[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [DSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) 4. [What Is Shadow Data?](https://www.paloaltonetworks.com/cyberpedia/shadow-data?ts=markdown) Table of Contents * [What is Data Security Posture Management? DSPM Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) * [DSPM Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-explained?ts=markdown) * [How DSPM Works](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#works?ts=markdown) * [The Importance of Data Security Posture Management](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-importance?ts=markdown) * [DSPM Capabilities](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-capabilities?ts=markdown) * [DSPM Vs. CSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-vs-cspm?ts=markdown) * [DSPM Use Cases](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-use-cases?ts=markdown) * [Data Security Posture Management Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#dspm-tools?ts=markdown) * [Data Security Posture Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm#faq?ts=markdown) * [How DSPM Is Evolving: Key Trends to Watch](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends?ts=markdown) * [From Static Discovery to Dynamic Intelligence](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#static?ts=markdown) * [The Convergence of DSPM with Cloud-Native Security Architectures](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#native?ts=markdown) * [Real-Time Data Detection and Response](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#response?ts=markdown) * [AI Security and Generative AI Data Protection](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#protection?ts=markdown) * [Automation, Policy-as-Code, and DevSecOps Integration](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#automation?ts=markdown) * [DSPM Key Trends FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#faq?ts=markdown) * [DSPM Market Size: 2025 Guide](https://www.paloaltonetworks.com/cyberpedia/dspm-market?ts=markdown) * [DSPM Market Size and Financial Overview](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown) * [Growth Drivers Reshaping the DSPM Market](https://www.paloaltonetworks.com/cyberpedia/dspm-market#growth?ts=markdown) * [Market Segmentation and Adoption Patterns](https://www.paloaltonetworks.com/cyberpedia/dspm-market#market?ts=markdown) * [Palo Alto Networks DSPM Market Position](https://www.paloaltonetworks.com/cyberpedia/dspm-market#position?ts=markdown) * [DSPM Market Forecast Through 2030](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown) * [DSPM Market FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-market#faqs?ts=markdown) * [How DSPM Combats Toxic Combinations: Enabling Proactive Data-Centric Defense](https://www.paloaltonetworks.com/cyberpedia/dspm-defense?ts=markdown) * [What Are Toxic Combinations?](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#what?ts=markdown) * [The Role of Attack Path Analysis in Detection](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#role?ts=markdown) * [DSPM Capabilities for Toxic Combination Mitigation](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#dspm?ts=markdown) * [Aligning with Frameworks and Zero Trust](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#aligning?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#best?ts=markdown) * [How DSPM Combats Toxic Combinations FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-defense#faqs?ts=markdown) * [What Is a Data Flow Diagram?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram?ts=markdown) * [Data Flow Diagram Explained](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#data?ts=markdown) * [What Symbols Are in Data Flow Diagrams?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#what?ts=markdown) * [What Are the Different Levels of DFDs?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#different?ts=markdown) * [What Are the Benefits of Using a Data Flow Diagram?](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#benefits?ts=markdown) * [Data Flow FAQs](https://www.paloaltonetworks.com/cyberpedia/data-flow-diagram#faqs?ts=markdown) * [What Is Data Exfiltration?](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown) * [Data Exfiltration Vs. Data Breach](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#data?ts=markdown) * [Risks of Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#risks?ts=markdown) * [Examples of Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#examples?ts=markdown) * [Data Exfiltration in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#public?ts=markdown) * [Data Exfiltration Warning Signs](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#warning?ts=markdown) * [Preventing Data Exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#preventing?ts=markdown) * [Data Exfiltration FAQs](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration#faqs?ts=markdown) * [What Is Data Movement?](https://www.paloaltonetworks.com/cyberpedia/data-movement?ts=markdown) * [Data