[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [CI CD Security](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security?ts=markdown) 4. [What Is Insufficient Credential Hygiene?](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6?ts=markdown) Table of Contents * [What Is CI/CD Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security?ts=markdown) * [CI/CD Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security#security?ts=markdown) * [Why CI/CD Security Is Critical](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security#critical?ts=markdown) * [CI/CD Security Threats](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security#threats?ts=markdown) * [Securing the CI/CD Pipeline](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security#securing?ts=markdown) * [CI/CD Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security#practices?ts=markdown) * [CI/CD Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security#faqs?ts=markdown) * [What Is Insecure System Configuration?](https://www.paloaltonetworks.com/cyberpedia/insecure-system-configuration-cicd-sec7?ts=markdown) * [CICD-SEC-7: Insecure System Configuration Explained](https://www.paloaltonetworks.com/cyberpedia/insecure-system-configuration-cicd-sec7#insecure?ts=markdown) * [Importance of Secure System Configuration in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insecure-system-configuration-cicd-sec7#importance?ts=markdown) * [Preventing Insecure System Configuration in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insecure-system-configuration-cicd-sec7#preventing?ts=markdown) * [Industry Standards for System Configuration Security](https://www.paloaltonetworks.com/cyberpedia/insecure-system-configuration-cicd-sec7#standards?ts=markdown) * [Insecure System Configuration FAQs](https://www.paloaltonetworks.com/cyberpedia/insecure-system-configuration-cicd-sec7#faqs?ts=markdown) * [What Is Shift Left Security?](https://www.paloaltonetworks.com/cyberpedia/shift-left-security?ts=markdown) * [Shift Left Security: A Developer-Centric Reality Check](https://www.paloaltonetworks.com/cyberpedia/shift-left-security#shift?ts=markdown) * [Core Principles of Shift Left Security](https://www.paloaltonetworks.com/cyberpedia/shift-left-security#core?ts=markdown) * [What Shift Left Looks Like in Practice](https://www.paloaltonetworks.com/cyberpedia/shift-left-security#practice?ts=markdown) * [What Secure Looks Like Now](https://www.paloaltonetworks.com/cyberpedia/shift-left-security#secure?ts=markdown) * [Shift Left Security FAQS](https://www.paloaltonetworks.com/cyberpedia/shift-left-security#faqs?ts=markdown) * [What Is DevOps?](https://www.paloaltonetworks.com/cyberpedia/what-is-devops?ts=markdown) * [DevOps Is Not](https://www.paloaltonetworks.com/cyberpedia/what-is-devops#devops?ts=markdown) * [DevOps Defined](https://www.paloaltonetworks.com/cyberpedia/what-is-devops#defined?ts=markdown) * [CI/CD Pipeline](https://www.paloaltonetworks.com/cyberpedia/what-is-devops#cicd?ts=markdown) * [DevOps and Security](https://www.paloaltonetworks.com/cyberpedia/what-is-devops#security?ts=markdown) * [DevOps FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-devops#faqs?ts=markdown) * [What Is Executive Order 14028?](https://www.paloaltonetworks.com/cyberpedia/executive-order-14028?ts=markdown) * [What's the Purpose of EO 14028?](https://www.paloaltonetworks.com/cyberpedia/executive-order-14028#what?ts=markdown) * [NIST's Responsibilities Under Executive Order 14028](https://www.paloaltonetworks.com/cyberpedia/executive-order-14028#nist?ts=markdown) * [A Platform Approach to Securing Software Development](https://www.paloaltonetworks.com/cyberpedia/executive-order-14028#platform?ts=markdown) * [Tracing Vulnerabilities Through SBOMs](https://www.paloaltonetworks.com/cyberpedia/executive-order-14028#tracing?ts=markdown) * [Improving Software Supply Chain Security](https://www.paloaltonetworks.com/cyberpedia/executive-order-14028#improving?ts=markdown) * [Federal EO 14028 FAQs](https://www.paloaltonetworks.com/cyberpedia/executive-order-14028#faqs?ts=markdown) * [What Is Cloud Software Supply Chain Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-software-supply-chain-security?ts=markdown) * [What is DevSecOps?](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops?ts=markdown) * [What is DevSecOps?](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops#what?ts=markdown) * [DevSecOps vs DevOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops#devsecops?ts=markdown) * [Why DevSecOps Practices Are Important](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops#why?ts=markdown) * [Five Guidelines to DevSecOps Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops#five?ts=markdown) * [Finding the Best DevSecOps Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops#finding?ts=markdown) * [The Best of DevSecOps: Trends in Cloud Native Security Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops#the?ts=markdown) * [DevSecOps FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops#faqs?ts=markdown) * [What Is Insufficient Flow Control Mechanisms?](https://www.paloaltonetworks.com/cyberpedia/insufficient-flow-control-mechanisms-cicd-sec1?ts=markdown) * [CICD-SEC-1: Insufficient Flow Control Mechanisms Explained](https://www.paloaltonetworks.com/cyberpedia/insufficient-flow-control-mechanisms-cicd-sec1#insufficient-flow-control-mechanism?ts=markdown) * [Importance of Robust Flow Control Mechanisms in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-flow-control-mechanisms-cicd-sec1#importance?ts=markdown) * [Preventing Insufficiency in Flow Control Mechanisms](https://www.paloaltonetworks.com/cyberpedia/insufficient-flow-control-mechanisms-cicd-sec1#preventing-insufficiency-in-flow-control-mechanism?ts=markdown) * [Best Practices to Ensure Sufficient Flow Control in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-flow-control-mechanisms-cicd-sec1#best-practices?ts=markdown) * [The Impact of New Technologies on Flow Control](https://www.paloaltonetworks.com/cyberpedia/insufficient-flow-control-mechanisms-cicd-sec1#impact?ts=markdown) * [Insufficient Flow Control Mechanisms FAQs](https://www.paloaltonetworks.com/cyberpedia/insufficient-flow-control-mechanisms-cicd-sec1#faq?ts=markdown) * [What Is Poisoned Pipeline Execution (PPE)?](https://www.paloaltonetworks.com/cyberpedia/poisoned-pipeline-execution-cicd-sec4?ts=markdown) * [CICD-SEC-4: Poisoned Pipeline Execution Explained](https://www.paloaltonetworks.com/cyberpedia/poisoned-pipeline-execution-cicd-sec4#pipeline?ts=markdown) * [Importance of Secure Pipeline Execution in CI/CD](https://www.paloaltonetworks.com/cyberpedia/poisoned-pipeline-execution-cicd-sec4#importance?ts=markdown) * [Preventing Poisoned Pipeline Execution](https://www.paloaltonetworks.com/cyberpedia/poisoned-pipeline-execution-cicd-sec4#poisoned?ts=markdown) * [Poisoned Pipeline Execution FAQs](https://www.paloaltonetworks.com/cyberpedia/poisoned-pipeline-execution-cicd-sec4#faqs?ts=markdown) * [What Is the CI/CD Pipeline?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown) * [CI/CD Pipeline Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#ci-cd-pipeline?ts=markdown) * [How CI/CD Works: A Day in the Life of the Pipeline](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#how-ci-cd-works?ts=markdown) * [Stages of a CI/CD Pipeline](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#stages-of-a-ci-cd-pipeline?ts=markdown) * [Types of CI/CD Pipelines](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#types-of-ci-cd-pipelines?ts=markdown) * [CI/CD in the Cloud](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#ci-cd-in-the-cloud?ts=markdown) * [CI/CD Pipeline Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#best-practices?ts=markdown) * [CI/CD Pipeline KPIs](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#ci-cd-pipeline-kpis?ts=markdown) * [CI/CD Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#ci-cd-tools?ts=markdown) * [Security in CI/CD](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#security-in-ci-cd?ts=markdown) * [CI/CD Trends on the Horizon](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#ci-cd-trends-on-the-horizon?ts=markdown) * [CI/CD Pipeline FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security#faq?ts=markdown) * [What Is Ungoverned Usage of Third-Party Services?](https://www.paloaltonetworks.com/cyberpedia/ungoverned-usage-third-party-services-cicd-sec8?ts=markdown) * [CICD-SEC-8: Ungoverned Usage of Third-Party Services Explained](https://www.paloaltonetworks.com/cyberpedia/ungoverned-usage-third-party-services-cicd-sec8#ungoverned?ts=markdown) * [Importance of Governing Third-Party Services in CI/CD](https://www.paloaltonetworks.com/cyberpedia/ungoverned-usage-third-party-services-cicd-sec8#importance?ts=markdown) * [Preventing Ungoverned Usage of Third-Party Services](https://www.paloaltonetworks.com/cyberpedia/ungoverned-usage-third-party-services-cicd-sec8#preventing?ts=markdown) * [Industry Standards for Governing Third-Party Services](https://www.paloaltonetworks.com/cyberpedia/ungoverned-usage-third-party-services-cicd-sec8#industry?ts=markdown) * [Ungoverned Usage of Third-Party Services FAQs](https://www.paloaltonetworks.com/cyberpedia/ungoverned-usage-third-party-services-cicd-sec8#faqs?ts=markdown) * [What Is Insufficient Pipeline-Based Access Controls?](https://www.paloaltonetworks.com/cyberpedia/pipeline-based-access-controls-cicd-sec5?ts=markdown) * [CICD-SEC-5: Insufficient Pipeline-Based Access Controls Explained](https://www.paloaltonetworks.com/cyberpedia/pipeline-based-access-controls-cicd-sec5#insufficient?ts=markdown) * [Importance of Pipeline-Based Access Controls in CI/CD](https://www.paloaltonetworks.com/cyberpedia/pipeline-based-access-controls-cicd-sec5#importance?ts=markdown) * [Preventing Insufficiency in Pipeline-Based Access Controls](https://www.paloaltonetworks.com/cyberpedia/pipeline-based-access-controls-cicd-sec5#preventing?ts=markdown) * [Industry