[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [What Is Observability?](https://www.paloaltonetworks.com/cyberpedia/observability?ts=markdown) Table of Contents * [Google's Secure AI Framework (SAIF)](https://www.paloaltonetworks.com/cyberpedia/google-secure-ai-framework?ts=markdown) * [Google's Secure AI Framework Explained](https://www.paloaltonetworks.com/cyberpedia/google-secure-ai-framework#google?ts=markdown) * [SAIF's Key Pillars](https://www.paloaltonetworks.com/cyberpedia/google-secure-ai-framework#saif?ts=markdown) * [Secure AI Framework \& Integrated Lifecycle Security](https://www.paloaltonetworks.com/cyberpedia/google-secure-ai-framework#secure?ts=markdown) * [SAIF Challenges](https://www.paloaltonetworks.com/cyberpedia/google-secure-ai-framework#challenges?ts=markdown) * [Google's Secure AI Framework FAQs](https://www.paloaltonetworks.com/cyberpedia/google-secure-ai-framework#faqs?ts=markdown) * [MITRE's Sensible Regulatory Framework for AI Security](https://www.paloaltonetworks.com/cyberpedia/mitre-sensible-regulatory-framework-atlas-matrix?ts=markdown) * [MITRE's Sensible Regulatory Framework for AI Security Explained](https://www.paloaltonetworks.com/cyberpedia/mitre-sensible-regulatory-framework-atlas-matrix#mitre?ts=markdown) * [Risk-Based Regulation and Sensible Policy Design](https://www.paloaltonetworks.com/cyberpedia/mitre-sensible-regulatory-framework-atlas-matrix#risk?ts=markdown) * [Collaborative Efforts in Shaping AI Security Regulations](https://www.paloaltonetworks.com/cyberpedia/mitre-sensible-regulatory-framework-atlas-matrix#collaborative?ts=markdown) * [Introducing the ATLAS Matrix: A Tool for AI Threat Identification](https://www.paloaltonetworks.com/cyberpedia/mitre-sensible-regulatory-framework-atlas-matrix#introducing?ts=markdown) * [MITRE's Comprehensive Approach to AI Security Risk Management](https://www.paloaltonetworks.com/cyberpedia/mitre-sensible-regulatory-framework-atlas-matrix#management?ts=markdown) * [MITRE's Sensible Regulatory Framework for AI Security FAQs](https://www.paloaltonetworks.com/cyberpedia/mitre-sensible-regulatory-framework-atlas-matrix#faqs?ts=markdown) * [AI Risk Management Framework](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework?ts=markdown) * [AI Risk Management Framework Explained](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#ai?ts=markdown) * [Risks Associated with AI](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#risks?ts=markdown) * [Key Elements of AI Risk Management Frameworks](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#key?ts=markdown) * [Major AI Risk Management Frameworks](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#major?ts=markdown) * [Comparison of Risk Frameworks](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#comparison?ts=markdown) * [Challenges Implementing the AI Risk Management Framework](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#challenges?ts=markdown) * [Integrated AI Risk Management](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#integrated?ts=markdown) * [The AI Risk Management Framework: Case Studies](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#the?ts=markdown) * [AI Risk Management Framework FAQs](https://www.paloaltonetworks.com/cyberpedia/ai-risk-management-framework#faqs?ts=markdown) * [What Is Explainability?](https://www.paloaltonetworks.com/cyberpedia/ai-explainability?ts=markdown) * [Explainability Defined](https://www.paloaltonetworks.com/cyberpedia/ai-explainability#explainability?ts=markdown) * [Why Explainability Matters](https://www.paloaltonetworks.com/cyberpedia/ai-explainability#why?ts=markdown) * [Explainability Vs. Interpretability](https://www.paloaltonetworks.com/cyberpedia/ai-explainability#vs?ts=markdown) * [Explainability and Adversarial Attacks](https://www.paloaltonetworks.com/cyberpedia/ai-explainability#attacks?ts=markdown) * [Explainable AI: From Theory to Practice](https://www.paloaltonetworks.com/cyberpedia/ai-explainability#practice?ts=markdown) * [Explainability FAQs](https://www.paloaltonetworks.com/cyberpedia/ai-explainability#faqs?ts=markdown) * [IEEE Ethically Aligned Design](https://www.paloaltonetworks.com/cyberpedia/ieee-ethically-aligned-design?ts=markdown) * [IEEE Ethically Aligned Design Explained](https://www.paloaltonetworks.com/cyberpedia/ieee-ethically-aligned-design#ieee?ts=markdown) * [Key Areas of the IEEE EAD;](https://www.paloaltonetworks.com/cyberpedia/ieee-ethically-aligned-design#key?ts=markdown) * [Challenges and Ongoing Evolution of the EAD](https://www.paloaltonetworks.com/cyberpedia/ieee-ethically-aligned-design#challenges?ts=markdown) * [IEEE Ethically Aligned Design FAQs](https://www.paloaltonetworks.com/cyberpedia/ieee-ethically-aligned-design#faqs?ts=markdown) * What Is Observability? * [Observability Explained](https://www.paloaltonetworks.com/cyberpedia/observability#explained?ts=markdown) * [Observability