Movement Explained](https://www.paloaltonetworks.com/cyberpedia/data-movement#explained?ts=markdown) * [Data Movement and Cloud Data Security](https://www.paloaltonetworks.com/cyberpedia/data-movement#data-security?ts=markdown) * [5 Types of Data Movement, With Examples](https://www.paloaltonetworks.com/cyberpedia/data-movement#types?ts=markdown) * [The Fragmented Landscape of Data Movement Tools](https://www.paloaltonetworks.com/cyberpedia/data-movement#tools?ts=markdown) * [Data Movements FAQs](https://www.paloaltonetworks.com/cyberpedia/data-movement#faqs?ts=markdown) * [What Is a Data Breach?](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) * [Data Breaches Explained](https://www.paloaltonetworks.com/cyberpedia/data-breach#data?ts=markdown) * [The Breach Lifecycle](https://www.paloaltonetworks.com/cyberpedia/data-breach#lifecycle?ts=markdown) * [Why Preventing Data Breaches Matter](https://www.paloaltonetworks.com/cyberpedia/data-breach#why?ts=markdown) * [Data Breach Reporting](https://www.paloaltonetworks.com/cyberpedia/data-breach#reporting?ts=markdown) * [How Do Data Breaches Happen?](https://www.paloaltonetworks.com/cyberpedia/data-breach#how?ts=markdown) * [The Prevalence of Data Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#prevalence?ts=markdown) * [Lessons from Headlining Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#lessons?ts=markdown) * [‍How to Prevent Data Breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach#prevent?ts=markdown) * [Data Breach FAQs](https://www.paloaltonetworks.com/cyberpedia/data-breach#faqs?ts=markdown) * [DSPM Tools: How to Evaluate and Select the Best Option](https://www.paloaltonetworks.com/cyberpedia/dspm-tools?ts=markdown) * [The Need for Data Security Posture Management (DSPM) Solutions](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#solutions?ts=markdown) * [The Key 7 Components of DSPM Tools](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#key?ts=markdown) * [How to Select the Right DSPM Solution](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#how?ts=markdown) * [Common Challenges in Implementing DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#common?ts=markdown) * [Data Security Posture Management FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-tools#faqs?ts=markdown) * [How DSPM Enables XDR and SOAR for Automated, Data-Centric Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar?ts=markdown) * [Why Data Context Matters in Modern Security](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#why?ts=markdown) * [What DSPM Brings to XDR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#what?ts=markdown) * [How DSPM Powers SOAR Automation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#how?ts=markdown) * [The Synergy of DSPM, XDR, and SOAR](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#synergy?ts=markdown) * [Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#best?ts=markdown) * [How DSPM Enables XDR and SOAR FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-xdr-soar#faqs?ts=markdown) * [What Is Data Detection and Response (DDR)?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr?ts=markdown) * [Data Detection and Response Explained](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#data?ts=markdown) * [Why Is DDR Important?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#why?ts=markdown) * [Improving DSPM Solutions with Dynamic Monitoring](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#improving?ts=markdown) * [A Closer Look at Data Detection and Response (DDR)](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#ddr?ts=markdown) * [How DDR Solutions Work](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#how?ts=markdown) * [How Does DDR Fit into the Cloud Data Security Landscape?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#landscape?ts=markdown) * [Does the CISO Agenda Need an Additional Cybersecurity Tool?](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#does?ts=markdown) * [Supporting Innovation Without Sacrificing Security](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#supporting?ts=markdown) * [DSPM and Data Detection and Response FAQs](https://www.paloaltonetworks.com/cyberpedia/data-detection-response-ddr#faqs?ts=markdown) * [What Is Data-Centric Security?](https://www.paloaltonetworks.com/cyberpedia/data-centric-security?ts=markdown) * [Why a Data-Centric Security Strategy Matters](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#why?ts=markdown) * [When a Data Focus for Security Is Necessary](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#when?ts=markdown) * [Data-Centric Security FAQs](https://www.paloaltonetworks.com/cyberpedia/data-centric-security#faqs?ts=markdown) * [What Is Unstructured Data?](https://www.paloaltonetworks.com/cyberpedia/unstructured-data?ts=markdown) * [Understanding Unstructured Data in the Cloud](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#understanding?ts=markdown) * [Unstructured Data and Challenges with Data Security](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#unstructured?ts=markdown) * [Key