[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [Data Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations?ts=markdown) 4. [What Is PCI DSS?](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown) Table of content * [What Is Cybersecurity Compliance?](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations?ts=markdown) * [Three Pillars of Cybersecurity Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#pillars?ts=markdown) * [Understanding Cybersecurity Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#understanding?ts=markdown) * [Key Security Compliance Frameworks and Regulations](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#key?ts=markdown) * [Building an Effective Cybersecurity Compliance Program](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#building?ts=markdown) * [The Future of Cybersecurity Compliance: AI and Emerging Trends](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#future?ts=markdown) * [Cybersecurity Compliance FAQs](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#faqs?ts=markdown) * [What Is Healthcare Cybersecurity?](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity?ts=markdown) * [Why Is Cybersecurity Important to Healthcare](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#important?ts=markdown) * [Elements of Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#elements?ts=markdown) * [HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#security?ts=markdown) * [Healthcare Data Breaches](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#breaches?ts=markdown) * [Healthcare Business Continuity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#business?ts=markdown) * [Protected Healthcare Information](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#healthcare?ts=markdown) * [Key Challenges in Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#challenges?ts=markdown) * [Healthcare Cybersecurity Strategies and Solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#strategies?ts=markdown) * [The Future of Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#future?ts=markdown) * [Healthcare Cybersecurity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#faqs?ts=markdown) * [What Is GDPR Compliance?](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown) * [What Is GDPR?](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#what?ts=markdown) * [GDPR \& Data Sovereignty](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#sovereignty?ts=markdown) * [Key Principles of the GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#key?ts=markdown) * [GDPR Requirements](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#gdpr?ts=markdown) * [GDPR FAQs](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#faqs?ts=markdown) * [What Is Personal Data?](https://www.paloaltonetworks.com/cyberpedia/personal-data?ts=markdown) * [Personal Data Explained](https://www.paloaltonetworks.com/cyberpedia/personal-data#personal?ts=markdown) * [Personal Data Across Various Legislations](https://www.paloaltonetworks.com/cyberpedia/personal-data#data?ts=markdown) * [Understanding Identifiability](https://www.paloaltonetworks.com/cyberpedia/personal-data#understanding?ts=markdown) * [Important Factors When Determining Personal Data](https://www.paloaltonetworks.com/cyberpedia/personal-data#important?ts=markdown) * [How Is Understanding Personal Data Beneficial?](https://www.paloaltonetworks.com/cyberpedia/personal-data#how?ts=markdown) * [Personal Data Security Tools](https://www.paloaltonetworks.com/cyberpedia/personal-data#tools?ts=markdown) * [Personal Data FAQs](https://www.paloaltonetworks.com/cyberpedia/personal-data#faqs?ts=markdown) * [What Is HIPAA?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown) * [Is Your Organization HIPAA Compliant?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#compliant?ts=markdown) * [Understanding HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#understanding?ts=markdown) * [What Is Protected Health Information (PHI)?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#protected?ts=markdown) * [HIPAA: Breach Notification](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#breach?ts=markdown) * [HIPAA Privacy Rule: The Standard of Minimum Necessary](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#privacy?ts=markdown) * [The Security Rule: Safeguarding Electronic Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#security?ts=markdown) * [OCR Audit Protocol](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#ocr?ts=markdown) * [HIPAA for Big Tech and Startups](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#big-tech?ts=markdown) * [HIPAA Compliance Tips for DevOps and AppSec Practitioners](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#devops?ts=markdown) * [HIPAA FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#faqs?ts=markdown) * [What Is Sensitive Data?](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) * [Sensitive Data Explained](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#sensitive?ts=markdown) * [Understanding the Types of Sensitive Data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#understanding?ts=markdown) * [Navigating the Landscape of Data Privacy Regulations](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#navigating?ts=markdown) * [Sensitive Data Protection: Best Practices](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#best-practices?ts=markdown) * [Sensitive Data FAQs](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#faqs?ts=markdown) * [What Is SOC 2 Compliance?](https://www.paloaltonetworks.com/cyberpedia/soc-2?ts=markdown) * [SOC 2 Explained](https://www.paloaltonetworks.com/cyberpedia/soc-2#soc?ts=markdown) * [Why SOC 2 Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/soc-2#why?ts=markdown) * [SOC 2 Requirements](https://www.paloaltonetworks.com/cyberpedia/soc-2#requirements?ts=markdown) * [Who Can Perform a SOC Audit?](https://www.paloaltonetworks.com/cyberpedia/soc-2#who?ts=markdown) * [SOC 2 Audit Checklist](https://www.paloaltonetworks.com/cyberpedia/soc-2#checklist?ts=markdown) * [SOC 1 Vs. SOC 2](https://www.paloaltonetworks.com/cyberpedia/soc-2#vs?ts=markdown) * [SOC 2 FAQs](https://www.paloaltonetworks.com/cyberpedia/soc-2#faqs?ts=markdown) * [What Is Healthcare Business Continuity?](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare?ts=markdown) * [Why Is Business Continuity Important to Healthcare?](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#important?ts=markdown) * [Potential Disruptions to Healthcare Organizations' Continuity](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#potential?ts=markdown) * [The Growing Threat of Ransomware in Healthcare](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#ransomware?ts=markdown) * [Why Healthcare Is a Prime Target for Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#target?ts=markdown) * [How Healthcare Business Continuity Directly Impacts Lives](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#healthcare?ts=markdown) * [Costs of Downtime in the Healthcare Sector](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#costs?ts=markdown) * [How to Ensure Business Continuity in Healthcare](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#business?ts=markdown) * [Benefits of Business Continuity Planning](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#planning?ts=markdown) * [Healthcare Business Continuity FAQs](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#faqs?ts=markdown) * [What Are HIPAA Security Rules?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules?ts=markdown) * [Why Is the HIPAA Security Rule Important?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#why?ts=markdown) * [Overview of the HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#overview?ts=markdown) * [HIPAA Security Rule Requirements](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#requirements?ts=markdown) * [The HIPAA Breach Notification Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#breach-notification-rule?ts=markdown) * [HIPAA Compliance and Enforcement](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#compliance-and-enforcement?ts=markdown) * [Best Practices for HIPAA Compliance](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#best-practices?ts=markdown) * [Potential Trends in HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#trends?ts=markdown) * [HIPAA Security Rule FAQs](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#faq?ts=markdown) * [What Is Protected Health Information (PHI)?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi?ts=markdown) * [Why Is Protected Health Information (PHI) Important?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#important?ts=markdown) * [Examples of Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#protected?ts=markdown) * [What Is ePHI?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#ephi?ts=markdown) * [Securing Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#securing?ts=markdown) * [What Is a PHI Breach?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#breach?ts=markdown) * [Evolving Landscape: Emerging Technologies and PHI Security](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#landscape?ts=markdown) * [Protected Health Information (PHI) FAQs](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#faqs?ts=markdown) * [What Is the California Consumer Privacy Act (CCPA)?](https://www.paloaltonetworks.com/cyberpedia/ccpa?ts=markdown) * [California Consumer Privacy Act (CCPA) Explained](https://www.paloaltonetworks.com/cyberpedia/ccpa#ccpa?ts=markdown) * [How Does the CCPA Define Personal Information?](https://www.paloaltonetworks.com/cyberpedia/ccpa#how?ts=markdown) * [CCPA Vs. GDPR](https://www.paloaltonetworks.com/cyberpedia/ccpa#compare?ts=markdown) * [Container Firewall FAQs](https://www.paloaltonetworks.com/cyberpedia/ccpa#faq?ts=markdown) * [An Overview of FedRAMP and Why You Should Care About It](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview?ts=markdown) * [Advantages of FedRAMP for Federal Agencies](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#advantages?ts=markdown) * [Other Parties That May Be Interested in FedRAMP](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#other?ts=markdown) * [More Information](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#more?ts=markdown) * [What Is Data Governance?](https://www.paloaltonetworks.com/cyberpedia/data-governance?ts=markdown) * [Data Governance Explained](https://www.paloaltonetworks.com/cyberpedia/data-governance#data?ts=markdown) * [Why Data Governance Matters](https://www.paloaltonetworks.com/cyberpedia/data-governance#why?ts=markdown) * [The Benefits of Data Governance](https://www.paloaltonetworks.com/cyberpedia/data-governance#benefits?ts=markdown) * [Enterprise Data Governance Challenges](https://www.paloaltonetworks.com/cyberpedia/data-governance#enterprise?ts=markdown) * [Cloud Data Governance Challenges](https://www.paloaltonetworks.com/cyberpedia/data-governance#cloud?ts=markdown) * [Data Governance Strategy](https://www.paloaltonetworks.com/cyberpedia/data-governance#data-governance?ts=markdown) * [Building a Strong Data Governance Framework](https://www.paloaltonetworks.com/cyberpedia/data-governance#building?ts=markdown) * [Data Governance Best Practices: Tips and Strategies](https://www.paloaltonetworks.com/cyberpedia/data-governance#best-practices?ts=markdown) * [Securing Data Access: