[](https://www.paloaltonetworks.com/?ts=markdown)

* Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)
  ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [](https://www.paloaltonetworks.com/?ts=markdown)

* Products  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products  
  [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)
  
  * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)
  
  * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  
  * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)
  
  * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)
  
  * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  
  * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)
  
  * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)
  
  * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  
  * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)
  
  * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)
  
  * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)
  
  * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)
  
  * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)
  
  * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  
  * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)
  
  * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)
  
  * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)
  
  * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)
  
  * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)
  
  * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)
  
  * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)
  
  * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)
  
  * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)
  
  * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)  
    [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)
  
  * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)
  
  * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)
  
  * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)
  
  * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)
  
  * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)
  
  * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown)
  
  * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)
  
  * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown)
  
  * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)
  
  * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown)
  
  * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  
  * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* Solutions  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions  
  Secure AI by Design
  
  * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)  
    Network Security
  * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown)
  * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown)
  * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown)
  * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown)
  * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown)
  * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown)
  * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown)
  * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)  
    Cloud Security
  * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown)
  * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown)
  * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown)
  * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown)
  * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown)
  * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown)
  * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown)
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown)
  * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown)  
    Security Operations
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown)
  * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown)
  * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown)
  * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown)
  * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown)
  * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown)
  * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown)
  * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown)
  * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown)
  * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown)  
    Endpoint Security
  * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown)
  * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown)
  * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown)
  * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown)  
    [Industries](https://www.paloaltonetworks.com/industry?ts=markdown)
  * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown)
  * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown)
  * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown)
  * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown)
  * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown)

* Services  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services  
  [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)
  
  * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)
  
  * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown)
  
  * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown)
  
  * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown)
  
  * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown)
  
  * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown)
  
  * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown)
  
  * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown)
  
  * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown)
  
  * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown)
  
  * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown)
  
  * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown)
  
  * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown)
  
  * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown)
  
  * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)
  
  * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown)
  
  * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown)
  
  * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown)
  
  * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown)
  
  * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown)
  
  * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)
  
  * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown)
  
  * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown)
  
  * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown)
  
  * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown)  
    [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown)
  
  * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown)
  
  * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown)
  
  * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown)
  
  * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown)
  
  * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown)  
    [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg)  
    UNIT 42 RETAINER
    Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial.
    Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)

* Partners  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners  
  NextWave Partners
  
  * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown)
  * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown)
  * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown)
  * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown)
  * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown)
  * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown)
  * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown)
  * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown)  
    Take Action
  * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown)
  * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown)
  * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner)
  * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess)
  * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator)  
    [CYBERFORCE
    CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise.
    Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown)

* Company  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company  
  Palo Alto Networks
  
  * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
  * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown)
  * [Investor Relations](https://investors.paloaltonetworks.com)
  * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
  * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown)
  * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
  * [Military \& Veterans](https://jobs.paloaltonetworks.com/military)  
    [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown)
  * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown)
  * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown)
  * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown)
  * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown)
  * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown)
  * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
  * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown)  
    Careers
  * [Overview](https://jobs.paloaltonetworks.com/)
  * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/)  
    [A Newsweek Most Loved Workplace
    "Businesses that do right by their employees"
    Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown)

* More  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More  
  Resources
  
  * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
  * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/)
  * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
  * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
  * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
  * [Tech Insider](https://techinsider.paloaltonetworks.com/)
  * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/)
  * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/)
  * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown)
  * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown)
  * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown)
  * [Tech Docs](https://docs.paloaltonetworks.com/)
  * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown)
  * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)
  * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown)  
    Connect
  * [LIVE community](https://live.paloaltonetworks.com/)
  * [Events](https://events.paloaltonetworks.com/)
  * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown)
  * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown)
  * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)  
    [Blog
    Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity
    Learn more](https://www.paloaltonetworks.com/blog/)

* Sign In  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)

* [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown)  
  Search  
  All

* [Tech Docs](https://docs.paloaltonetworks.com/search)  
  Close search modal
  [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com)  
  [](https://www.paloaltonetworks.com/?ts=markdown)