Data Types](https://www.paloaltonetworks.com/cyberpedia/observability#types?ts=markdown) * [Observability Tools for Cloud Security](https://www.paloaltonetworks.com/cyberpedia/observability#tools?ts=markdown) * [Observability FAQs](https://www.paloaltonetworks.com/cyberpedia/observability#faqs?ts=markdown) * [NIST AI Risk Management Framework (AI RMF)](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework?ts=markdown) * [NIST AI Risk Management Framework (AI RMF) Explained](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework#nist?ts=markdown) * [Fundamental Functions of NIST AI RMF](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework#fundamental?ts=markdown) * [Socio-Technical Approach](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework#socio?ts=markdown) * [Flexibility](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework#flexibility?ts=markdown) * [NIST Implementation](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework#implementation?ts=markdown) * [NIST AI RMF Limitations](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework#limitations?ts=markdown) * [NIST AI Risk Management Framework FAQs](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework#faqs?ts=markdown) # What Is Observability? 5 min. read [Interactive: LLM Security Risks](https://www.paloaltonetworks.com/resources/infographics/llm-applications-owasp-10?ts=markdown) Table of Contents * * [Observability Explained](https://www.paloaltonetworks.com/cyberpedia/observability#explained?ts=markdown) * [Observability Data Types](https://www.paloaltonetworks.com/cyberpedia/observability#types?ts=markdown) * [Observability Tools for Cloud Security](https://www.paloaltonetworks.com/cyberpedia/observability#tools?ts=markdown) * [Observability FAQs](https://www.paloaltonetworks.com/cyberpedia/observability#faqs?ts=markdown) 1. Observability Explained * * [Observability Explained](https://www.paloaltonetworks.com/cyberpedia/observability#explained?ts=markdown) * [Observability Data Types](https://www.paloaltonetworks.com/cyberpedia/observability#types?ts=markdown) * [Observability Tools for Cloud Security](https://www.paloaltonetworks.com/cyberpedia/observability#tools?ts=markdown) * [Observability FAQs](https://www.paloaltonetworks.com/cyberpedia/observability#faqs?ts=markdown) Observability in the context of cloud security refers to the comprehensive visibility and understanding of the internal state and behaviors of a cloud environment. It involves the ability to monitor, analyze, and gain insights into the performance, interactions, and dependencies of components within the cloud infrastructure. Observability encompasses the collection and analysis of telemetry data, logs, and metrics to facilitate troubleshooting, performance optimization, and security incident response. By fostering a deep understanding of cloud system behaviors and operational activities, observability enables organizations to effectively manage and secure complex cloud environments, identify potential security threats, and ensure operational reliability and resilience. ## Observability Explained Observability is a multifaceted approach to understanding and diagnosing the internal state of a system by analyzing its external outputs. It extends beyond traditional monitoring to provide a granular view into the performance, health, and behavior of applications, especially in distributed systems like [microservices](https://www.paloaltonetworks.com/cyberpedia/what-are-microservices?ts=markdown). Observability is grounded in three pillars: metrics, logs, and traces. Metrics are numerical representations of data over time, providing aggregated information about the system's performance, such as CPU usage, memory consumption, and request rates. They enable operators to track system health and performance trends, setting the stage for automated alerting and scaling. Logs are immutable records of discrete events that occur within a system. They offer rich, context-specific data, enabling developers to understand the sequence of actions leading to a state change or an error. Logs are invaluable for debugging and postmortem analysis. Traces capture the journey of a request as it traverses through a distributed system. They provide visibility into the flow across services, latency contributions from various components, and the overall user experience. Tracing allows pinpointing bottlenecks and optimizing performance. Together, these pillars allow teams to proactively detect issues, diagnose root causes, and optimize the system's performance. Observability tools often leverage advanced data analytics and visualization techniques to help teams interpret this data and react swiftly to dynamic operational states. In cloud-native environments, observability is crucial for managing the complexity and dynamism of highly distributed, scalable systems. ## Observability Data Types Observability in