The Importance of Data Access Governance](https://www.paloaltonetworks.com/cyberpedia/data-governance#securing?ts=markdown) * [Unlock the Full Potential of Your Data with Comprehensive Data Governance Capabilities](https://www.paloaltonetworks.com/cyberpedia/data-governance#unlock?ts=markdown) * [Data Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-governance#faqs?ts=markdown) * [What is the Difference between FISMA and FedRAMP?](https://www.paloaltonetworks.com/cyberpedia/difference-between-fisma-and-fedramp?ts=markdown) * [Simplified Healthcare Compliance and Risk Management with Prisma Cloud](https://www.paloaltonetworks.com/cyberpedia/simplified-healthcare-compliance-and-risk-management-with-prisma-cloud?ts=markdown) * [What Is Data Privacy?](https://www.paloaltonetworks.com/cyberpedia/data-privacy?ts=markdown) * [Data Privacy Explained](https://www.paloaltonetworks.com/cyberpedia/data-privacy#data?ts=markdown) * [Why Is Data Privacy Crucial for Businesses and Consumers?](https://www.paloaltonetworks.com/cyberpedia/data-privacy#why?ts=markdown) * [What Are the Use Cases for Data Privacy?](https://www.paloaltonetworks.com/cyberpedia/data-privacy#what?ts=markdown) * [‍Data Privacy FAQs](https://www.paloaltonetworks.com/cyberpedia/data-privacy#faqs?ts=markdown) * [How to Maintain AWS Compliance](https://www.paloaltonetworks.com/cyberpedia/how-to-maintain-aws-compliance?ts=markdown) * [What Is Data Compliance?](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown) * [Data Compliance Explained](https://www.paloaltonetworks.com/cyberpedia/data-compliance#data?ts=markdown) * [Why Is Data Compliance Important?](https://www.paloaltonetworks.com/cyberpedia/data-compliance#why?ts=markdown) * [Cloud Challenges Data Compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance#cloud?ts=markdown) * [Data Compliance Varies Across Industries](https://www.paloaltonetworks.com/cyberpedia/data-compliance#varies?ts=markdown) * [Meeting Data Compliance Standards](https://www.paloaltonetworks.com/cyberpedia/data-compliance#meeting?ts=markdown) * [Data Compliance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-compliance#faqs?ts=markdown) * [What Is NIST?](https://www.paloaltonetworks.com/cyberpedia/nist?ts=markdown) * [NIST Explained](https://www.paloaltonetworks.com/cyberpedia/nist#nist?ts=markdown) * [The NIST Secure Software Development Framework (SSDF)](https://www.paloaltonetworks.com/cyberpedia/nist#the?ts=markdown) * [What Do Nist Guidelines Cover?](https://www.paloaltonetworks.com/cyberpedia/nist#what?ts=markdown) * [CSF Vs. SSDF](https://www.paloaltonetworks.com/cyberpedia/nist#vs?ts=markdown) * [‍NIST FAQs](https://www.paloaltonetworks.com/cyberpedia/nist#faqs?ts=markdown) * [What Is Data Privacy Compliance?](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance?ts=markdown) * [Database Security in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#database?ts=markdown) * [Elements of Database Security](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#elements?ts=markdown) * [Database Security: 8 Best Practices](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#security?ts=markdown) * [Database Security FAQs](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#faqs?ts=markdown) * [How The Next-Generation Security Platform Contributes to GDPR Compliance](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance?ts=markdown) * [Data Breach Prevention](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#data?ts=markdown) * [Managing Security Processes Centrally](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#managing?ts=markdown) * [Preventing Data Exfiltration or Leakage](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#preventing?ts=markdown) * [Data Breach Notification](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#breach?ts=markdown) * What Is PCI DSS? * [PCI DSS Explained](https://www.paloaltonetworks.com/cyberpedia/pci-dss#pci?ts=markdown) * [Why PCI DSS Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/pci-dss#why?ts=markdown) * [PCI DSS Requirements](https://www.paloaltonetworks.com/cyberpedia/pci-dss#dss?ts=markdown) * [Technical Best Practices for PCI DSS Compliance](https://www.paloaltonetworks.com/cyberpedia/pci-dss#technical?ts=markdown) * [Preparing for a PCI DSS Assessment](https://www.paloaltonetworks.com/cyberpedia/pci-dss#preparing?ts=markdown) * [PCI DSS FAQs](https://www.paloaltonetworks.com/cyberpedia/pci-dss#faqs?ts=markdown) * [What Is PII?](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown) * [Personally Identifiable Information (PII) Explained](https://www.paloaltonetworks.com/cyberpedia/pii#personally?ts=markdown) * [Why Is PII Important?](https://www.paloaltonetworks.com/cyberpedia/pii#why?ts=markdown) * [PII Worldwide](https://www.paloaltonetworks.com/cyberpedia/pii#pii?ts=markdown) * [Personal Data Vs. PII](https://www.paloaltonetworks.com/cyberpedia/pii#vs?ts=markdown) * [PHI Vs. PII](https://www.paloaltonetworks.com/cyberpedia/pii#phi?ts=markdown) * [PII Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/pii#best?ts=markdown) * [PII FAQs](https://www.paloaltonetworks.com/cyberpedia/pii#faqs?ts=markdown) # What Is PCI DSS? 5 min. read Table of content * * [PCI DSS Explained](https://www.paloaltonetworks.com/cyberpedia/pci-dss#pci?ts=markdown) * [Why PCI DSS Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/pci-dss#why?ts=markdown) * [PCI DSS Requirements](https://www.paloaltonetworks.com/cyberpedia/pci-dss#dss?ts=markdown) * [Technical Best Practices for PCI DSS Compliance](https://www.paloaltonetworks.com/cyberpedia/pci-dss#technical?ts=markdown) * [Preparing for a PCI DSS Assessment](https://www.paloaltonetworks.com/cyberpedia/pci-dss#preparing?ts=markdown) * [PCI DSS