1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown)
3. [What Is Shadow IT?](https://www.paloaltonetworks.com/cyberpedia/shadow-it?ts=markdown)  
   Table of Contents

* [How DSPM Is Evolving: Key Trends to Watch](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends?ts=markdown)
  * [From Static Discovery to Dynamic Intelligence](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#static?ts=markdown)
  * [The Convergence of DSPM with Cloud-Native Security Architectures](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#native?ts=markdown)
  * [Real-Time Data Detection and Response](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#response?ts=markdown)
  * [AI Security and Generative AI Data Protection](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#protection?ts=markdown)
  * [Automation, Policy-as-Code, and DevSecOps Integration](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#automation?ts=markdown)
  * [DSPM Key Trends FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-evolving-trends#faq?ts=markdown)
* [What Is Data Loss Prevention (DLP) Compliance?](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance?ts=markdown)
  * [Why Is DLP Compliance Important?](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#why?ts=markdown)
  * [DLP Regulatory Compliance Explained](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#dlp?ts=markdown)
  * [Types of Data Threats](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#types?ts=markdown)
  * [How Does DLP Work?](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#how?ts=markdown)
  * [DLP Compliance Management Strategies](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#compliance?ts=markdown)
  * [Legal and Ethical Considerations in DLP](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#legal?ts=markdown)
  * [Future Predictions for DLP Compliance](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#future?ts=markdown)
  * [DLP and Compliance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-loss-prevention-dlp-compliance#faqs?ts=markdown)
* [Top Cloud Data Security Solutions](https://www.paloaltonetworks.com/cyberpedia/data-security-solutions?ts=markdown)
  * [The Modern Cloud Data Security Landscape](https://www.paloaltonetworks.com/cyberpedia/data-security-solutions#modern?ts=markdown)
  * [The Anatomy of Modern Cloud Security](https://www.paloaltonetworks.com/cyberpedia/data-security-solutions#cloud?ts=markdown)
  * [Evaluating Data Protection Platforms for Enterprise Deployment](https://www.paloaltonetworks.com/cyberpedia/data-security-solutions#data?ts=markdown)
  * [Leading Cloud Data Security Solutions and Market Positioning](https://www.paloaltonetworks.com/cyberpedia/data-security-solutions#security?ts=markdown)
  * [Strategic Implementation and Platform Selection](https://www.paloaltonetworks.com/cyberpedia/data-security-solutions#platform?ts=markdown)
  * [Top Cloud Data Security Solutions FAQs](https://www.paloaltonetworks.com/cyberpedia/data-security-solutions#faq?ts=markdown)
* [DSPM Market Size: 2025 Guide](https://www.paloaltonetworks.com/cyberpedia/dspm-market?ts=markdown)
  * [DSPM Market Size and Financial Overview](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown)
  * [Growth Drivers Reshaping the DSPM Market](https://www.paloaltonetworks.com/cyberpedia/dspm-market#growth?ts=markdown)
  * [Market Segmentation and Adoption Patterns](https://www.paloaltonetworks.com/cyberpedia/dspm-market#market?ts=markdown)
  * [Palo Alto Networks DSPM Market Position](https://www.paloaltonetworks.com/cyberpedia/dspm-market#position?ts=markdown)
  * [DSPM Market Forecast Through 2030](https://www.paloaltonetworks.com/cyberpedia/dspm-market#dspm?ts=markdown)
  * [DSPM Market FAQs](https://www.paloaltonetworks.com/cyberpedia/dspm-market#faqs?ts=markdown)
* [What Is Data Encryption?](https://www.paloaltonetworks.com/cyberpedia/data-encryption?ts=markdown)
  * [Data Encryption Explained](https://www.paloaltonetworks.com/cyberpedia/data-encryption#data?ts=markdown)
  * [Types of Encryption](https://www.paloaltonetworks.com/cyberpedia/data-encryption#types?ts=markdown)
  * [What Are the Benefits of Data Encryption?](https://www.paloaltonetworks.com/cyberpedia/data-encryption#what?ts=markdown)
