[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown) 3. [Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown) 4. [What are Ransomware Attacks?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods?ts=markdown) Table of Contents * [What Is Ransomware?](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown) * [Ransomware Key Takeaways](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#ransomware?ts=markdown) * [Why Ransomware Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#why?ts=markdown) * [Stages of a Ransomware Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#stages?ts=markdown) * [How Ransomware Uses Psychological Pressure](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#how?ts=markdown) * [Types of Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#types?ts=markdown) * [Example Ransomware Strains](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#example?ts=markdown) * [Role of Human Behavior in Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#role?ts=markdown) * [Ransom Payment and Prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#prevention?ts=markdown) * [Creating and Testing an Incident Response Plan](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#creating?ts=markdown) * [Understanding if You Have a Ransomware Infection](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#infection?ts=markdown) * [Difference Between Malware and Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#difference?ts=markdown) * [What is Multi-Extortion Ransomware?](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#what?ts=markdown) * [Why Ransomware Is Illegal](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#illegal?ts=markdown) * [Recovery from Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#recovery?ts=markdown) * [Is Ransomware Still a Threat?](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#threat?ts=markdown) * [Future-Proofing Against Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#future?ts=markdown) * [Ransomware FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#faqs?ts=markdown) * [What Are the Most Common Types of Ransomware?](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware?ts=markdown) * [Ransomware Types and How They Work](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#ransomware?ts=markdown) * [How to Prevent Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#how?ts=markdown) * [The Evolution of Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#attacks?ts=markdown) * [Notable Ransomware Families](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#notable?ts=markdown) * [The Emergence of Ransomware Groups](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#groups?ts=markdown) * [How Nation-State Actors Have Embraced Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#actors?ts=markdown) * [Types of Ransomware FAQs](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#faqs?ts=markdown) * [What is Ransomware Response and Recovery?](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery?ts=markdown) * [How to Respond to a Ransomware Attack](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#how?ts=markdown) * [How Do Ransomware Attacks Begin?](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#do?ts=markdown) * [Reducing Dwell Time](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#reducing?ts=markdown) * [Common Threat Actor Techniques](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#common?ts=markdown) * [Data Theft and Multi-extortion Ransomware](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#what?ts=markdown) * [How to Uninstall Ransomware and Retrieve Data](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#uninstall?ts=markdown) * [Steps to Recovery After a Ransomware Attack](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#steps?ts=markdown) * [® Incident Response Methodology](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#unit42?ts=markdown) * [Ransomware Removal and Recovery FAQs](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#faqs?ts=markdown) * What are Ransomware Attacks? * [How Do Ransomware Attacks Happen?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#how?ts=markdown) * [What Are the 5 Main Ransomware Attack Vectors?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#what?ts=markdown) * [How to Protect Against Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#protect?ts=markdown) * [How to Assess Your Ransomware Readiness](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#readiness?ts=markdown) * [Ransomware Attacks FAQs](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#faqs?ts=markdown) * [What is Ransomware Prevention?](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do?ts=markdown) * [Step 1: Reduce the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do#step1?ts=markdown) * [Step 2: Prevent Known Threats](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do#step2?ts=markdown) * [Step 3: Identify and Prevent Unknown Threats](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do#step3?ts=markdown) # What are Ransomware Attacks? 5 min. read Table of Contents * * [How Do Ransomware Attacks Happen?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#how?ts=markdown) * [What Are the 5 Main Ransomware Attack Vectors?