FAQs](https://www.paloaltonetworks.com/cyberpedia/pci-dss#faqs?ts=markdown) 1. PCI DSS Explained * * [PCI DSS Explained](https://www.paloaltonetworks.com/cyberpedia/pci-dss#pci?ts=markdown) * [Why PCI DSS Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/pci-dss#why?ts=markdown) * [PCI DSS Requirements](https://www.paloaltonetworks.com/cyberpedia/pci-dss#dss?ts=markdown) * [Technical Best Practices for PCI DSS Compliance](https://www.paloaltonetworks.com/cyberpedia/pci-dss#technical?ts=markdown) * [Preparing for a PCI DSS Assessment](https://www.paloaltonetworks.com/cyberpedia/pci-dss#preparing?ts=markdown) * [PCI DSS FAQs](https://www.paloaltonetworks.com/cyberpedia/pci-dss#faqs?ts=markdown) The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard, designed to reduce payment card fraud by obligating organizations that process or store credit card information to secure their environments. To adhere to the PCI DSS, these organizations need to implement security controls related to personal financial data. The PCI DSS details requirements for protecting cardholder data, such as: * [Encrypting data](https://www.paloaltonetworks.com/cyberpedia/data-encryption?ts=markdown) transmitted over networks * Regularly testing and maintaining security systems * Implementing strict access controls to cardholder data In addition to technical measures, the PCI DSS also includes requirements for training and awareness programs for employees, as well as security policies and procedures to ensure that all employees understand their roles and responsibilities in maintaining a secure environment. Companies that fail to comply with the PCI DSS risk fines, loss of merchant accounts, and damage to their reputation. ## PCI DSS Explained The PCI DSS is designed to ensure that organizations processing, storing, or transmitting credit card information maintain a secure environment. Its requirements cover building and maintaining a secure network, protecting cardholder data, maintaining a vulnerability management program, implementing strong access control measures, regularly monitoring and testing networks, and maintaining an information security policy. By implementing these requirements, organizations safeguard [sensitive cardholder data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) and reduce the risk of [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) or fraud. PCI DSS is mandatory for all organizations that process, store, or transmit credit card information. Compliance with PCI DSS is required by major credit card brands, such as Visa, MasterCard, American Express, Discover, and JCB. Failure to comply with PCI DSS can lead to penalties, fines, increased transaction fees, or even the loss of the ability to process credit card transactions. The main objective of PCI DSS is to protect cardholder data and reduce the risk of data breaches or fraud in the payment card industry. ## Why PCI DSS Compliance Is Important PCI DSS compliance ensures that organizations dealing with credit card information maintain a secure environment, protect cardholder data, and minimize the risk of data breaches or fraud. ### Data Security Achieving PCI DSS compliance demonstrates that organizations have implemented security controls like encryption, secure storage, and secure data transmission to safeguard cardholder data. ### Risk Mitigation PCI DSS compliance ensures that organizations have established a proactive approach to identifying and addressing potential vulnerabilities and risks. This involves maintaining a [vulnerability management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) program, regularly monitoring and testing networks, and implementing strong access control measures, which collectively help to prevent security incidents and data breaches. [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) platforms support this proactive approach by providing visibility into data assets and security controls, helping organizations meet PCI DSS standards and avoid the significant penalties for noncompliance. ### Regulatory Compliance [Compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown) with PCI DSS is a requirement imposed by major credit card brands, such as Visa, MasterCard, American Express, Discover, and JCB. Failing to comply with PCI DSS can result in penalties, fines, increased transaction fees, or even the loss of the ability to process credit card transactions. Thus, maintaining PCI DSS compliance is essential for organizations to meet their regulatory obligations and avoid potential financial and reputational consequences. ### Customer Trust In today's digital economy, consumers expect organizations to protect their sensitive information, including credit card data. PCI DSS compliance is an indicator that the organization takes its responsibility to protect cardholder data seriously, building customer trust and confidence in the organization's ability to securely handle their financial transactions. ### Competitive Advantage Organizations that achieve and maintain PCI DSS compliance can gain a competitive advantage over their noncompliant counterparts. Compliance signals to customers, partners, and stakeholders that the organization is committed to maintaining a high level of security, which can help attract new business and enhance the organization's reputation in the marketplace. ### Business Continuity Compliance with PCI DSS helps ensure that organizations have implemented robust security controls and processes, which contribute to the overall resilience and continuity of the business. In the event of a security incident or data breach, organizations that are PCI DSS compliant are better prepared to respond, recover, and minimize the potential impact on their operations and reputation. ## PCI DSS Requirements PCI DSS comprises 12 requirements organized into six control objectives designed to ensure that all organizations that process, store, or transmit credit card information maintain a secure environment. By adhering to these requirements, organizations can ensure the security of cardholder data and maintain a secure environment. ### Build and Maintain a Secure Network and Systems **1.1 Install and maintain a firewall configuration to protect cardholder data.