  * [Data Encryption Use Cases](https://www.paloaltonetworks.com/cyberpedia/data-encryption#usecases?ts=markdown)
  * [Key Selection](https://www.paloaltonetworks.com/cyberpedia/data-encryption#key?ts=markdown)
  * [Data Encryption and Algorithms](https://www.paloaltonetworks.com/cyberpedia/data-encryption#algorithms?ts=markdown)
  * [Encryption Best Practices](https://www.paloaltonetworks.com/cyberpedia/data-encryption#best-practices?ts=markdown)
  * [Data Encryption FAQs](https://www.paloaltonetworks.com/cyberpedia/data-encryption#faqs?ts=markdown)
* [What Is Data Storage?](https://www.paloaltonetworks.com/cyberpedia/data-storage?ts=markdown)
  * [Data Storage Explained](https://www.paloaltonetworks.com/cyberpedia/data-storage#data?ts=markdown)
  * [What Are Different Types of Data Storage?](https://www.paloaltonetworks.com/cyberpedia/data-storage#what?ts=markdown)
  * [What Is Structured Data?](https://www.paloaltonetworks.com/cyberpedia/data-storage#structured?ts=markdown)
  * [What Is Unstructured Data?](https://www.paloaltonetworks.com/cyberpedia/data-storage#unstructured?ts=markdown)
  * [What Is Semi-Structured Data?](https://www.paloaltonetworks.com/cyberpedia/data-storage#semi-structured?ts=markdown)
  * [Data Storage in the Cloud](https://www.paloaltonetworks.com/cyberpedia/data-storage#cloud?ts=markdown)
  * [Data Storage FAQs](https://www.paloaltonetworks.com/cyberpedia/data-storage#faqs?ts=markdown)
* [What Is Data Risk Assessment?](https://www.paloaltonetworks.com/cyberpedia/data-risk-assessment?ts=markdown)
  * [Data Risk Assessment Explained](https://www.paloaltonetworks.com/cyberpedia/data-risk-assessment#data?ts=markdown)
  * [Why Data Risk Assessment Is Crucial](https://www.paloaltonetworks.com/cyberpedia/data-risk-assessment#why?ts=markdown)
  * [When Assessing Risk is Necessary](https://www.paloaltonetworks.com/cyberpedia/data-risk-assessment#when?ts=markdown)
  * [What Are the Benefits of Assessing Data Risk?](https://www.paloaltonetworks.com/cyberpedia/data-risk-assessment#what?ts=markdown)
  * [Assessing Risk in Cloud Data](https://www.paloaltonetworks.com/cyberpedia/data-risk-assessment#assessing?ts=markdown)
  * [Data Risk Assessment FAQs](https://www.paloaltonetworks.com/cyberpedia/data-risk-assessment#faqs?ts=markdown)
* [What Is Database Security?](https://www.paloaltonetworks.com/cyberpedia/database-security?ts=markdown)
  * [Database Security in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/database-security#database?ts=markdown)
  * [Elements of Database Security](https://www.paloaltonetworks.com/cyberpedia/database-security#elements?ts=markdown)
  * [Database Security: 8 Best Practices](https://www.paloaltonetworks.com/cyberpedia/database-security#security?ts=markdown)
  * [Database Security FAQs](https://www.paloaltonetworks.com/cyberpedia/database-security#faqs?ts=markdown)
* [What Is Cloud Data Loss Prevention (DLP)?](https://www.paloaltonetworks.com/cyberpedia/cloud-data-loss-prevention?ts=markdown)
  * [Cloud Data Loss Prevention (DLP) Explained](https://www.paloaltonetworks.com/cyberpedia/cloud-data-loss-prevention#cloud?ts=markdown)
  * [How Cloud DLP Works](https://www.paloaltonetworks.com/cyberpedia/cloud-data-loss-prevention#how?ts=markdown)
  * [Traditional DLP Vs. Cloud DLP](https://www.paloaltonetworks.com/cyberpedia/cloud-data-loss-prevention#traditional?ts=markdown)
  * [Benefits of Cloud DLP](https://www.paloaltonetworks.com/cyberpedia/cloud-data-loss-prevention#benefits?ts=markdown)
  * [‍Cloud Data Loss Prevention FAQ](https://www.paloaltonetworks.com/cyberpedia/cloud-data-loss-prevention#faqs?ts=markdown)
* [What Is a Data Lake?](https://www.paloaltonetworks.com/cyberpedia/data-lake?ts=markdown)
  * [Data Lakes Explained](https://www.paloaltonetworks.com/cyberpedia/data-lake#data?ts=markdown)
  * [Data Lake vs. Data Warehouse](https://www.paloaltonetworks.com/cyberpedia/data-lake#vs?ts=markdown)
  * [What Are the Benefits of Data Lakes?](https://www.paloaltonetworks.com/cyberpedia/data-lake#what?ts=markdown)
  * [Challenges of Using Data Lakes](https://www.paloaltonetworks.com/cyberpedia/data-lake#challenges?ts=markdown)
  * [‍Use Cases For Data Lakes](https://www.paloaltonetworks.com/cyberpedia/data-lake#usecases?ts=markdown)
  * [Data Lake FAQs](https://www.paloaltonetworks.com/cyberpedia/data-lake#faqs?ts=markdown)