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#what?ts=markdown) * [How to Protect Against Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#protect?ts=markdown) * [How to Assess Your Ransomware Readiness](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#readiness?ts=markdown) * [Ransomware Attacks FAQs](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#faqs?ts=markdown) 1. How Do Ransomware Attacks Happen? * * [How Do Ransomware Attacks Happen?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#how?ts=markdown) * [What Are the 5 Main Ransomware Attack Vectors?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#what?ts=markdown) * [How to Protect Against Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#protect?ts=markdown) * [How to Assess Your Ransomware Readiness](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#readiness?ts=markdown) * [Ransomware Attacks FAQs](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#faqs?ts=markdown) Ransomware attack methods involve malicious software designed to block access to a victim's system or data, demanding a ransom to restore access. Common methods include: 1. **Phishing Emails** 2. **Exploiting Vulnerabilities** 3. **Remote Desktop Protocol (RDP) Attacks** 4. **Malvertising** 5. **Drive-by Downloads** 6. **Malware-as-a-Service** These methods aim to encrypt files or lock systems, demanding payment for decryption keys or restored access. ## How Do Ransomware Attacks Happen? Ransomware attacks have become a major cybersecurity threat, affecting individuals and businesses worldwide. These attacks typically occur when malicious software is used to block access to a victim's files or system, demanding a ransom to restore access. Cybercriminals employ a variety of methods to deliver ransomware, ranging from [phishing emails](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) and exploiting software vulnerabilities to using remote access tools and malicious ads. Once the ransomware takes hold, it encrypts or locks down critical data, leaving victims with little choice but to pay the ransom in exchange for a decryption key or restored access. Understanding how these attacks happen is crucial for protecting against them. [Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown) starts with cybercriminals entering a system and encrypting all data, then offering a decryption key if the victim agrees to pay a ransom through cryptocurrency. In addition to entering a system and depositing encryption malware, some ransomware operators will use [multi-extortion ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-extortion-ransomware?ts=markdown) techniques to encourage payment, like copying and exfiltrating the unencrypted data, shaming the victim on social media, threatening additional attacks like [DDoS](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack?ts=markdown), or leaking the stolen information to clients or on the dark web. ![How attackers entered an environment to launch a ransomware attack as observed in Unit 42’s 2022 Incident Response Report](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ransomware-common-attack-methods/video-thumbnail-ransomware-common-attack-methods.jpg) close Unit 42 has investigated thousands of ransomware attacks launched against various organizations and helped with quick containment and recovery to save them millions of dollars. Detailed in the [2022 Incident Response Report](https://start.paloaltonetworks.com/2022-unit42-incident-response-report), Unit 42 identified five main attack vectors that threat actors use to deploy ransomware. Discover attacker tactics and gain real world insights and expert recommendations to safeguard your business: [2025 Unit 42 Global Incident Response Report](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown). ## What Are the 5 Main Ransomware Attack Vectors? To better prevent ransomware, it is crucial to understand the malicious tactics attackers use to compromise organizations in the first place. Reviewing recent trends in ransomware threats enables the [security operations center (SOC)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown) to focus resources on potential breach points, reduce the risk of infection and prepare the organization as a whole. The five main ransomware attack vectors are: 1. Exploitable vulnerabilities 2. Brute-force [credential attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack?ts=markdown) 3. [Social engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering?ts=markdown) 4. Previously compromised credentials 5. Abuse of trust ![How attackers entered an environment to launch a ransomware attack as observed in Unit 42’s 2022 Incident Response Report](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/unit42-ir-report-ransomware-initial-access-diagram.png) *Figure 1: How attackers entered an environment to launch a ransomware attack as observed in Unit 42's 2022 Incident Response Report* Understanding how these five attack vectors operate and how best to protect them is a crucial first step to ransomware readiness. ### 1. Exploitable Software Vulnerabilities [Vulnerabilities](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) come in many forms and can be exploited with code designed to take advantage of the gaps or flaws in a program. In the [2022 Unit 42 Incident Response Report](https://start.paloaltonetworks.com/2022-unit42-incident-response-report), Unit 42 discovered that 48% of ransomware cases began with software vulnerabilities. When an application is exposed to the internet, threat actors may scan