental exposure or potential malicious activity. XDR examines the bucket creation logs, user access patterns, and network traffic to assess threat likelihood. SOAR receives the incident with complete DSPM context, including HIPAA compliance requirements, patient record classifications, and potential breach notification obligations. Automated playbooks immediately remove public access permissions, encrypt the data at rest, enable detailed access logging, and create incident tickets for compliance review. Security operations teams receive notifications with complete context about the protected health information exposure and automated remediation steps taken, enabling rapid assessment of any remaining compliance obligations. ## Best Practices for Implementation Security operations best practices require strategic alignment between DSPM implementation and existing security workflows to maximize automation effectiveness while maintaining operational stability. Organizations must balance comprehensive data visibility with practical implementation constraints to achieve measurable improvements in threat detection and incident response capabilities. ### Strategic Integration with Existing Security Operations DSPM implementation begins with a comprehensive assessment of current XDR and SOAR workflows to identify integration points that deliver immediate value. Security teams should map existing detection rules, response playbooks, and escalation procedures to understand where data context enhancement provides the greatest operational impact. Integration planning must consider API compatibility, data format requirements, and workflow dependencies to ensure seamless information flow between platforms. Pilot implementations should focus on high-value use cases that demonstrate clear return on investment while minimizing operational disruption. Organizations typically achieve early success by enhancing insider threat detection workflows or automating compliance violation responses where data context provides obvious benefits. Gradual expansion allows security teams to refine integration approaches and build operational confidence before deploying comprehensive automation. ### Risk-Based Automation Framework Automation implementation requires a careful balance between operational efficiency and security oversight to prevent unintended consequences. High-confidence automation should focus on data protection actions with minimal business impact, such as access logging, backup verification, and monitoring enhancement. Medium-confidence scenarios like access revocation or network isolation require human approval workflows that incorporate DSPM context for informed decision-making. Security operations best practices include establishing clear automation boundaries based on data sensitivity levels and potential business impact. Customer production data requires more conservative automation approaches than development datasets, with escalation procedures that ensure appropriate oversight for critical business functions. Automation frameworks must include rollback procedures and manual override capabilities to maintain operational control during emergency situations. ### Continuous Intelligence Refinement DSPM implementation effectiveness improves through systematic refinement of data classification models and detection algorithms based on operational feedback. Security teams should establish regular review cycles that assess classification accuracy, false positive rates, and missed detection scenarios to identify improvement opportunities. Machine learning models require continuous training with validated datasets to maintain detection accuracy as data environments evolve. Performance metrics must balance automation efficiency with security effectiveness to ensure optimal resource allocation. Organizations should track mean time to detection, mean time to response, and remediation accuracy across different data types and threat scenarios. Regular assessment of compliance posture improvements and audit trail completeness demonstrates business value while identifying areas requiring additional focus or resource investment. ## How DSPM Enables XDR and SOAR FAQs ### What is multivector incident correlation? Multivector incident correlation is the advanced security practice of linking and analyzing security events across multiple attack vectors simultaneously, including endpoints, networks, cloud infrastructure, and data repositories. Security operations teams use this approach to identify sophisticated threats that span different infrastructure layers, enabling detection of coordinated attacks that might appear benign when viewed in isolation. DSPM enhances this correlation by providing data context that helps security analysts understand which incidents target high-value data assets, prioritizing response efforts based on actual business risk rather than individual alert severity. ### What is container data protection? Container data protection encompasses specialized security measures designed to safeguard sensitive data within containerized environments throughout the entire container lifecycle. Modern container security requires protecting data during image creation, runtime execution, and ephemeral storage operations while maintaining visibility into data flows between containers and external systems. ### What is compliance posture management? Compliance posture management is the continuous assessment, monitoring, and automated enforcement of regulatory compliance requirements across an organization's entire data estate. Security teams use compliance posture management to ensure adherence to regulations like GDPR, HIPAA, and PCI DSS through real-time monitoring of data handling practices, automatic identification of policy violations, and immediate remediation of compliance gaps. ### What is security data fabric? Security data fabric is an architectural approach that creates a unified, virtualized layer for collecting, correlating, and sharing security intelligence across disparate security tools and data sources in real-time. Modern security operations require seamless data flow between SIEM, XDR, SOAR, and specialized security tools to enable comprehensive threat detection and response capabilities. ### What is event-driven security automation? Event-driven security automation refers to automated security responses that trigger immediately when specific data events, conditions, or thresholds are detected, enabling rapid remediation without manual intervention. Security operations teams implement event-driven automation to respond to data exposures, access violations, or compliance breaches within seconds of detection, reducing the window of vulnerability for sensitive information. ### What is agentless data monitoring? Agentless data monitoring enables organizations to track and analyze sensitive data across distributed environments through API-based connections and cloud-native integrations rather than deploying software on individual systems. Security teams adopt this approach to achieve comprehensive data visibility while avoiding the operational burden of managing agents across thousands of endpoints and cloud resources. Modern agentless solutions connect directly to cloud service provider APIs, database management systems, and SaaS platforms to continuously scan for sensitive information, classify data according to regulatory requirements, and monitor access patterns without impacting system performance or requiring local software installation. Related content [Secure Your Data with Data Security Posture Management (DSPM) See how Cortex Cloud DSPM helps security teams identify, prioritize, and remediate risks in real time. By integrating AI-driven insights, automated compliance monitoring ...](https://www.paloaltonetworks.com/resources/datasheets/data-security-posture-management?ts=markdown) [DSPM: Do You Need It? Discover five predominant approaches to data security, along with use cases and applications for each data security approach.](https://www.paloaltonetworks.com/resources/datasheets/why-dspm?ts=markdown) [Securing the Data Landscape with DSPM and DDR Stay ahead of the data security risks. Learn how data security posture management (DSPM) with data detection and response (DDR) fills the security gaps to strengthen your security ...](https://www.paloaltonetworks.com/resources/guides/dspm-ddr-big-guide?ts=markdown) [The Buyer's Guide to DSPM and DDR Learn what to look for in a cloud data security provider and how DSPM and DDR can significantly enhance your organization's security posture.](https://www.paloaltonetworks.com/resources/guides/data-centric-dspm-ddr-buyers-guide?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=How%20DSPM%20Enables%20XDR%20and%20SOAR%20for%20Automated%2C%20Data-Centric%20Security&body=DSPM%20enhances%20XDR%20threat%20detection%20and%20SOAR%20automation%20with%20data%20context%2C%20enabling%20faster%20incident%20response%20and%20compliance%20through%20smart%20security%20operations.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/dspm-tools?ts=markdown) DSPM Tools: How to Evaluate and Select the Best Option [Next](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr?ts=markdown) What Is Data Detection and Response (DDR)? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language