cloud security relies heavily on the integration of data types from diverse sources. ### Logs Logs provide chronological records of events within a cloud system, crucial for debugging and post-incident analysis. They capture detailed information about system behavior, user operations, and changes, offering context to the state of the system at any given moment. Security teams analyze logs to uncover patterns indicative of malicious activity, audit compliance with policies, and verify system integrity. By aggregating logs across multiple cloud services, organizations gain a comprehensive view of their security landscape, enabling them to trace the root cause of issues and respond effectively to incidents. ### Metrics Metrics reflect the security state of the cloud environment. They offer a high-level overview of the operational state by tracking resource utilization, response times, and throughput, among other data points. Security teams use metrics to establish baselines, detect deviations signaling potential security threats, and measure the effectiveness of security controls. Metrics also play a key role in automating scaling and alerting mechanisms, allowing for preemptive action to maintain system reliability and security posture in cloud environments. * **Authentication Metrics:** Failed login attempts, multifactor authentication (MFA) usage, and credential validation times. * **Network Metrics:** Traffic volumes, connection rates, and rejected connections by firewalls or intrusion prevention systems. * **Performance Metrics:** Resource utilization such as CPU, memory usage, and disk I/O, which could signify a potential breach or DDoS attack. * **Compliance Metrics:** Measurements against compliance standards, indicating the posture of systems relative to industry regulations. * **Anomaly Detection Metrics:** Deviations from baseline behavior in user activities or system operations that could signal a security incident. * **Threat Intelligence Metrics:** Data from external feeds on new vulnerabilities, including the presence of known malicious IPs or domains communicating with the system. * **Incident Response Metrics:** Time to detect, respond, and recover from security incidents, crucial for evaluating the effectiveness of the security operations center (SOC). * **Endpoint Security Metrics:** Endpoint protection status, including updates, incident detections, and remediation activities. * **Change Management Metrics:** Frequency and types of changes within the environment, as unauthorized changes can indicate security issues. * **Access Control Metrics:** Usage of permissions, role assignments, and policy violations, important for ensuring least privilege and identifying potential abuse. From these metrics, security teams receive actionable insights that allow them to maintain situational awareness, detect threats promptly, and ensure the integrity and availability of cloud services. ### Traces Traces document the journey of requests as they propagate through cloud services, mapping the interactions and latency between [microservices](https://www.paloaltonetworks.com/cyberpedia/what-are-microservices?ts=markdown). They are essential for diagnosing performance bottlenecks and identifying security vulnerabilities that may arise during interservice communication. In security, traces help organizations to understand the impact and extent of a [data breach](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) by revealing the paths attackers took and the data they accessed. Implementing distributed tracing allows teams to optimize service performance and enhance security monitoring in complex cloud architectures. ### Events Events signal noteworthy occurrences within cloud environments that may affect system performance or security. They trigger alerts when predefined conditions are met, such as potential security breaches, system outages, or resource saturation. Events guide immediate attention to critical issues and facilitate automated responses to potential threats. Correlating events from various sources provides security teams with a dynamic view of the environment, enabling them to respond to threats in real time and maintain continuous [compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown) with security policies. Effective observability in [cloud security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-security?ts=markdown) also involves employing advanced analytical tools, such as [machine learning](https://www.paloaltonetworks.com/cyberpedia/machine-learning-ml?ts=markdown) and behavioral analytics, to detect unusual patterns indicative of security threats or breaches. This proactive stance allows security teams to move beyond reactive measures and into a more anticipatory security model. ## Observability Tools for Cloud Security Observability tools are integral to gaining a precise understanding of the security and operational