for and exploit known vulnerabilities to gain unauthorized access to an environment. Another vulnerability technique popular among cybercriminals is using [exploit kits](https://www.paloaltonetworks.com/cyberpedia/what-is-an-exploit-kit?ts=markdown), which involves inserting code into compromised websites. These websites look normal but contain malicious programs that scan through a connected device for vulnerabilities. If the exploit kit identifies a vulnerability, it will often download a malware payload designed to provide a threat actor with remote access to the system. Once remote access is established, threat actors will then deploy ransomware into the environment. The best method of software protection is to ensure that all devices on a network are updated frequently. Software companies will regularly release updates that patch any discovered common vulnerabilities and exposures (CVEs), so it's crucial to update these vulnerabilities before cybercriminals can access them. SOCs can take protection a step further with [extended detection and response](https://www.paloaltonetworks.com/cyberpedia/what-is-extended-detection-response-XDR?ts=markdown) (XDR) products like [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) to detect and block attacks. To identify internet-facing vulnerabilities that need to be remediated and automatically remediate dangerous exposures such as remote desktop protocol (RDP), SOCs can adopt [active attack surface management](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) (ASM) tools like [Cortex Xpanse.](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) ### 2. Brute-Force Credential Attacks Brute-force attacks use trial and error to access a system or application. Cybercriminals create and run scripts that automatically input usernames and passwords until a correct login is discovered. This is one of the oldest cybersecurity attacks, and it has maintained its status as a successful tactic over the years. Brute-force attacks are one of the many reasons that [multifactor authentication (MFA)](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication?ts=markdown) is so important to implement. Systems with MFA require an additional form of verification, like a code from an application or biometrics, before a user is allowed access to the system. In the event of a successful brute-force attack, platforms like [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) will notify the SOC of abnormal user behaviors and prompt an investigation. Cortex XSIAM integrates seamlessly with MFA platforms to convey suspicious login information the moment it happens, expediting those alerts to the top of the funnel to inform analysts and stop brute-force attacks in their tracks. ### 3. Social Engineering [Social engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering?ts=markdown) methods like [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) emails are sent from sources pretending to be trustworthy to encourage victims to click on links and download [malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown) directly. There is often an underlying sense of urgency or danger with these messages to motivate people to action before they can think it through. These attacks can be very successful and, in the instance of ransomware, extremely dangerous and expensive. Implementing regular cybersecurity training for employees is the best way to protect against social engineering attacks. When employees identify and report phishing attempts, the SOC can investigate the attack and learn from what happened. If a phishing attack is successful, [security orchestration, automation and response](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown) (SOAR) platforms like [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) can streamline discovery and remediation, automatically shutting down compromised users until the SOC has investigated and removed the attacker from the system. ### 4. Previously Compromised Credentials When user credentials are compromised, it is crucial to replace them as quickly as possible. Unfortunately, credential information can be leaked on the dark web without users knowing they've been compromised, allowing attackers of all kinds unfettered access to a system. And to make matters worse, many users will use the same password for multiple services, so if one password is compromised, reused passwords can be used against other systems or applications to gain unauthorized access. In addition to multifactor authentication, encouraging employees to practice good password hygiene is a proven way to prevent attacks from compromised credentials. Using a password manager, changing passwords regularly, making sure they're complex and not reusing the same password will protect individuals and the organization. [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) can leverage behavioral analytics to detect and prevent abnormal user behavior even when previously compromised credentials are used to gain unauthorized access into environments. ### 5. Abuse of Trust In the chaos of the current threat landscape, it's important for security professionals to keep an eye on internal threats. Whether an employee feels wronged by their employer or was approached by a threat actor, one of the easiest ways for ransomware to enter an environment is from someone who already has legitimate access. In case of an abuse of trust