** * Establish and document firewall and router configuration standards. * Implement a formal process for approving and testing all external network connections. * Ensure that security policies and operational procedures for managing firewalls are documented and followed. **1.2 Do not use vendor-supplied defaults for system passwords and other security parameters.** * Change default passwords, remove unnecessary default accounts, and disable unnecessary services. * Implement security features for system components, such as encryption and strong authentication. * Maintain an inventory of system components and ensure proper configuration management. ### Protect Cardholder Data **2.1 Protect stored cardholder data.** * Limit the storage of sensitive cardholder data and follow data retention policies. * Encrypt cardholder data using strong cryptography techniques. * Implement proper key management procedures, including key storage and distribution. **2.2 Encrypt the transmission of cardholder data across open, public networks.** * Use strong encryption and secure protocols for transmitting cardholder data over public networks. * Do not send unencrypted sensitive information via end-user messaging technologies, such as email or instant messaging. ### Maintain a Vulnerability Management Program **3.1 Protect all systems against malware and regularly update antivirus software or programs.** * Deploy antivirus software on all systems commonly affected by malware. * Ensure that antivirus mechanisms are actively running and can't be disabled by users. * Regularly update antivirus signatures and perform periodic scans. **3.2 Develop and maintain secure systems and applications.** * Establish a process for identifying and assessing security vulnerabilities in system components. * Install security patches and updates in a timely manner. * Follow secure coding guidelines and implement a secure software development lifecycle (SDLC). ### Implement Strong Access Control Measures **4.1 Restrict access to cardholder data by business need-to-know.** * Implement role-based access controls and enforce the principle of least privilege. * Establish a process for granting and revoking access to cardholder data. * Document and communicate access control policies and procedures. **4.2 Identify and authenticate access to system components.** * Assign a unique ID to each person with access to system components. * Use strong authentication methods, such as complex passwords, multifactor authentication, or biometrics. * Implement proper password management practices, including periodic password changes and storage requirements. **4.3 Restrict physical access to cardholder data.** * Implement physical access controls to restrict unauthorized access to facilities and sensitive areas. * Maintain visitor logs and monitor access to restricted areas. * Properly dispose of media containing cardholder data, including shredding, degaussing, or secure deletion. ### Regularly Monitor and Test Networks **5.1 Track and monitor all access to network resources and cardholder data.** * Implement automated audit trails for all system components to record user activities. * Regularly review logs and security events for signs of unauthorized activity. * Establish and follow procedures for log retention and review. **5.2 Regularly test security systems and processes.** * Perform vulnerability scans and penetration tests regularly and after significant changes. * Test intrusion detection and prevention systems, file integrity monitoring tools, and other security measures. * Document and maintain a formal incident response plan that includes roles, responsibilities, and communication strategies. ### Maintain an Information Security Policy **6.1 Establish, publish, maintain, and disseminate a comprehensive information security policy.** * Develop a formal security policy that addresses all PCI DSS requirements and is approved by executive management. * Ensure that the policy is communicated to all relevant personnel and is regularly reviewed and updated. * Establish supporting policies and procedures, such as acceptable use, access control, and incident response, to provide guidance on implementing the security policy. **6.2 Develop and maintain risk assessment processes.** * Conduct regular risk assessments to identify and evaluate threats and vulnerabilities to cardholder data. * Implement risk mitigation strategies to address identified risks. * Review and update risk assessments at least annually or whenever significant changes occur. **6.3 Implement security awareness training and education programs.