status of cloud infrastructures. These tools collect, aggregate, and analyze data across various layers of the cloud stack, from the underlying infrastructure to the applications running atop it. They provide the insights necessary for detecting anomalies, monitoring threats, and ensuring compliance with security policies. As cloud environments become increasingly complex and dynamic, reliance on observability tools to respond swiftly to incidents and optimize the performance and reliability of cloud services becomes increasingly pronounced. ### Security Information and Event Management (SIEM) SIEM technology aggregates and analyzes activity from multiple resources across cloud environments to detect abnormal behavior, track security incidents, and issue alerts. It correlates security data and event logs, facilitating rapid identification of malicious or unauthorized activities. SIEM platforms provide dashboards for real-time security monitoring, incident management features for response coordination, and reporting tools for compliance. These systems are essential for observability as they enable security teams to maintain situational awareness and conduct forensic analysis, thereby strengthening an organization's security posture. ### Cloud Security Posture Management (CSPM) [CSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown) tools continuously assess and manage the security posture of cloud environments, automating the detection of misconfigurations and noncompliance with security standards. They provide visibility into cloud resources, identify gaps in security policies, and offer remediation guidance. By monitoring configurations and comparing them against industry best practices, CSPM tools help prevent data breaches and ensure cloud services are securely configured. Their role in observability is to deliver actionable insights that enhance the security and compliance of cloud infrastructures. ### Data Security Posture Management (DSPM) [DSPM solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) focus on protecting [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) within cloud environments. They classify and monitor data assets, detect risky exposures, and automate remediation of vulnerabilities such as open databases or improper access permissions. By [applying data-centric security](https://www.paloaltonetworks.com/cyberpedia/data-centric-security?ts=markdown) policies, DSPM tools enable organizations to observe and control how data is accessed and shared, ensuring adherence to data protection regulations. Their observability function is critical for securing data throughout its lifecycle in the cloud, mitigating the risk of [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) and loss. ***Related Article:** [Why You Need Data Security Posture Management](https://www.paloaltonetworks.com/cyberpedia/data-security-posture-management-why-dspm?ts=markdown)* ### AI Security Posture Management (AI-SPM) [AI-SPM](https://www.paloaltonetworks.com/cyberpedia/ai-security-posture-management-aispm?ts=markdown) leverages [artificial intelligence](https://www.paloaltonetworks.com/cyberpedia/artificial-intelligence-ai?ts=markdown) to enhance the monitoring and management of cloud security postures. It autonomously identifies and reacts to security risks by learning normal behavior patterns and detecting deviations in real time. AI-SPM tools analyze vast amounts of security data to anticipate and mitigate potential threats before they escalate. They optimize security settings, reduce false positives, and provide predictive insights, enabling proactive defense mechanisms that adapt to the ever-evolving cloud security landscape. ### Cloud-Native Application Protections Platform (CNAPP) [CNAPP](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-application-protection-platform?ts=markdown) safeguard applications throughout their lifecycle in cloud-native environments, including development, deployment, and runtime. CNAPPs integrate security into the [CI/CD pipeline](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown), enforce policy as code, and provide runtime protection. They observe and secure container orchestration, manage network traffic flow, and implement [microsegmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-microsegmentation?ts=markdown) to prevent lateral movement of threats. CNAPPs --- which often incorporate CSPM, DSPM, and AI-SPM --- are instrumental in realizing full-stack observability, ensuring that both the application's performance and security are maintained across distributed and dynamic [cloud-native ecosystems](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-native?ts=markdown). ### Endpoint Detection and Response (EDR) Platforms [Endpoint Detection and Response platforms](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection-and-response-edr?ts=markdown) are critical for detecting and