Aspects of Data Security for Unstructured Data](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#key?ts=markdown) * [Unstructured Data FAQs](https://www.paloaltonetworks.com/cyberpedia/unstructured-data#faqs?ts=markdown) * [What Is Data Access Governance?](https://www.paloaltonetworks.com/cyberpedia/data-access-governance?ts=markdown) * [Data Access Governance Explained](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#data?ts=markdown) * [Data Access Governance in Compliance and Auditing](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#compliance?ts=markdown) * [Data Governance in Cloud Security](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#cloud-security?ts=markdown) * [Software Used for Data Access Governance](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#software?ts=markdown) * [Data Access Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-access-governance#faqs?ts=markdown) * [DSPM for AI: Navigating Data and AI Compliance Regulations](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance?ts=markdown) * [How DSPM Secures Data Integrity and Enables Compliance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#how?ts=markdown) * [Navigating Global AI Compliance with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#navigating?ts=markdown) * [Securing the AI Lifecycle with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#lifecycle?ts=markdown) * [Integrating DSPM Across the Security Ecosystem](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#ecosystem?ts=markdown) * [The Future of DSPM: Business Value and Responsible AI](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#future?ts=markdown) * [DSPM for AI FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-data-ai-compliance#faqs?ts=markdown) * [What Is Data Discovery?](https://www.paloaltonetworks.com/cyberpedia/data-discovery?ts=markdown) * [How Data Discovery Works](https://www.paloaltonetworks.com/cyberpedia/data-discovery#how?ts=markdown) * [Data Discovery: The Key to Data Classification](https://www.paloaltonetworks.com/cyberpedia/data-discovery#data?ts=markdown) * [Benefits of Data Discovery](https://www.paloaltonetworks.com/cyberpedia/data-discovery#benefits?ts=markdown) * [Data Discovery FAQs](https://www.paloaltonetworks.com/cyberpedia/data-discovery#faqs?ts=markdown) * [What Is Structured Data?](https://www.paloaltonetworks.com/cyberpedia/structured-data?ts=markdown) * [Structured Data Explained](https://www.paloaltonetworks.com/cyberpedia/structured-data#structured?ts=markdown) * [Benefits of Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#benefits?ts=markdown) * [Challenges with Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#challenges?ts=markdown) * [Internal and External Sources of Structured Data](https://www.paloaltonetworks.com/cyberpedia/structured-data#internal?ts=markdown) * [Structured Data FAQs](https://www.paloaltonetworks.com/cyberpedia/structured-data#faqs?ts=markdown) * What Is Shadow Data? * [Shadow Data Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-data#shadow?ts=markdown) * [The Dangers of Shadow Data](https://www.paloaltonetworks.com/cyberpedia/shadow-data#the?ts=markdown) * [Mitigating Shadow Data Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-data#mitigating?ts=markdown) * [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-data#faqs?ts=markdown) * [How DSPM Enables Continuous Compliance and Data Governance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance?ts=markdown) * [Why Traditional Compliance Approaches Fall Short](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#why?ts=markdown) * [DSPM as a Foundation for Continuous Compliance](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#dspm?ts=markdown) * [Strengthening Data Governance with DSPM](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#strengthening?ts=markdown) * [Regulatory Alignment and Business Enablement](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#regulatory?ts=markdown) * [Implementation Considerations and Best Practices](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#implementation?ts=markdown) * [DSPM for Continuous Compliance and Data Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance#faqs?ts=markdown) * [What Is Data Classification?](https://www.paloaltonetworks.com/cyberpedia/data-classification?ts=markdown) * [Data Classification Explained](https://www.paloaltonetworks.com/cyberpedia/data-classification#data?ts=markdown) * [Why Data Classification Matters](https://www.paloaltonetworks.com/cyberpedia/data-classification#why?ts=markdown) * [Data Classification Levels](https://www.paloaltonetworks.com/cyberpedia/data-classification#levels?ts=markdown) * [Data Classification Use Cases](https://www.paloaltonetworks.com/cyberpedia/data-classification#usecases?ts=markdown) * [How Does Data Classification Improve Data Security?](https://www.paloaltonetworks.com/cyberpedia/data-classification#how?ts=markdown) * [Data Classification FAQs](https://www.paloaltonetworks.com/cyberpedia/data-classification#faqs?ts=markdown) * [DSPM