* [What Is a Data Security Platform?](https://www.paloaltonetworks.com/cyberpedia/data-security-platform?ts=markdown)
  * [Data Security Platform Explained](https://www.paloaltonetworks.com/cyberpedia/data-security-platform#data?ts=markdown)
  * [How a Data Security Platform Solves the Complexity of Data Protection](https://www.paloaltonetworks.com/cyberpedia/data-security-platform#how?ts=markdown)
  * [A Data Protection Platform Reduces Risk](https://www.paloaltonetworks.com/cyberpedia/data-security-platform#protection?ts=markdown)
  * [Benefits of a Data Protection Platform](https://www.paloaltonetworks.com/cyberpedia/data-security-platform#benefits?ts=markdown)
  * [Data Security Platform FAQs](https://www.paloaltonetworks.com/cyberpedia/data-security-platform#faqs?ts=markdown)
* [What Is a Data Warehouse?](https://www.paloaltonetworks.com/cyberpedia/data-warehouse?ts=markdown)
  * [Data Warehouses Explained](https://www.paloaltonetworks.com/cyberpedia/data-warehouse#data?ts=markdown)
  * [What Makes a Data Warehouse Unique?](https://www.paloaltonetworks.com/cyberpedia/data-warehouse#what?ts=markdown)
  * [What Are the Benefits of Data Warehouses?](https://www.paloaltonetworks.com/cyberpedia/data-warehouse#benefits?ts=markdown)
  * [When Are Data Warehouses Beneficial?](https://www.paloaltonetworks.com/cyberpedia/data-warehouse#beneficial?ts=markdown)
  * [Data Warehouse FAQs](https://www.paloaltonetworks.com/cyberpedia/data-warehouse#faqs?ts=markdown)
* [What Is a Data Leak?](https://www.paloaltonetworks.com/cyberpedia/data-leak?ts=markdown)
  * [Data Leaks Explained](https://www.paloaltonetworks.com/cyberpedia/data-leak#explained?ts=markdown)
  * [Data Leaks in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/data-leak#public-clouds?ts=markdown)
  * [Data Breach vs Data Leak](https://www.paloaltonetworks.com/cyberpedia/data-leak#vs?ts=markdown)
  * [Data Leak FAQs](https://www.paloaltonetworks.com/cyberpedia/data-leak#faqs?ts=markdown)
* What Is Shadow IT?
  * [Shadow IT Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-it#shadow?ts=markdown)
  * [Shadow IT and Security](https://www.paloaltonetworks.com/cyberpedia/shadow-it#security?ts=markdown)
  * [Mitigating Shadow IT Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-it#mitigating?ts=markdown)
  * [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-it#faqs?ts=markdown)
* [Data Security Policies: Why They Matter and What They Contain](https://www.paloaltonetworks.com/cyberpedia/data-security-policy?ts=markdown)
  * [What Is a Data Security Policy?](https://www.paloaltonetworks.com/cyberpedia/data-security-policy#what?ts=markdown)
  * [Data Security Policies Explained](https://www.paloaltonetworks.com/cyberpedia/data-security-policy#data?ts=markdown)
  * [What Is in a Data Security Policy?](https://www.paloaltonetworks.com/cyberpedia/data-security-policy#what-is?ts=markdown)
  * [What Data Security Controls Should a Policy Include?](https://www.paloaltonetworks.com/cyberpedia/data-security-policy#include?ts=markdown)
  * [Data Security Policy FAQs](https://www.paloaltonetworks.com/cyberpedia/data-security-policy#faqs?ts=markdown)
* [What Is an Insider Threat?](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown)
  * [Insider Threat Explained](https://www.paloaltonetworks.com/cyberpedia/insider-threat#insider?ts=markdown)
  * [Privileged Users \& Insider Risks](https://www.paloaltonetworks.com/cyberpedia/insider-threat#privileged?ts=markdown)
  * [Employee Monitoring](https://www.paloaltonetworks.com/cyberpedia/insider-threat#employee?ts=markdown)
  * [Data Detection and Response (DDR)](https://www.paloaltonetworks.com/cyberpedia/insider-threat#data?ts=markdown)
  * [Insider Threat FAQs](https://www.paloaltonetworks.com/cyberpedia/insider-threat#faqs?ts=markdown)
* [What Is Data Sprawl?](https://www.paloaltonetworks.com/cyberpedia/data-sprawl?ts=markdown)
  * [Data Sprawl Explained](https://www.paloaltonetworks.com/cyberpedia/data-sprawl#data-sprawl?ts=markdown)
  * [The Challenge of Data Sprawl](https://www.paloaltonetworks.com/cyberpedia/data-sprawl#challenge?ts=markdown)
  * [Best Practices to Overcome Data Sprawl](https://www.paloaltonetworks.com/cyberpedia/data-sprawl#best-practices?ts=markdown)
* [Data Sprawl FAQs](https://www.paloaltonetworks.com/cyberpedia/data-sprawl#faq?ts=markdown)

