[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Security Operations](https://www.paloaltonetworks.com/cyberpedia/security-operations?ts=markdown) 3. [Security Operations](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations?ts=markdown) 4. [Security Operations Center (SOC) Roles and Responsibilities](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities?ts=markdown) Table of Contents * [What Is Security Operations (SecOps)? Comprehensive Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations?ts=markdown) * [Security Operations (SecOps) Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#secops?ts=markdown) * [The Pillars of Modern SecOps: People, Process, and Technology](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#pillars?ts=markdown) * [Example Scenario: Incident Response to a Malware Alert](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#example?ts=markdown) * [Proactive Security Operations Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#proactive?ts=markdown) * [Technology: Core Tools for the SOC](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#technology?ts=markdown) * [Core Components and Functions of the SOC](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#core?ts=markdown) * [SecOps vs. DevOps vs. DevSecOps](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#vs?ts=markdown) * [Security Operations FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-security-operations#faqs?ts=markdown) * [What Is a Security Operations Center (SOC)?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown) * [SOC Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#soc?ts=markdown) * [SOC Roles and Responsibilities](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#roles?ts=markdown) * [Key SOC Functions and Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#key?ts=markdown) * [SOC Delivery Models](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#models?ts=markdown) * [How Does a MSSP Differ from a SOC?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#mssp-differ-from-soc?ts=markdown) * [Best Practices for Optimizing SOC Performance](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#best?ts=markdown) * [The Future SOC Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#future?ts=markdown) * [Security Operations Center (SOC) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc#faqs?ts=markdown) * [How Do I Deploy SecOps Automation?](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation?ts=markdown) * [Preparing for SecOps Automation](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#preparing?ts=markdown) * [Start Simple with High-Impact Tasks](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#start?ts=markdown) * [Automation Benefits for Organizations of All Sizes](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#automation?ts=markdown) * [Peer Review and Approval](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#peer?ts=markdown) * [Secure a Champion for Automation](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#secure?ts=markdown) * [Defining Automation Use Cases](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#defining?ts=markdown) * [Example Use Cases: Phishing and Malware](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#example?ts=markdown) * [Selecting the Right SOAR Platform](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#selecting?ts=markdown) * [SOAR Deployment and Use Cases FAQs](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation#faqs?ts=markdown) * Security Operations Center (SOC) Roles and Responsibilities * [The SOC Team: Roles and Responsibilities](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#the?ts=markdown) * [What Is the Role of a Security Operations Center (SOC)?](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#what?ts=markdown) * [What Are Best Practices for a Winning SOC Team?](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#best?ts=markdown) * [SOC Roles and Responsibilities FAQs](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#faqs?ts=markdown) * [What is SOC as a Service (SOCaaS)?](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service?ts=markdown) * [Which Cyber Threats are Monitored by SOCaaS?](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service#which?ts=markdown) * [The Need Managed Security Services](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service#need?ts=markdown) * [What are the Benefits of SOC as a Service (SOCaaS)?](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service#what?ts=markdown) * [Factors to Consider When Designing a SOC](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service#factors?ts=markdown) * [Why a Managed SOC is Important](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service#important?ts=markdown) * [Challenges of a Managed SOC](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service#challenges?ts=markdown) * [SOC as a service FAQs](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service#faqs?ts=markdown) * [How Do I Improve SOC Effectiveness?](https://www.paloaltonetworks.com/cyberpedia/how-do-i-improve-soc-effectiveness?ts=markdown) * [Top Priorities for Improving SOC Effectiveness](https://www.paloaltonetworks.com/cyberpedia/how-do-i-improve-soc-effectiveness#top?ts=markdown) * [Integrating Threat Intelligence to Enhance SOC Effectiveness](https://www.paloaltonetworks.com/cyberpedia/how-do-i-improve-soc-effectiveness#integrating?ts=markdown) * [Security Tools that Improve SOC Effectiveness](https://www.paloaltonetworks.com/cyberpedia/how-do-i-improve-soc-effectiveness#security?ts=markdown) * [How Reports and Dashboards Improve SOC Effectiveness](https://www.paloaltonetworks.com/cyberpedia/how-do-i-improve-soc-effectiveness#how?ts=markdown) * [Investing in Training and Development Programs](https://www.paloaltonetworks.com/cyberpedia/how-do-i-improve-soc-effectiveness#investing?ts=markdown) * [How to Improve SOC Effectiveness FAQs](https://www.paloaltonetworks.com/cyberpedia/how-do-i-improve-soc-effectiveness#faqs?ts=markdown) * [How AI-Driven SOC Solutions Transform Cybersecurity: Cortex XSIAM](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions?ts=markdown) * [How Cortex XSIAM 2.0 Revolutionizes Security Operations](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#operations?ts=markdown) * [Cortex XSIAM Solutions and Advantages](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#cortex-xsiam-solutions-and-advantages?ts=markdown) * [Addressing Critical Issues in Current SOC Solutions](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#addressing-critical-issues?ts=markdown) * [How Cortex XSIAM Transforms the SOC](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#how?ts=markdown) * [Distinctive Features of Cortex XSIAM](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#features?ts=markdown) * [Comprehensive SOC Solutions: Single Platform Delivery Highlights](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#highlights?ts=markdown) * [Integrated Capabilities: The XSIAM Solutions Delivery](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#capabilities?ts=markdown) * [Ready to Transform Your Cybersecurity Landscape?](https://www.paloaltonetworks.com/cyberpedia/revolutionizing-soc-operations-with-ai-soc-solutions#cybersecurity-landscape?ts=markdown) # Security Operations Center (SOC) Roles and Responsibilities 5 min. read Table of Contents * * [The SOC Team: Roles and Responsibilities](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#the?ts=markdown) * [What Is the Role of a Security Operations Center (SOC)?](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#what?ts=markdown) * [What