** * Provide security awareness training to all personnel upon hire and at least annually. * Include topics such as PCI DSS requirements, security policies, and incident response procedures. * Regularly update training content to address emerging threats and changes in the environment. ## Technical Best Practices for PCI DSS Compliance ### Security Information and Event Management (SIEM) Organizations can enhance PCI DSS compliance with the implementation of security information and event management (SIEM) technology. SIEM effectively monitors the cardholder data environment (CDE) by collecting, analyzing, and correlating security events and logs from multiple sources within the organization's infrastructure. Continuous monitoring helps identify potential security threats, unauthorized access, and policy violations in real-time, enabling swift response to security incidents. ### Network Segmentation Organizations can minimize the scope of compliance efforts by isolating systems that store, process, or transmit cardholder data from other parts of the network. By implementing [network segmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-network-segmentation?ts=markdown), they reduce the number of systems subject to PCI DSS requirements. Proper segmentation requires strong [access controls](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown), firewall rules, and continuous monitoring to ensure the separation and security of the cardholder data environment. In adhering to this best practice, organizations restrict the exposure of cardholder data and lower the risk of [data breach](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown). ### Remote Access in PCI DSS PCI DSS provides guidelines for remote access to ensure the security of cardholder data when connecting to an organization's network remotely. Key requirements include: * Implementing strong authentication mechanisms, such as multifactor authentication (MFA), for all remote access. * [Encrypting](https://www.paloaltonetworks.com/cyberpedia/data-encryption?ts=markdown) remote connections using secure protocols, such as TLS or IPsec VPN. * Restricting remote access to only those users and systems that require it for their job functions. * Regularly monitoring and reviewing remote access logs to detect and respond to potential security incidents. * Ensuring that remote access software is kept up to date and protected against known vulnerabilities. By following these guidelines, organizations can maintain a secure remote access environment and reduce the risk of unauthorized access to cardholder data. ### Tokenization Tokenization replaces sensitive cardholder data with a unique, nonsensitive identifier called a token. The original cardholder data is securely stored in a centralized, protected database, while the token is used for processing transactions. This PCI DSS standard reduces the risk of data breaches by limiting the exposure of sensitive cardholder data in the payment processing environment. In the event of a security breach, attackers only have access to the tokens, which are useless without the corresponding original data. ### File Integrity Monitoring (FIM) Monitoring and detecting unauthorized changes to critical files, system configurations, and application components, file integrity monitoring (FIM) identifies modifications to files. FIM then alerts administrators to potential security incidents, protecting cardholder data by ensuring the integrity of systems within the CDE. Implementing FIM enables organizations to detect unauthorized access, malware infections, or configuration errors that could compromise the security of sensitive payment card information. ## Preparing for a PCI DSS Assessment Preparing for a PCI DSS assessment involves a series of steps to ensure that an organization has implemented the necessary security controls and processes to protect cardholder data and maintain a secure environment. ### Understand the PCI DSS Requirements Familiarize yourself with the 12 requirements and six control objectives outlined by PCI DSS. A clear understanding of the security controls and processes will position you to achieve compliance. ### Determine the Scope of the Assessment Identify all system components, processes, and personnel that interact with or have access to cardholder data, including network devices, servers, applications, databases, and third-party service providers. Defining the scope ensures that all relevant areas are covered during the assessment. ### Conduct a Gap Analysis Evaluate the organization's current security posture against the PCI DSS requirements to identify gaps or areas of noncompliance. To determine where improvements are needed, review security policies, procedures, technical controls, and documentation. ### Remediate Identified Gaps Develop and implement a plan to address the gaps identified during the gap analysis. The plan may involve updating security policies, implementing new technologies or processes, and providing training to employees. Ensure that remediation efforts are documented and tracked. ### Develop and Maintain Documentation Creating and maintaining comprehensive documentation is essential to demonstrate the organization's compliance with PCI DSS requirements. The documentation should encompass security policies, procedures, network diagrams, data flow diagrams, risk assessments, incident response plans, and training records. ### Implement and Monitor Security Controls Ensure that security controls are properly implemented, monitored, and maintained. Establish processes for regular review and updates of security controls, as well as ongoing monitoring of system components and access to cardholder data. ### Conduct Regular Security Testing Perform vulnerability scans, penetration tests, and other security assessments to validate the effectiveness of security controls and identify potential weaknesses. Address any identified vulnerabilities in a timely manner. ### Establish an Incident Response Plan Develop a formal incident response plan that outlines the roles, responsibilities, and procedures for detecting, containing, and recovering from security incidents. Regularly review and update the plan and provide training to relevant personnel. ### Train Employees and Raise Security Awareness Provide ongoing security