Vs. CSPM: Key Differences and How to Choose](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm?ts=markdown) * [Understand the Fundamentals --- What Are CSPM and DSPM?](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#understand?ts=markdown) * [DSPM Vs. CSPM: What's the Difference?](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#difference?ts=markdown) * [Pros and Cons of Each Approach](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#pros-and-cons?ts=markdown) * [Use Cases: When to Use DSPM, CSPM, or Both](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#use-cases?ts=markdown) * [Choosing the Right Approach (or Integrating Both)](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#approach?ts=markdown) * [DSPM Vs. CSPM FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-vs-cspm#faqs?ts=markdown) * [What Is Cloud Data Protection?](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection?ts=markdown) * [Why Companies Need Cloud Data Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#why?ts=markdown) * [How Companies Can Better Protect Their Data in Cloud Environments](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#how?ts=markdown) * [The Benefits of Cloud Data Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#benefits?ts=markdown) * [Cloud Data Protection FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-data-protection#faqs?ts=markdown) # What Is Shadow Data? 5 min. read Table of Contents * * [Shadow Data Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-data#shadow?ts=markdown) * [The Dangers of Shadow Data](https://www.paloaltonetworks.com/cyberpedia/shadow-data#the?ts=markdown) * [Mitigating Shadow Data Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-data#mitigating?ts=markdown) * [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-data#faqs?ts=markdown) 1. Shadow Data Explained * * [Shadow Data Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-data#shadow?ts=markdown) * [The Dangers of Shadow Data](https://www.paloaltonetworks.com/cyberpedia/shadow-data#the?ts=markdown) * [Mitigating Shadow Data Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-data#mitigating?ts=markdown) * [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-data#faqs?ts=markdown) Shadow data is a term used to describe unknown, hidden, or overlooked copies of [sensitive information](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) that exist outside the purview of an organization's IT security measures. Shadow data can reside in various forms, such as [unstructured files](https://www.paloaltonetworks.com/cyberpedia/unstructured-data?ts=markdown), [structured databases](https://www.paloaltonetworks.com/cyberpedia/structured-data?ts=markdown), or even cloud storage, often without the knowledge or control of the IT department. ## Shadow Data Explained Shadow data is data that is created, stored, or shared without being formally managed or governed by the relevant IT teams. Shadow data can be found in spreadsheets, local copies of databases, emails, and presentations. It would often find its way to personal devices, but shadow data assets can also live on [cloud storage](https://www.paloaltonetworks.com/cyberpedia/data-storage?ts=markdown) such as Amazon S3, or as overlooked tables in a database. Shadow data can pose a security risk to organizations. In most cases, security controls and policies won't be applied to this data, which makes it more difficult to track and monitor, and more vulnerable to unauthorized access. To mitigate the risks associated with shadow data, it's important for organizations to have policies and procedures in place to manage and govern the creation, storage, and sharing of new datasets. In addition, organizations can use data security tools such as [data security posture management (DSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown)) to identify, classify, and secure shadow data. ## The Dangers of Shadow Data Often lurking in the uncharted corners of an organization's digital landscape, shadow data poses a formidable challenge for IT security teams. This elusive data is the result of employees creating and storing files on personal devices or unauthorized cloud services, data duplication through backups or migration processes, unauthorized extraction of data by insiders, and [leakage](https://www.paloaltonetworks.com/cyberpedia/data-leak?ts=markdown) through third-party applications or partners. The nature of shadow data evades conventional security measures, leaving it exposed to threats and vulnerabilities. As organizations grapple with the consequences of unsecured shadow data, they confront a myriad of risks. [Data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) become more likely as unauthorized access or accidental exposure becomes increasingly possible. Compliance violations emerge as businesses struggle to adhere to [data protection regulations](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown), resulting in hefty penalties. The loss of intellectual property can cripple an