# What Is Shadow IT?

5 min. read  
Table of Contents

* * [Shadow IT Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-it#shadow?ts=markdown)
  * [Shadow IT and Security](https://www.paloaltonetworks.com/cyberpedia/shadow-it#security?ts=markdown)
  * [Mitigating Shadow IT Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-it#mitigating?ts=markdown)
* [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-it#faqs?ts=markdown)

1. Shadow IT Explained

* * [Shadow IT Explained](https://www.paloaltonetworks.com/cyberpedia/shadow-it#shadow?ts=markdown)
  * [Shadow IT and Security](https://www.paloaltonetworks.com/cyberpedia/shadow-it#security?ts=markdown)
  * [Mitigating Shadow IT Risks](https://www.paloaltonetworks.com/cyberpedia/shadow-it#mitigating?ts=markdown)
* [Shadow IT FAQs](https://www.paloaltonetworks.com/cyberpedia/shadow-it#faqs?ts=markdown)

Shadow IT refers to situations where individuals in an organization use IT-related hardware, software, applications, or services without the knowledge or authorization of the IT teams responsible for these tools. Shadow IT has grown prevalent with the rise of cloud-based services. As users become more accustomed to downloading and using cloud-based apps and services to support their work, the organization's shadow IT landscape broadens. This, however, presents serious risks, such as security gaps, compliance violations, [data leaks](https://www.paloaltonetworks.com/cyberpedia/data-leak?ts=markdown), and application sprawl.

## Shadow IT Explained

Shadow IT emerges as a consequence of the rapid evolution of technology and the increasing demand for user-friendly, efficient solutions to meet business needs. To support their work, employees within an organization independently download and deploy [software as a service (SaaS)](https://www.paloaltonetworks.com/cyberpedia/what-is-saas?ts=markdown) applications, [cloud storage solutions](https://www.paloaltonetworks.com/cyberpedia/data-storage?ts=markdown), and collaboration tools not officially sanctioned or approved by the IT department.