incident, products like [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) or platforms like [Cortex XSIAM](https://www.paloaltonetworks.com/cyberpedia/what-is-extended-security-intelligence-and-automation-management-xsiam?ts=markdown) can automate [incident response](https://www.paloaltonetworks.com/cyberpedia/what-is-incident-response?ts=markdown) handling to inform security teams and isolate the user in question. Additional protection can be implemented with offboarding best practices to reduce the number of opportunities that a disgruntled employee might have to retaliate. ## How to Protect Against Ransomware Attacks All five methods are damaging ways that an attacker can invade your system. To summarize, we recommend SOCs implement the following if they haven't already: * [EDR platforms](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp?ts=markdown) to identify and block attacks * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) for full, automated visibility on [endpoints](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint?ts=markdown), networks and more * Active ASM platforms like [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) for quick identification and automatic remediation of internet-facing attacks * SOAR platforms like [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) to streamline discovery and automatically isolate any compromised users * MFA to verify users before allowing full access to an environment * Good security practices, like phishing training and password hygiene, among employees to reduce the likelihood of social engineering or brute-force attacks * Streamlined offboarding for ex-employees to prevent insider attacks While these methods and platforms are extremely helpful, they will only take you so far. For ransomware specifically, there's an additional method of preparation that is the most beneficial. ## How to Assess Your Ransomware Readiness Defending against ransomware starts with a plan. Unit 42 offers a [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) to prepare you to better prevent, detect, respond to and recover from ransomware attacks. Achieve a state of ransomware readiness by validating your response strategy, detecting hidden risks and more. ![Graphic outlining the Unit 42 Ransomware Readiness Assessment](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/unit42-ransomware-readiness-assessment.png) *Figure 2: Graphic outlining the Unit 42 Ransomware Readiness Assessment* Our team is here to help you prepare for and respond to the most challenging and malicious cybersecurity threats. If you are experiencing an active breach or think you may have been impacted by a cyber incident, [contact Unit 42](https://start.paloaltonetworks.com/contact-unit42). ## Ransomware Attacks FAQs ### What are ransomware attacks? A cybercriminal might use methods to infiltrate an environment and threaten an organization or individual in exchange for a ransom payment. ### Which attack vectors are being targeted by ransomware attackers? Ransomware attackers are utilizing exploitable vulnerabilities, brute-force credential attacks, social engineering, previously compromised credentials and abuse of trust opportunities, according to the Unit 42 2022 Incident Response Report. ### How can I reduce ransomware risk in my SOC? Implementing platforms for EDR, SOAR and active ASM can reduce ransomware risk and beyond. ### How do I know if I'm the victim of a ransomware attack? You may know you're the victim of a ransomware attack if you find that your computer or files have been locked and you cannot access them unless a ransom is paid. ### Is it safe to pay the ransom? Paying the ransom is not recommended, as there's no guarantee that the attackers will release your files or that you will not be targeted again. It is best to seek professional help and advice. Related content [Become a Ransomware Expert Read this on-the-ground threat analysis of top ransomware groups and an in-depth analysis of the newer tactics being used to shame victims.](https://www.paloaltonetworks.com/resources/research/2022-unit-42-ransomware-threat-report?ts=markdown) [Understand Today's Attacks with Unit 42 Last year's tactics help predict what's coming next. Learn who attackers hit and how they succeeded with the 2022 Incident Response Report.](https://start.paloaltonetworks.com/2022-unit42-incident-response-report) [Request a Personal Cortex Demo Connect with a rep to analyze your environment and see how Cortex products provide efficiency, advanced visibility and protection.](https://www.paloaltonetworks.com/company/cortex-request-demo?ts=markdown) [How to Recruit a Unit 42 Expert Read our datasheet to learn more about Unit 42 Services and how the retainer program is built especially for your environment.](https://www.paloaltonetworks.com/resources/datasheets/unit42-retainer?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20are%20Ransomware%20Attacks%3F&body=Explore%20common%20ransomware%20attack%20methods%2C%20including%20software%20vulnerabilities%2C%20brute%20force%20attacks%2C%20phishing%2C%20and%20other%20tactics%20used%20to%20infiltrate%20systems%20securely.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery?ts=markdown) What is Ransomware Response and Recovery? [Next](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do?ts=markdown) What is Ransomware Prevention? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language