organization's competitive advantage and tarnish its reputation. Decision-making, as well, falters when based on incomplete or outdated information, leading to poor business outcomes. To counter these threats and regain control over shadow data, organizations need to adopt a proactive approach. By implementing robust data discovery and classification tools, enforcing strict access controls, and promoting a culture of data security awareness, businesses can effectively address the challenges posed by shadow data and ensure the confidentiality, integrity, and availability of their sensitive information. ## Mitigating Shadow Data Risks Mitigating shadow data risks requires a multi-faceted approach that combines technology, policies, and user education. The following strategies can help organizations effectively address the challenges posed by shadow data. ### Data Discovery and Classification Implement advanced [data discovery](https://www.paloaltonetworks.com/cyberpedia/data-discovery?ts=markdown) tools that support a wide range of file types and storage locations, including structured and unstructured data, on-premises systems, cloud services, and personal devices. Choose a [data classification](https://www.paloaltonetworks.com/cyberpedia/data-classification?ts=markdown) solution that offers customizable classification criteria, automated tagging, and support for industry-specific regulations. ### Access Controls and Permissions Establish strict [access controls](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) to ensure only authorized users can access sensitive data. Implement role-based access control (RBAC) and attribute-based access control (ABAC) models to enforce granular access restrictions. Implement multifactor authentication (MFA) and single sign-on (SSO) to enhance access security. Regularly audit user permissions and access logs to identify and remediate excessive or unused privileges. ### Data Loss Prevention (DLP) Solutions Select [data loss prevention (DLP)](https://www.paloaltonetworks.com/cyberpedia/what-is-data-loss-prevention-dlp?ts=markdown) solutions with features such as content-aware detection, real-time monitoring, and policy-based enforcement. Ensure the chosen solution can integrate with existing security tools, applications, and cloud services to provide comprehensive coverage across the organization's data ecosystem. ### User Activity Monitoring Implement monitoring solutions that provide detailed insights into user actions, including file access, modification, deletion, and sharing. Choose solutions that offer real-time alerts, customizable thresholds for anomalous behavior detection, and integration with security information and event management (SIEM) systems. ### Encryption [Use strong encryption](https://www.paloaltonetworks.com/cyberpedia/data-encryption?ts=markdown) algorithms, such as AES-256 or RSA-2048, to protect sensitive data. Implement key management best practices, including secure key storage, rotation, and backup. Consider using encryption solutions that offer central management, policy enforcement, and compliance reporting. ### Secure Collaboration and File-Sharing Tools Evaluate and choose secure collaboration tools that offer end-to-end encryption, granular access controls, and activity tracking. Ensure these tools can integrate with existing systems and comply with industry-specific regulations. ### Policy Development and Enforcement Develop comprehensive data security policies that address data classification, [data storage](https://www.paloaltonetworks.com/cyberpedia/data-storage?ts=markdown), sharing, retention, and disposal. Assign responsibility for policy enforcement to specific individuals or teams and establish clear consequences for non-compliance. ### User Education and Training Educate employees on the risks associated with shadow data and the importance of adhering to organizational policies. Create a comprehensive security awareness program that includes training on data security best practices, organizational policies, and industry-specific regulations. Offer regular training sessions, simulations, and assessments to reinforce learning and measure the program's effectiveness. ### Incident Response Planning Develop an incident response plan that outlines the steps to be taken in case of a data breach or security incident involving shadow data. Your plan should clearly define roles, responsibilities, and procedures for detecting, containing, eradicating, and recovering from security incidents involving shadow data. Regularly review, test, and update the plan to ensure its effectiveness and alignment with evolving threats and organizational changes.Conduct drills to ensure that the organization is prepared to handle incidents effectively. ## Shadow IT FAQs ### What is an example of shadow data? An example of shadow data is when an employee saves a copy of a sensitive company document, such as a sales report or client contract, to their personal cloud storage account for convenience. This action creates an unauthorized replica of the data, which now