Standards for Pipeline-Based Access Controls](https://www.paloaltonetworks.com/cyberpedia/pipeline-based-access-controls-cicd-sec5#industry?ts=markdown) * [Insufficient Pipeline-Based Access Controls FAQs](https://www.paloaltonetworks.com/cyberpedia/pipeline-based-access-controls-cicd-sec5#faqs?ts=markdown) * [What Is Insufficient Logging and Visibility?](https://www.paloaltonetworks.com/cyberpedia/insufficient-logging-visibility-cicd-sec10?ts=markdown) * [CICD-SEC-10: Insufficient Logging and Visibility Explained](https://www.paloaltonetworks.com/cyberpedia/insufficient-logging-visibility-cicd-sec10#insufficient?ts=markdown) * [Importance of Sufficient Logging and Visibility in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-logging-visibility-cicd-sec10#importance?ts=markdown) * [Preventing Insufficiency in Logging and Visibility](https://www.paloaltonetworks.com/cyberpedia/insufficient-logging-visibility-cicd-sec10#preventing?ts=markdown) * [Industry Standards for Logging and Visibility in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-logging-visibility-cicd-sec10#standards?ts=markdown) * [Insufficient Logging and Visibility FAQs](https://www.paloaltonetworks.com/cyberpedia/insufficient-logging-visibility-cicd-sec10#faqs?ts=markdown) * What Is Insufficient Credential Hygiene? * [CICD-SEC-6: Insufficient Credential Hygiene Explained](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#insufficient-credential-hygiene-explained?ts=markdown) * [Importance of Credential Hygiene in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#importance?ts=markdown) * [Preventing Insufficiency in Credential Hygiene](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#preventing?ts=markdown) * [Industry Standards for Credential Hygiene in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#industry-standards?ts=markdown) * [Insufficient Credential Hygiene FAQs](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#faq?ts=markdown) * [What Is Inadequate Identity and Access Management?](https://www.paloaltonetworks.com/cyberpedia/inadequate-iam-cicd-sec2?ts=markdown) * [CICD-SEC-2: Inadequate Identity and Access Management Explained](https://www.paloaltonetworks.com/cyberpedia/inadequate-iam-cicd-sec2#inadequate-identity?ts=markdown) * [Importance of Identity and Access Management in CI/CD](https://www.paloaltonetworks.com/cyberpedia/inadequate-iam-cicd-sec2#importance?ts=markdown) * [Preventing Inadequacy in Identity and Access Management](https://www.paloaltonetworks.com/cyberpedia/inadequate-iam-cicd-sec2#preventing-inadequacy?ts=markdown) * [Best Practices for IAM in CI/CD](https://www.paloaltonetworks.com/cyberpedia/inadequate-iam-cicd-sec2#best-practices?ts=markdown) * [Inadequate Identity and Access Management FAQs](https://www.paloaltonetworks.com/cyberpedia/inadequate-iam-cicd-sec2#faq?ts=markdown) * [What Is Improper Artifact Integrity Validation?](https://www.paloaltonetworks.com/cyberpedia/improper-artifact-integrity-validation-cicd-sec9?ts=markdown) * [CICD-SEC-9: Improper Artifact Integrity Validation Explained](https://www.paloaltonetworks.com/cyberpedia/improper-artifact-integrity-validation-cicd-sec9#artifact?ts=markdown) * [Importance of Artifact Integrity Validation in CI/CD](https://www.paloaltonetworks.com/cyberpedia/improper-artifact-integrity-validation-cicd-sec9#importance?ts=markdown) * [Preventing Improper Artifact Integrity Validation](https://www.paloaltonetworks.com/cyberpedia/improper-artifact-integrity-validation-cicd-sec9#improper?ts=markdown) * [Industry Practices to Promote Artifact Integrity in CI/CD](https://www.paloaltonetworks.com/cyberpedia/improper-artifact-integrity-validation-cicd-sec9#promote?ts=markdown) * [Improper Artifact Integrity Validation FAQs](https://www.paloaltonetworks.com/cyberpedia/improper-artifact-integrity-validation-cicd-sec9#faqs?ts=markdown) * [What Is Dependency Chain Abuse?](https://www.paloaltonetworks.com/cyberpedia/dependency-chain-abuse-cicd-sec3?ts=markdown) * [CICD-SEC-3: Dependency Chain Abuse Explained](https://www.paloaltonetworks.com/cyberpedia/dependency-chain-abuse-cicd-sec3#cicd-sec?ts=markdown) * [Importance of Secure Dependency Chains in CI/CD](https://www.paloaltonetworks.com/cyberpedia/dependency-chain-abuse-cicd-sec3#importance?ts=markdown) * [Identifying Signs of Dependency Chain Abuse](https://www.paloaltonetworks.com/cyberpedia/dependency-chain-abuse-cicd-sec3#identifying-signs?ts=markdown) * [Preventing Dependency Chain Abuse](https://www.paloaltonetworks.com/cyberpedia/dependency-chain-abuse-cicd-sec3#preventing?ts=markdown) * [Additional Practices for Dependency Chain Security](https://www.paloaltonetworks.com/cyberpedia/dependency-chain-abuse-cicd-sec3#additional-practices?ts=markdown) * [Dependency Chain Abuse FAQs](https://www.paloaltonetworks.com/cyberpedia/dependency-chain-abuse-cicd-sec3#faq?ts=markdown) * [Anatomy of a Cloud Supply Pipeline Attack](https://www.paloaltonetworks.com/cyberpedia/anatomy-ci-cd-pipeline-attack?ts=markdown) # What Is Insufficient Credential Hygiene? 