Ease of access, coupled with the familiarity and convenience of consumer technologies, drives the adoption of unsanctioned IT resources. The desire for increased productivity encourages teams to bypass IT-approval processes. They may perceive the official channels as cumbersome, slow, or inadequate for fulfilling specific tasks or goals.

Shadow IT can be broken down into three major categories.

* Cloud-based applications accessed directly from the corporate network
* Cloud-based connected applications accessed with an OAuth token
* Off-the-shelf (packaged) software

Each of these categories has its risks and associated benefits, and organizations must develop strategies to address security while still allowing employees to use the tools that make them the most productive.

## Shadow IT and Security

The IT department loses visibility and control over data and resources when employees use unauthorized tools. Many shadow IT tools and services don't adhere to the organization's security standards and can introduce vulnerabilities leading to [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown), malware infections, or ransomware attacks. As employees store and share sensitive information using unsanctioned cloud services, the risk of data leakage increases due to weak access controls or insufficient encryption measures.

Shadow IT can also result in costly compliance violations of industry regulations. What's more, in the event of a security breach or incident, the IT department's ability to respond and remediate issues is hampered due to the lack of knowledge about the existence and usage of unsanctioned tools.

Technically speaking, security risks in shadow IT arise due to the absence of proper security controls, monitoring, and management.

* Shadow IT applications might not be regularly updated, leaving them exposed to known security vulnerabilities.
* Unauthorized tools might lack strong authentication mechanisms, such as multifactor authentication, leading to a higher risk of unauthorized access to [sensitive information](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown).
* The use of shadow IT may involve insecure data transmission methods, such as [unencrypted connections](https://www.paloaltonetworks.com/cyberpedia/data-encryption?ts=markdown), which can be intercepted by malicious actors to gain access to sensitive data.
* Unauthorized tools often lack granular [access controls](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown), allowing users with varying privileges to access sensitive data without proper authorization.
* Shadow IT applications and services may not provide adequate logging and monitoring capabilities, making it difficult to detect and investigate security incidents.
* The integration of shadow IT tools with other systems via [insecure APIs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security?ts=markdown) can expose the organization's data and infrastructure to additional risks.
* Employees using shadow IT tools may not have the expertise to configure them securely, leading to misconfigurations that expose the organization to potential attacks.

## Mitigating Shadow IT Risks

Organizations can address security issues associated with shadow IT while still permitting employees to use productivity-enhancing tools by adopting a balanced approach.

### Increase Awareness and Communication

Educate employees about the potential risks of shadow IT and encourage them to share their needs and concerns with the IT department. Establish open communication channels to facilitate collaboration between IT and other departments.

### Implement a Comprehensive It Policy

Develop a clear and comprehensive IT policy that outlines acceptable use of technologies, required approvals, and security protocols. Make sure employees understand the policy and the rationale behind it.

### Embrace User-Friendly, Approved Solutions

Identify and adopt officially sanctioned tools that meet employees' needs while adhering to security and compliance requirements. Strive to provide user-friendly solutions that match or exceed the features and functionality of unsanctioned tools.

### Regularly Audit and Monitor It Usage

Conduct periodic assessments of software, hardware, and cloud services in use across the organization to identify any instances of shadow IT. Implement monitoring systems to detect unauthorized access or usage of IT resources. [Data security posture management (DSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) solutions enhance these assessments by providing comprehensive visibility into unauthorized data activities and helping control data silos that shadow IT often creates.

### Offer Training and Support

Provide training and support for approved tools to ensure employees understand their benefits and can use them effectively. Encourage employees to seek assistance from the IT department if they encounter challenges or require additional tools.

### Establish a Responsive Approval Process

Streamline the process for evaluating and approving new tools and technologies to minimize delays and ensure employees have access to the resources they need in a timely manner.

### Leverage Security Solutions

Deploy security solutions such as cloud access security brokers (CASBs), which offer visibility and control over SaaS applications, helping IT departments to manage and secure their usage within the organization. Additionally, a [data loss prevention (DLP)](https://www.paloaltonetworks.com/cyberpedia/what-is-data-loss-prevention-dlp?ts=markdown) solution is essential for monitoring the usage of cloud services and protecting sensitive information.