resides outside the organization's IT security infrastructure. As a result, the company loses visibility and control over this data, leaving it susceptible to unauthorized access, potential [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown), and compliance violations. ### What is a data shadow system? A data shadow system refers to an unofficial, parallel data management system created and maintained by users outside the purview of the organization's IT department. These systems often emerge when employees perceive the official systems to be too complex, slow, or restrictive. They may develop spreadsheets, databases, or applications to manage data and processes more efficiently. Because they bypass the organization's security protocols and data management policies, data shadow systems can introduce security risks, data inconsistencies, and integration challenges. ### What is a shadow dataset? A shadow dataset is a collection of data that exists beyond the control and oversight of an organization's IT department and security measures. These datasets can be created intentionally or unintentionally, through actions such as data duplication, [unauthorized extraction](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown), or data sharing with external parties. Shadow datasets pose significant risks to an organization's data security, as they can lead to breaches, compliance issues, and inaccurate decision-making due to a lack of visibility and control over the data. ### What is a cloud access security broker (CASB)? A cloud access security broker (CASB) is a security solution that acts as an intermediary between an organization's on-premises infrastructure and cloud service providers. CASBs provide visibility and control over the usage of cloud-based applications and services, helping organizations enforce security policies, manage access, and protect sensitive data. Key features of CASBs include monitoring user activity, enforcing access controls, detecting and preventing data leakage, and ensuring compliance with regulations like GDPR. ### What is scope creep? Scope creep refers to the gradual expansion of a project or task's objectives, requirements, or features beyond its original goals, often leading to increased complexity, delays, and resource consumption. In the context of cloud security and [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), scope creep may occur when unauthorized applications gain excessive OAuth permissions, broadening their access to sensitive data or systems. This expansion can inadvertently expose the organization to security risks, non-compliance issues, and potential data breaches. ### What is application sprawl? Application sprawl describes the uncontrolled proliferation of software applications within an organization, often resulting from the adoption of numerous tools to accomplish similar tasks. This phenomenon can lead to inefficiencies, increased costs, and security vulnerabilities. In the context of shadow IT, application sprawl occurs when employees independently adopt multiple unauthorized applications, creating a complex landscape that is difficult to manage, secure, and maintain in accordance with data protection regulations like [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown). Related Content [The State of Cloud Data Security in 2023 Gain insights on the best ways to secure sensitive data in your cloud environments based on real-world research analyzing 13B+ files stored in public cloud environments.](https://www.paloaltonetworks.com/resources/research/data-security-2023-report?ts=markdown) [Securing the Data Landscape with DSPM and DDR Stay ahead of the data security risks. Learn how data security posture management (DSPM) with data detection and response (DDR) fills the security gaps to strengthen your security ...](https://www.paloaltonetworks.com/resources/guides/dspm-ddr-big-guide?ts=markdown) [5 Orgs Achieve 360° Visibility and Compliance Learn how organizations achieve centralized visibility across cloud environments to remediate vulnerabilities and eliminate threats.](https://www.paloaltonetworks.com/resources/ebooks/customer-spotlight-visibility-and-compliance?ts=markdown) [DSPM: Do You Know You Need It? Discover five predominant approaches to data security, along with use cases and applications for each data security approach.](https://www.paloaltonetworks.com/resources/datasheets/why-dspm?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Shadow%20Data%3F&body=Understand%20shadow%20data%20to%20mitigate%20shadow%20data%20risks%2C%20ensure%20secure%20and%20compliant%20handling%20of%20sensitive%20data%20and%20implement%20strategies%20to%20avoid%20shadow%20data.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/shadow-data) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/structured-data?ts=markdown) What Is Structured Data? [Next](https://www.paloaltonetworks.com/cyberpedia/dspm-data-governance?ts=markdown) How DSPM Enables Continuous Compliance and Data Governance {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language