awareness training to employees to ensure they are familiar with PCI DSS requirements, the organization's security policies, and their roles and responsibilities in protecting cardholder data. ### Engage a Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) Choose a QSA or ISA to perform the PCI DSS assessment. Ensure they have the necessary qualifications and experience to evaluate the organization's compliance with PCI DSS requirements. ### Prepare for the Assessment Collaborate with the QSA or ISA to schedule the assessment, provide necessary documentation, and facilitate access to relevant systems, personnel, and facilities. ### Review and Address Assessment Findings After the assessment, review the findings with the QSA or ISA and develop a plan to address any areas of noncompliance. Implement the necessary changes and provide evidence of remediation to the assessor. ## PCI DSS FAQs ### What is the role of a service provider in PCI DSS? A service provider in PCI DSS is an organization that processes, stores, or transmits cardholder data on behalf of merchants or other service providers. Examples include payment gateways, data centers, and managed security providers. Service providers play a crucial role in maintaining the security of cardholder data by adhering to PCI DSS requirements. They must implement appropriate security controls, undergo regular PCI DSS assessments, and provide evidence of compliance to their clients and acquiring banks. ### What are the responsibilities of a merchant in PCI DSS? Merchants, as entities that accept payment cards for goods or services, have several responsibilities in PCI DSS. They must maintain a secure environment for processing, storing, and transmitting cardholder data by implementing the necessary security controls outlined in the PCI DSS requirements. Merchants are also responsible for ensuring that any third-party service providers they engage with are PCI DSS compliant. Additionally, they must complete a Self-Assessment Questionnaire (SAQ) or undergo a full PCI DSS assessment, depending on their transaction volume and payment processing methods. ### What is the role of the Payment Card Industry Security Standards Council (PCI SSC)? The Payment Card Industry Security Standards Council (PCI SSC) is an independent organization established by major payment card brands to develop and manage security standards for the payment card industry. The PCI SSC is responsible for maintaining and updating: * PCI Data Security Standard (PCI DSS) * Payment Application Data Security Standard (PA-DSS) * Point-to-Point Encryption (P2PE) standard The council also provides training and certification programs for security professionals, such as Qualified Security Assessors (QSAs) and Internal Security Assessors (ISAs). The primary role of the PCI SSC is to ensure the security of cardholder data and promote the adoption of robust security controls across the payment ecosystem. ### What is the Payment Application Data Security Standard (PA-DSS)? The PA-DSS is a set of security requirements established by the PCI SSC for software vendors that develop payment applications. These requirements aim to ensure that payment applications maintain a secure environment for processing, storing, and transmitting cardholder data. Compliance with PA-DSS helps prevent security breaches and reduces the risk of payment card fraud. Software vendors must submit their payment applications for validation by a PA-QSA (Payment Application Qualified Security Assessor) to verify that they meet the PA-DSS requirements and maintain a listing on the PCI SSC's list of validated payment applications. ### How does point-to-point encryption (P2PE) work? Point-to-point encryption (P2PE) is a security technology that encrypts cardholder data at the point of interaction (e.g., card swipe, dip, or tap) and keeps it encrypted throughout its journey in the payment processing system. P2PE uses strong cryptographic algorithms and secure encryption keys to protect sensitive data, ensuring that even if the data is intercepted, it remains unreadable to unauthorized parties. Decryption of the data occurs only within a secure decryption environment, typically at the payment processor or acquiring bank's end. ### Who is a QSA? A QSA is a professional certified by the PCI SSC to perform PCI DSS assessments on merchants and service providers. QSAs have extensive knowledge of the PCI DSS requirements, as well as experience in information security, risk assessments, and audit procedures. They are responsible for evaluating an organization's security posture, identifying gaps in compliance, and providing guidance on implementing security controls to protect cardholder data. ### What is the ISA program? The Internal Security Assessor (ISA) program is a certification offered by the PCI SSC to train and qualify individuals within an organization to perform internal PCI DSS assessments. The program aims to enhance an organization's understanding of PCI DSS requirements and improve its internal security practices. ISAs are responsible for evaluating their organization's compliance with PCI DSS, identifying security gaps, and recommending remediation measures. By having an ISA within the organization, businesses can maintain a proactive approach to security and stay up to date with the latest PCI DSS requirements. ### What is a Report on Compliance (ROC)? A Report on Compliance (ROC) is a formal document produced by a QSA or an ISA after conducting a PCI DSS assessment. The ROC details the organization's compliance status, identifies any gaps or areas of noncompliance, and provides a roadmap for remediation. It serves as evidence that the organization has undergone a comprehensive