5 min. read [AppSec's New Horizon: A Virtual Event](https://start.paloaltonetworks.com/appsecs-new-horizon-virtual-event.html) Table of Contents * * [CICD-SEC-6: Insufficient Credential Hygiene Explained](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#insufficient-credential-hygiene-explained?ts=markdown) * [Importance of Credential Hygiene in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#importance?ts=markdown) * [Preventing Insufficiency in Credential Hygiene](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#preventing?ts=markdown) * [Industry Standards for Credential Hygiene in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#industry-standards?ts=markdown) * [Insufficient Credential Hygiene FAQs](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#faq?ts=markdown) 1. CICD-SEC-6: Insufficient Credential Hygiene Explained * * [CICD-SEC-6: Insufficient Credential Hygiene Explained](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#insufficient-credential-hygiene-explained?ts=markdown) * [Importance of Credential Hygiene in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#importance?ts=markdown) * [Preventing Insufficiency in Credential Hygiene](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#preventing?ts=markdown) * [Industry Standards for Credential Hygiene in CI/CD](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#industry-standards?ts=markdown) * [Insufficient Credential Hygiene FAQs](https://www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6#faq?ts=markdown) Insufficient credential hygiene, listed as CICD-SEC-6 on the OWASP Top 10 CI/CD Security Risks, involves inadequate management and protection of credentials used in the [CI/CD pipeline](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown). Poor practices such as using hard-coded credentials, shared keys, and weak passwords give attackers easy access to CI/CD systems. Factors that contribute to insufficient credential hygiene in CI/CD include the lack of a formal process for managing credentials, which often leads to uncontrolled proliferation of access keys and passwords. Breaches resulting from this CI/CD security risk typically cause significant damage to organizations, particularly those in highly regulated industries. ## CICD-SEC-6: Insufficient Credential Hygiene Explained Insufficient credential hygiene refers to the risks associated with an attacker's ability to obtain and use secrets and tokens spread throughout the CI/CD pipeline due to oversights in access controls, insecure secret management, and overly permissive credentials. CI/CD environments consist of multiple systems that communicate and authenticate with each other. These interactions pose significant challenges in protecting credentials due to the diverse contexts in which credentials can exist: * Application credentials are used during runtime. * Pipelines use credentials to deploy infrastructure, artifacts, and apps to production. * Engineers use credentials in their testing environments and within their code and artifacts. The variety of contexts, combined with numerous methods and techniques for storing and using credentials, leads to a high likelihood of insecure credential usage practices. ### Oversights and Risk Factors **Code Containing Credentials Pushed to an SCM Repository Branch** Hard-coded credentials pushed to an SCM repository branch can occur by mistake or by intention, without understanding the risk. But once in the repository branch, the credentials are exposed to anyone with read access to it. Even if deleted from the branch, they continue to appear in the commit history, viewable by anyone with repository access. **Insecure Use of Credentials in Build and Deployment Processes** Credentials in build and deployment processes access code repositories, read from and write to artifact repositories, and deploy resources and artifacts to production environments. Given the number of pipelines and target systems they need access to, [DevOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devops?ts=markdown) teams need to know: * The context and use method of each set of credentials in use * Whether each pipeline has access only to the credentials needed to fulfill its purpose * Whether unreviewed code flowing through the pipeline has access to credentials * How credentials are called and injected to the build * Whether credentials are accessible only in runtime and only from the contexts that requires them **Credentials in Container Image Layers** Credentials required only for building the image can remain in one of the image layers, available to anyone who can download the image. **Credentials Printed to Console Output** Pipelines often print credentials to the console output, either deliberately or inadvertently. Such actions can expose credentials in cleartext within logs, making them accessible to anyone with access to the build results. These logs can potentially flow into log management systems, broadening their