investigating security threats on endpoints. EDR platforms continuously collect and analyze endpoint data, enabling detection of malicious activities and forensic analysis. They facilitate immediate response to contain and remediate threats, often automating these processes. With the visibility EDR platforms provide into endpoint security, organizations can swiftly adapt their defenses, ensuring that endpoint vulnerabilities are addressed, and threat actors are thwarted in their tracks. ## Observability FAQs ### What is cloud-native visibility? Cloud-native visibility encompasses the ability to monitor and understand the state of cloud-native technologies like containers, microservices, and serverless functions. It provides insights into the architecture's operational aspects and security posture by tracking deployments, network traffic, and user activities. Cloud-native visibility is crucial for identifying misconfigurations, vulnerabilities, and ensuring that the dynamic, distributed nature of cloud-native applications remains secure and compliant. ### What is cloud monitoring? Cloud monitoring involves the continuous evaluation of cloud-based infrastructure and services to ensure optimal performance and security. It encompasses tracking resource utilization, operational health, and traffic patterns, which enables organizations to detect performance issues, optimize resource allocation, and respond to potential security incidents promptly. Effective cloud monitoring employs a combination of automated tools to gather and analyze metrics and logs, ensuring the availability and reliability of cloud services and applications. ### What is security telemetry? Security telemetry is the process of collecting and analyzing detailed data generated by network devices, security systems, and applications. It provides granular information about the security events within an environment, enabling teams to detect, investigate, and respond to potential threats. Telemetry data includes logs, packet captures, system metrics, and endpoint data, which are vital for understanding attack vectors, threat patterns, and the effectiveness of security controls. ### What is log analytics? Log analytics refers to the examination and interpretation of machine-generated log files to uncover insights into application behavior, system performance, and security incidents. It uses sophisticated algorithms and analytics to parse, aggregate, and visualize log data, allowing for real-time security monitoring, historical analysis, and predictive modeling. Log analytics is a cornerstone of observability, providing context for troubleshooting issues and enhancing the security of cloud environments. ### What is threat intelligence? [Threat intelligence](https://www.paloaltonetworks.com/cyberpedia/cyber-threat-intelligence?ts=markdown) entails gathering and analyzing information about current and potential threats to an organization's cyber environment. It helps identify emerging threats, understand attack methodologies, and prioritize security responses based on the severity and credibility of the identified threats. Threat intelligence sources include feeds, reports, and databases detailing threat actors, malware indicators, and vulnerabilities, which are crucial for proactive security measures and strategic planning. ### What is anomaly detection? Anomaly detection in cloud security identifies unusual behavior that deviates from established patterns within a cloud environment. It relies on machine learning and statistical modeling to discern irregularities in user actions, network traffic, or application performance that may signify a security breach or system malfunction. Anomaly detection systems are essential for early threat recognition, minimizing the impact of incidents by triggering alerts for further investigation and response. ### What is behavioral analytics? Behavioral analytics applies machine learning to user and entity behavior data to identify anomalies that could indicate security threats within cloud environments. It profiles normal user activities and detects deviations, such as unusual login times or data access patterns, that may suggest a compromised account or insider threat. Behavioral analytics allow security teams to proactively address risks by identifying malicious actions that signature-based tools might miss. ### What are access patterns? Access patterns refer to the typical ways users and systems interact with data and resources in a cloud environment. Monitoring these patterns helps in detecting security anomalies and ensuring that access controls are effective. Analyzing access patterns also aids in optimizing resource allocation and understanding user behavior, which is essential for maintaining a secure and efficient cloud infrastructure. ### What is compliance tracking? Compliance tracking ensures that cloud environments adhere to regulatory standards and