By implementing these strategies, organizations can mitigate the risks of shadow IT while fostering a productive work environment that empowers employees with the tools they need to succeed.

## Shadow IT FAQs

### What are network-accessed shadow IT applications?

Network-accessed shadow IT applications refer to unauthorized tools and services that employees access through an organization's network, circumventing IT department oversight and established security protocols. These applications may include unsanctioned cloud storage, collaboration platforms, or software-as-a-service solutions.

The use of network-accessed shadow IT applications poses security risks via potential unpatched vulnerabilities, inadequate access controls, and insecure data transmission.

### What are OAuth-enabled shadow IT applications?

OAuth-enabled shadow IT applications are unsanctioned tools that leverage the OAuth protocol to gain access to users' accounts on other services, without the need to share credentials directly. The potential risks associated with these applications include unauthorized access to sensitive data, insecure API integrations, and scope creep due to excessive OAuth permissions.

To mitigate risks, organizations should establish secure OAuth implementation practices, including strict access control policies, periodic permission reviews, and employee education on OAuth-related risks.

### What is a cloud access security broker (CASB)?

A cloud access security broker (CASB) is a security solution that acts as an intermediary between an organization's on-premises infrastructure and cloud service providers. CASBs provide visibility and control over the usage of cloud-based applications and services, helping organizations enforce security policies, manage access, and protect sensitive data. Key features of CASBs include monitoring user activity, enforcing access controls, detecting and preventing data leakage, and ensuring compliance with regulations like GDPR.

### What is scope creep?

Scope creep refers to the gradual expansion of a project or task's objectives, requirements, or features beyond its original goals, often leading to increased complexity, delays, and resource consumption. In the context of cloud security and [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), scope creep may occur when unauthorized applications gain excessive OAuth permissions, broadening their access to sensitive data or systems. This expansion can inadvertently expose the organization to security risks, non-compliance issues, and potential data breaches.

### What is application sprawl?

Application sprawl describes the uncontrolled proliferation of software applications within an organization, often resulting from the adoption of numerous tools to accomplish similar tasks. This phenomenon can lead to inefficiencies, increased costs, and security vulnerabilities. In the context of shadow IT, application sprawl occurs when employees independently adopt multiple unauthorized applications, creating a complex landscape that is difficult to manage, secure, and maintain in accordance with data protection regulations like [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown).
Related Content  
[The State of Cloud Data Security in 2023
Gain insights on the best ways to secure sensitive data in your cloud environments based on real-world research analyzing 13B+ files stored in public cloud environments.](https://www.paloaltonetworks.com/resources/research/data-security-2023-report?ts=markdown)  
[Securing the Data Landscape with DSPM and DDR
Stay ahead of the data security risks. Learn how data security posture management (DSPM) with data detection and response (DDR) fills the security gaps to strengthen your security ...](https://www.paloaltonetworks.com/resources/guides/dspm-ddr-big-guide?ts=markdown)  
[5 Orgs Achieve 360° Visibility and Compliance
Learn how organizations achieve centralized visibility across cloud environments to remediate vulnerabilities and eliminate threats.](https://www.paloaltonetworks.com/resources/ebooks/customer-spotlight-visibility-and-compliance?ts=markdown)  
[DSPM: Do You Know You Need It?
Discover five predominant approaches to data security, along with use cases and applications for each data security approach.](https://www.paloaltonetworks.com/resources/datasheets/why-dspm?ts=markdown)  
![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Shadow%20IT%3F&body=Shadow%20IT%20is%20the%20unauthorized%20use%20of%20IT-related%20hardware%2C%20software%2C%20applications%2C%20or%20services%20without%20the%20knowledge%20of%20IT%20and%20security%20teams.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/shadow-it)  
Back to Top  
[Previous](https://www.paloaltonetworks.com/cyberpedia/data-leak?ts=markdown) What Is a Data Leak?  
[Next](https://www.paloaltonetworks.com/cyberpedia/data-security-policy?ts=markdown) Data Security Policies: Why They Matter and What They Contain  
{#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2025 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language