exposure. **Unrotated Credentials** Credentials, spread throughout the engineering ecosystem, are exposed to numerous employees and contractors. Failure to rotate credentials leads to an ever-increasing population of people and artifacts possessing valid credentials. Pipeline credentials, such as deploy keys, exemplify this issue. Often managed under the "if it isn't broken, don't fix it" principle, these credentials can remain unrotated for years. ### Credential Hygiene Defined Playing a critical role in [CI/CD security](https://www.paloaltonetworks.com/cyberpedia/what-is-ci-cd-security?ts=markdown), credential hygiene refers to the practices associated with managing and protecting authentication mechanisms, such as passwords, tokens, keys, and certificates used to control access to systems and resources. It involves secure credential creation, storage, usage, rotation, and retirement. In the context of CI/CD, maintaining superior credential hygiene helps prevent unauthorized access to development, testing, and production environments, ensuring the integrity and confidentiality of applications throughout their lifecycle. Effective credential hygiene consists of several components: * **Secure credential storage**: Credentials should be stored using encryption and secure secret management solutions. * **Credential rotation**: Regularly changing credentials minimizes the window of opportunity for an attacker to use compromised ones. * **Least-privileged access** : Granting [minimal necessary privileges](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown) for each user or process can limit potential damage if credentials are compromised. * **Audit logging**: Regular audits of credential use can help detect suspicious activities and ensure compliance with best practices. ### How Exploitation of CICD-SEC-6 Happens Attackers exploit insufficient credential hygiene by identifying exposed credentials and using them to infiltrate systems. For example, they might discover a container image with an exposed credential, either through manual inspection or automated scanning. Once found, they extract the credential, often using specialized tools that can retrieve information from container images. After extraction, the attacker validates the credential to ensure it's active, often from a compromised or disposable system to avoid detection. With a valid credential, the attacker gains access to the system or service. Depending on the permissions associated with the credential, they might access sensitive data, execute commands, or perform other malicious actions. If the credential provides limited access, the attacker might use it as a steppingstone to escalate privileges or move laterally within the network. This could involve exploiting system vulnerabilities, launching phishing attacks against other users, or finding additional credentials within the accessed system. Once the attacker has gained sufficient access, they begin exfiltrating customer data, intellectual property, or other sensitive information. They either store the data on a remote server controlled by the attacker or relocate it within the victim's network for later retrieval. To maintain access to the system, the attacker might create new accounts, install backdoors, or periodically refresh the exploited credential to prevent it from expiring. ## Importance of Credential Hygiene in CI/CD Attackers covet credentials. Promising access to valuable resources or the ability to deploy malicious code and artifacts, credentials quite literally give bad actors the keys to the kingdom. And all too often, engineering environments unwittingly provide attackers with ample opportunities to acquire credentials. ### Risks Associated with Insufficient Credential Hygiene Insufficient credential hygiene exposes an enterprise to significant risks involving sensitive systems, data breaches, and disruption of development and deployment process. Poor credential hygiene can also result in reputational damage and regulatory fines. **Case Study 1: Exposed Link to Reset Credentials and a Misconfig with Role Assignments Gives Hacker Admin Privileges** In May 2019, [Stack Overflow fell victim to a security breach](https://stackoverflow.blog/2021/01/25/a-deeper-dive-into-our-may-2019-security-incident/). An unidentified user exploited a loophole to gain unauthorized moderator and developer access across all Stack Exchange Network sites. Using a sophisticated approach --- initially probing the infrastructure and gradually escalating their privilege level --- the attacker accessed Stack Overflow's source code. Credentials had been obtained through site settings, which led to the breach that exposed the personal data of 184 users. Stack Overflow's response team quickly intervened, revoking privileges, suspending the account, and initiating an audit. This incident led to a significant overhaul of Stack Overflow's credential management and security practices. **Case Study 2: Samsung's Misconfigured GitLab Instance Leads