internal policies. It involves continuous monitoring and documenting of security controls, data handling practices, and access management to verify compliance with laws such as [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown), and industry frameworks like [NIST](https://www.paloaltonetworks.com/cyberpedia/nist?ts=markdown). Compliance tracking tools highlight deviations and facilitate reporting, aiding organizations in maintaining transparency and avoiding penalties for noncompliance. ### What are performance baselines? Performance baselines establish a standard for normal operational performance within a cloud environment. They are derived from historical data on resource usage, response times, and throughput during regular operation. Baselines are vital for anomaly detection and capacity planning, as they provide a reference point against which current performance can be compared to identify significant deviations that may indicate security incidents or configuration issues. ### What is forensic analysis? Forensic analysis in cloud security is the meticulous investigation of cyber incidents to uncover the source, method, and impact of an attack. Specialists gather digital evidence, such as logs, metadata, and user activities, to reconstruct events. They analyze this data to identify the perpetrators, the exploited vulnerabilities, and the [data breach's extent](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown). The insights from forensic analysis guide the strengthening of security measures and the development of strategies to prevent future incidents. ### What is encryption tracking? Encryption tracking involves monitoring the use and effectiveness of encryption across cloud services and data stores to secure sensitive data and ensure privacy. It ensures that encryption standards are maintained, keys are managed securely, and compliance with data protection regulations is upheld. Encryption tracking is vital for preventing unauthorized data access and mitigating the risk of data breaches in the cloud. ### What is automated remediation? Automated remediation employs software to instantly respond to and correct detected security issues in cloud environments. It leverages predefined rules and machine learning to assess threats and execute actions like patching vulnerabilities, isolating infected systems, and revoking compromised credentials. Automated remediation reduces the window of exposure to attacks by promptly addressing security weaknesses, often without the need for human intervention. Related content [The State of Cloud Data Security Gain insights on the best ways to secure sensitive data in your cloud environments based on real-world research analyzing 13B+ files stored in public cloud environments.](https://www.paloaltonetworks.com/resources/research/data-security-2023-report?ts=markdown) [Defending Your AI Future with Prisma Cloud How do you embrace AI innovation while also keeping your clouds secure? Learn how to address AI-driven attacks and securely adopt AI to drive better business outcomes.](https://www.paloaltonetworks.com/resources/ebooks/defending-your-ai-future-with-prisma-cloud?ts=markdown) [DSPM: Do You Know You Need It? Discover five predominant approaches to data security, along with use cases and applications for each data security approach.](https://www.paloaltonetworks.com/resources/datasheets/why-dspm?ts=markdown) [The Definitive Guide to Container Security Get the ultimate guide to securing your containers, your essential resource for understanding, implementing, and mastering security in a containerized environment.](https://www.paloaltonetworks.com/resources/ebooks/container-security-definitive-guide?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Observability%3F&body=Observability%20in%20the%20cloud%20refers%20to%20full%20visibility%20and%20understanding%20of%20the%20internal%20state%20and%20behaviors%20of%20a%20cloud%20environment.%0D%0A%0D%0Aobservability%20refers%20to%20the%20capability%20to%20continuously%20monitor%2C%20analyze%2C%20and%20gain%20deep%20insights%20into%20the%20security%20posture%20of%20cloud-based%20infrastructure%20and%20services.%20It%20encompasses%20the%20collection%2C%20correlation%2C%20and%20interpretation%20of%20security-related%20data%20points%20%E2%80%94%20such%20as%20network%20traffic%2C%20access%20logs%2C%20configuration%20changes%2C%20and%20user%20activities%20%E2%80%94%20to%20identify%20potential%20security%20threats%20and%20vulnerabilities%20within%20the%20cloud%20environment.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/observability) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/ieee-ethically-aligned-design?ts=markdown) IEEE Ethically Aligned Design [Next](https://www.paloaltonetworks.com/cyberpedia/nist-ai-risk-management-framework?ts=markdown) NIST AI Risk Management Framework (AI RMF) {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language