assessment of its security controls and is either compliant with the PCI DSS requirements or working toward compliance. The ROC is submitted to acquiring banks and payment brands to demonstrate the organization's commitment to protecting cardholder data. ### How do you complete a Self-Assessment Questionnaire (SAQ)? Completing a Self-Assessment Questionnaire (SAQ) involves several steps. First, determine the appropriate SAQ type for your organization based on the payment processing methods used. Next, thoroughly review the SAQ to understand the PCI DSS requirements applicable to your organization. Conduct a self-assessment to evaluate your organization's security controls, policies, and procedures against the requirements listed in the SAQ. Document any gaps or areas of noncompliance and develop a remediation plan to address them. Complete the SAQ by providing accurate responses to each question, then prepare the Attestation of Compliance (AOC) to confirm your organization's compliance status. Finally, submit the completed SAQ and AOC to the required parties, such as acquiring banks and payment brands. ### What is the Attestation of Compliance (AOC)? The Attestation of Compliance (AOC) is a formal document that accompanies the Self-Assessment Questionnaire (SAQ) or Report on Compliance (ROC) and serves as a declaration of an organization's PCI DSS compliance status. It's completed and signed by an authorized representative of the organization, such as an executive officer, and attests to the accuracy and completeness of the information provided in the SAQ or ROC. The AOC is submitted to acquiring banks, payment brands, or other relevant parties as evidence of the organization's commitment to protecting cardholder data and maintaining PCI DSS compliance. ### What constitutes the cardholder data environment (CDE)? The cardholder data environment (CDE) encompasses all components, systems, and processes within an organization that store, process, or transmit cardholder data or sensitive authentication data. The CDE includes hardware, such as servers, storage devices, and network devices; software, such as applications, databases, and operating systems; and personnel with access to cardholder data. Additionally, the CDE covers physical locations, security controls, and third-party service providers involved in handling sensitive payment card information. Identifying and securing the CDE is crucial for maintaining PCI DSS compliance and protecting cardholder data from potential security breaches. ### What are compensating controls in PCI DSS? Compensating controls are alternative security measures that organizations can implement when they can't meet a specific PCI DSS requirement due to technical constraints or other legitimate business reasons. Compensating controls must provide an equivalent level of security to the original requirement and effectively mitigate the risk associated with noncompliance. Organizations using compensating controls must document their rationale, the specific controls implemented, and how they effectively address the risk. During a PCI DSS assessment, QSAs or ISAs will evaluate the effectiveness of compensating controls and determine if they adequately maintain the security of cardholder data. ### What is the difference between Secure Sockets Layer (SSL) and Transport Layer Security (TLS)? Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols designed to provide secure communication over a computer network. SSL is the predecessor of TLS, and both protocols enable data encryption, authentication, and data integrity. TLS, though, offers improved security features, including stronger encryption algorithms and enhanced protection against various attacks. Due to known vulnerabilities in SSL, it has been deprecated, and the use of TLS is now considered the industry standard. PCI DSS requires the use of TLS 1.2 or higher to ensure secure communication and protect cardholder data during transmission. Recommended for you [The State of Cloud Data Security in 2023 Gain insights on the best ways to secure sensitive data in your cloud environments based on real-world research analyzing 13B+ files stored in public cloud environments.](https://www.paloaltonetworks.com/resources/research/data-security-2023-report?ts=markdown) [Securing the Data Landscape with DSPM and DDR Stay ahead of the data security risks. Learn how data security posture management (DSPM) with data detection and response (DDR) fills the security gaps to strengthen your security ...](https://www.paloaltonetworks.com/resources/guides/dspm-ddr-big-guide?ts=markdown) [5 Orgs Achieve 360° Visibility and Compliance Learn how organizations achieve centralized visibility across cloud environments to remediate vulnerabilities and eliminate threats.](https://www.paloaltonetworks.com/resources/ebooks/customer-spotlight-visibility-and-compliance?ts=markdown) [DSPM: Do You Know You Need It? Discover five predominant approaches to data security, along with use cases and applications for each data security approach.](https://www.paloaltonetworks.com/resources/datasheets/why-dspm?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20PCI%20DSS%3F&body=PCI%20DSS%20is%20a%20set%20of%20security%20policies%20that%20protect%20credit%20and%20payment%20card%20data%20and%20transactions.%20Learn%20PCI%20DSS%20compliance%20requirements%2C%20benefits%20and%20challenges.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/pci-dss) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance?ts=markdown) How The Next-Generation Security Platform Contributes to GDPR Compliance [Next](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown) What Is PII? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language