to Unintentional Source Code Exposure** In 2019, Samsung's development lab inadvertently leaked sensitive source code, credentials, and secret keys for several internal projects, including its SmartThings platform. The leak occurred due to the misconfiguration of a GitLab instance hosted on a Samsung-owned domain, Vandev Lab. The projects were set to "public" without proper password protection, allowing anyone to access and download the source code. The exposed data included credentials for an entire AWS account, private GitLab tokens, and private certificates for Samsung's SmartThings' iOS and Android apps. **Case Study 3: A Tale of Stolen Credentials and Concealed Cyberattacks** In 2017, Uber disclosed a significant data breach involving its Amazon Web Services account. Two hackers obtained login credentials to access data stored on Uber's Amazon Web Services, leading to the exposure of 57 million customers' and drivers' personal data. Uber's security team discovered that the attackers used stolen GitHub credentials to access Uber's private code repository. The company faced criticism for concealing the breach, which led to significant reputational damage. ## Preventing Insufficiency in Credential Hygiene A substantial potential for human error, paired with knowledge gaps pertaining to secure credentials management and the concern of breaking processes due to credential rotation, expose high-value resources to compromise. But DevSecOps teams can reverse risk profiles by replacing weak habits with strategic recommendations: * Establish procedures to continuously map credentials found across the different systems in the engineering ecosystem --- from code to deployment. Ensure each set of credentials follows the [principle of least privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown) and has been granted the exact set of permissions needed by the service using it. * Avoid sharing the same set of credentials across multiple contexts. This increases the complexity of achieving the principle of least privilege as well as having a negative effect on accountability. * Prefer using temporary credentials over static credentials. In case static credentials need to be in use --- establish a procedure to periodically rotate all static credentials and detect stale credentials. * Configure usage of credentials to predetermined conditions only (like scoping to a specific source IP or identity) to ensure that, even in case of compromise, exfiltrated credentials can't be used outside your environment. * Detect secrets pushed to and stored on code repositories. Use controls such as an IDE plugin to identify secrets used in the local changes. Implement automatic scanning with each code push, along with periodic scans on the repository and its past commits. * Ensure secrets used in CI/CD systems are scoped in a manner that allows each pipeline and step access only to the secrets it requires. * Use built-in vendor options or third-party tools to prevent secrets from being printed to console outputs of future builds. Ensure all existing outputs do not contain secrets. * Verify that secrets are removed from any type of artifact --- layers of container images, binaries, Helm charts. ## Industry Standards for Credential Hygiene in CI/CD Industry standards guide organizations in maintaining robust credential hygiene. The National Institute of Standards and Technology (NIST) recommends practices like frequent credential rotation, utilizing strong, complex passwords, and adopting multifactor authentication. ISO 27001 also provides guidance on access control, including the secure management of passwords. ### Regularly Updating and Rotating Credentials In CI/CD environments, it's essential to regularly update and rotate credentials. Automated systems can help rotate credentials on a set schedule, reducing the risk of human error and ensuring consistent updates. ### Implementing Multifactor Authentication (MFA) MFA provides an additional layer of security by requiring more than one method of authentication to verify a user's identity. In a CI/CD pipeline, MFA can be implemented at various stages, such as during login or when making significant changes. Even if an attacker manages to compromise a password, without the second factor --- like a fingerprint, a hardware token, or a time-based one-time password --- they can't gain access. ### Auditing and Monitoring Access Continuous auditing and monitoring of access logs can help detect unusual activity, potentially identifying a breach in progress. Automated systems can alert to suspicious behavior, such as multiple failed login attempts, logins from unusual locations, or unusual times of activity. These systems can also help ensure compliance with access policies and identify when accounts might have been compromised. ### Avoiding Hardcoding of Credentials in Code Hardcoding credentials in code is a common mistake that can lead to unintentional credential leaks. Instead, use secure methods of storing credentials, such as environment variables or secure vaults. Automated tools can scan code for hard-coded credentials, helping to prevent them from making it into production. This practice not only improves security but also makes it easier to rotate credentials, as code won't need to be updated in the process. ### Tools and Techniques to Strengthen Credential Hygiene Modern tools can significantly enhance credential hygiene. Secrets management tools like HashiCorp Vault, CyberArk, and AWS Secrets Manager ensure secure storage and management of credentials. Additionally, credential management platforms provide features for automatic password rotation, auditing, and anomaly detection. It's also crucial to integrate these tools with the CI/CD pipeline to ensure secure deployment processes. ### Establishing Credential Hygiene Policies Organizations need to establish clear policies around credential hygiene, including the requirement for unique, complex passwords, regular password changes, and the avoidance of credential hardcoding. These policies should be regularly reviewed and updated in response to evolving threat landscapes. ### Role of Automated Testing in Ensuring Sufficient Credential Hygiene Automated testing is critical to maintaining adequate credential hygiene. Using static and dynamic analysis tools, organizations can automate the process of detecting weak or hard-coded credentials in the codebase. ### Implementation of Secure Coding Practices Developers need to adhere to secure coding practices to prevent credential-related security issues. This includes avoiding the hardcoding of credentials, utilizing environment variables or secure vaults for storing sensitive data, and regularly updating and rotating API keys and other credentials. Secure coding guidelines, paired with regular training, can help enforce these practices. ## Insufficient Credential Hygiene FAQs ### What are hard-coded credentials? Hard-coded credentials refer to embedding authentication data directly into the source code. The practice includes placing usernames, passwords, tokens, or API keys within the code to authenticate to databases, services, or systems. Though seen as a convenience, hardcoding poses a significant security risk. If the code is exposed or becomes accessible, hard-coded credentials become publicly visible and can lead to unauthorized access, data breaches, and other security incidents. Secure coding guidelines strongly encourage hardcoding alternatives, such as using environment variables, secure vaults, or configuration files. ### What is cleartext? Cleartext refers to data transmitted or stored in an unencrypted form. Because it's readable and understandable to anyone with access to it, sensitive data should be encrypted, both in transit and at rest. Unfortunately, cleartext simplifies data processing and debugging, which can tempt developers to forgo encryption and risk the consequences. ### How do plaintext and cleartext differ? Plaintext and cleartext are often used interchangeably, but their meanings differ slightly in terms of cryptography and [data security](https://www.paloaltonetworks.com/cyberpedia/what-is-data-security?ts=markdown). Plaintext usually refers to raw, readable data in its pre-encrypted form, whereas cleartext is used to describe data transmitted or stored without encryption. ### What is a key vault? A key vault is a secure cryptographic key storage service that allows users to manage and control their cryptographic keys. It provides secure secret storage and tightly controls access to secrets, ensuring only authorized entities can access them. Key vaults are often used in cloud environments to store keys and secrets used by cloud services and applications, providing a centralized and secure solution for key management. ### What is meant by scoping secrets? Scoping secrets refers to the practice of organizing and managing secrets within defined boundaries or "scopes" in a secrets management system. Each scope can contain multiple secrets, and access to these secrets is controlled at the scope level. This means that permissions are granted or denied to users or applications based on the specific secret scope they are trying to access. Scoping secrets is a critical practice in secure credential management as it allows for fine-grained access control, ensuring that users and applications only have access to the secrets they need, reducing the potential impact of a compromised account or secret. ### What is a secret scope? A secret scope in Databricks is akin to a safety box for storing secrets. It organizes secrets and manages access to them based on the permissions configured by the scope admin. Secrets can include database credentials and connection strings, SSH keys, API keys, passwords, and private certificates. In essence, a secret scope serves as a centralized storage unit for storing secrets. ### What is Databricks? Databricks is a unified data analytics platform designed to simplify the process of building big data and AI solutions. It provides a collaborative workspace where data scientists, data engineers, and business analysts can work together. Databricks integrates with various data storage platforms and provides a managed environment for running data processing frameworks like Apache Spark. It also supports machine learning and AI workflows, making it a comprehensive solution for complex data analytics tasks. ### How do secret scopes and Databricks relate? In Databricks, a secret scope is a construct used to store secrets used by Databricks notebooks and jobs to access external resources securely. Databricks allows the creation of two types of secret scopes: Azure Key Vault-backed and Databricks-backed secret scopes. Azure Key Vault-backed secret scopes are stored in an Azure Key Vault, while Databricks-backed secret scopes are stored in (and managed by) Databricks. By using secret scopes, Databricks users can avoid hardcoding sensitive information in notebooks or jobs, enhancing the security of their data operations. Access to these secret scopes can be controlled, ensuring that only authorized users or applications can access the stored secrets. ### What is public key infrastructure (PKI)? Public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. It's a framework for establishing trusted identities in a network. It uses asymmetric cryptography, involving a pair of keys --- a public key, which is disseminated widely, and a private key, which is kept secret by the user. The PKI validates the identities of entities and securely exchanges data in an untrusted environment like the internet. ### What is secrets management? Secrets management refers to the tools and methods for managing digital authentication credentials like API keys, passwords, and tokens. Secrets management solutions provide mechanisms for storing these secrets in encrypted formats and controlling access to them, often through access policies and audit logs. ### What is identity federation? Identity federation is a system of trust between various software applications and systems across multiple enterprises that share access credentials. It allows for improved credential management across different systems. ### What is a hardware security module (HSM)? A hardware security module (HSM) is a physical device that safeguards and manages digital keys for strong authentication. It provides a secure environment for encryption, decryption, and digital signing. Designed to be tamper-resistant, HSMs prevent unauthorized access or modification of the sensitive information they hold. ### What is a digital certificate? A digital certificate is an electronic document that uses a digital signature to bind a public key with an identity. The certificate includes information about the key, information about its owner's identity, and the digital signature of an entity that has verified the certificate's contents. Digital certificates are typically issued by a trusted third party, known as a certificate authority (CA), which guarantees the information contained within the certificate. Related Content [ASPM Buyer's Guide Gain a comprehensive framework for evaluating and choosing an ASPM solution that shifts your AppSec strategy from reactive to proactive.](https://start.paloaltonetworks.com/application-security-posture-management-buyers-guide.html) [Accelerate Secure Development with Prevention-First Application Security Posture Management (ASPM) Learn how Cortex Cloud's ASPM centralizes and correlates findings from disparate security scanning tools with complete context across code, application infrastructure, and cloud ru...](https://www.paloaltonetworks.com/resources/datasheets/application-security-posture-management-solution-brief?ts=markdown) [Introducing Cortex Cloud ASPM Cortex Cloud ASPM gives security and engineering teams the control to prevent exploitable risk early and respond with full context across the software lifecycle.](https://www.paloaltonetworks.com/blog/cloud-security/introducing-aspm-cortex-cloud/?ts=markdown) [AppSec's New Horizon Join this virtual event to get a practical, prevention-first blueprint --- backed by new Unit 42 research --- to modernize your AppSec strategy.](https://start.paloaltonetworks.com/appsecs-new-horizon-virtual-event.html) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Insufficient%20Credential%20Hygiene%3F&body=Insufficient%20credential%20hygiene%20is%20an%20OWASP%20risk%20that%20gives%20attackers%20access%20to%20CI%2FCD%20systems%20via%20hard-coded%20credentials%2C%20shared%20keys%2C%20and%20poor%20secrets%20management.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/insufficient-credential-hygiene-cicd-sec6) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/insufficient-logging-visibility-cicd-sec10?ts=markdown) What Is Insufficient Logging and Visibility? [Next](https://www.paloaltonetworks.com/cyberpedia/inadequate-iam-cicd-sec2?ts=markdown) What Is Inadequate Identity and Access Management? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language