Are Best Practices for a Winning SOC Team?](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#best?ts=markdown) * [SOC Roles and Responsibilities FAQs](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#faqs?ts=markdown) 1. The SOC Team: Roles and Responsibilities * * [The SOC Team: Roles and Responsibilities](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#the?ts=markdown) * [What Is the Role of a Security Operations Center (SOC)?](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#what?ts=markdown) * [What Are Best Practices for a Winning SOC Team?](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#best?ts=markdown) * [SOC Roles and Responsibilities FAQs](https://www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities#faqs?ts=markdown) A security operations center, or SOC, is an organizational or business unit operating at the center of security operations to manage and improve an organization's overall security posture. Its primary function is to detect, analyze and respond to cybersecurity events, including threats and incidents, employing people, processes and technology. Teams are responsible for managing security infrastructure and configuring and deploying various security solutions, tools and products. Just like other organizational units, there are several different roles and responsibilities within a SOC, from tier 1 analysts to specialized roles like threat hunters. ## The SOC Team: Roles and Responsibilities Typical core roles that make up a SOC team consist of different tiers of SOC analysts and dedicated managers. In their research, Manfred Vielberth, Fabian Böhm, Ines Fichtinger and Günther Pernul identify these main roles --- each with a specific skill set --- in a SOC team. **Tier 1 --- Triage Specialist:** Tier 1 analysts are mainly responsible for collecting raw data as well as reviewing alarms and alerts. They need to confirm, determine or adjust the criticality of alerts and enrich them with relevant data. For every alert, the triage specialist has to identify whether it's justified or a false positive, as alert fatigue is a real issue. An additional responsibility at this level is identifying other high-risk events and potential incidents. All these need to be prioritized according to their criticality. If problems occurring cannot be solved at this level, they have to be escalated to tier 2 analysts. Furthermore, triage specialists are often managing and configuring the monitoring tools. **Tier 2 --- Incident Responder:** At the tier 2 level, analysts review the higher-priority security incidents escalated by triage specialists and do a more in-depth assessment using threat intelligence (indicators of compromise, updated rules, etc.). They need to understand the scope of an attack and be aware of the affected systems. The raw attack telemetry data collected at tier 1 is transformed into actionable threat intelligence at this second tier. Incident responders are responsible for designing and implementing strategies to contain and recover from an incident. If a tier 2 analyst faces major issues with identifying or mitigating an attack, additional tier 2 analysts are consulted, or the incident is escalated to tier 3. **Tier 3 --- Threat Hunter:** Tier 3 analysts are the most experienced workforce in a SOC. They handle major incidents escalated to them by the incident responders. They also perform or at least supervise vulnerability assessments and penetration tests to identify possible attack vectors. Their most important responsibility is to proactively identify possible threats, security gaps and vulnerabilities that might be unknown. They should also recommend ways to optimize the deployed security monitoring tools as they gain reasonable knowledge about a possible threat to the systems. Additionally, any critical security alerts, threat intelligence, and other security data provided by tier 1 and tier 2 analysts need to be reviewed at this tier. **SOC Manager:** SOC managers supervise the security operations team. They provide technical guidance if needed, but most importantly, they are in charge of adequately managing the team. This includes hiring, training and evaluating team members; creating processes; assessing incident reports; and developing and implementing necessary crisis communication plans. They also oversee the financial aspects of a SOC, support security audits, and report to the chief information security officer (CISO) or a respective top-level management position. In addition to the tiered roles, multiple technical and specialty roles exist, including: * **Malware Analysts or Reverse Engineers** offer support in responding to sophisticated threats by reverse engineering malware to help inform incident investigations, provide threat intelligence to the SOC, and improve future detection and response efforts. * **Threat Hunters** (which map to tier 2) proactively look (i.e., hunt) for threats inside the organization. While this is also done by tier 3 analysts, a specialized role could be to review logs, proactively hunt for threats or research outside of the organization by analyzing publicly available threat intelligence. * **Forensics Specialists or Analysts** investigate and research cyber events or crimes related to information technology (IT) systems, networks and digital evidence. * **Vulnerability Managers** continually identify, assess, report on, manage and remediate vulnerabilities across endpoints, workloads and systems. * **Consulting roles:** This group's two most important roles are the Security Architect (SA) and the Security Consultant. The SA plans, researches and designs a robust security infrastructure within a company. SAs conduct regular system and vulnerability tests, and implement or supervise the implementation of enhancements. They are also in charge of establishing recovery procedures. Security consultants often research security standards, security best practices and security systems. They can provide an industry overview for an organization and compare current SOC capabilities with competitors. They can help to plan, research and design robust security architectures. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/cortex-cyberpedia-diagram-soc-systematic-study.png) ## What Is the Role of a Security Operations Center (SOC)? [SOCs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown) were created to facilitate collaboration among security personnel, with a primary focus on security monitoring and alerting, including the collection and analysis of data to identify suspicious activity and improve the organization's security. A SOC can streamline the security incident handling process as well as help analysts triage and resolve security incidents more efficiently and effectively. In today's digital world, a SOC can be located in-house, in the cloud (a virtual SOC), staffed internally, outsourced (e.g., to an [MSSP](https://www.paloaltonetworks.com/resources/datasheets/security-solutions-for-mssp?ts=markdown) or [MDR](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)) or a mix of these. SOCs can provide continuous protection with uninterrupted monitoring and visibility into critical assets across the attack surface. They can provide a fast and effective response, decreasing the time elapsed between when the compromise first occurred and the mean time to detection. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/cortex-cyberpedia-diagram-soc-overview.png) ## What Are Best Practices for a Winning SOC Team? With security becoming a board-level topic, organizations are debating whether they need a SOC, what kind of SOC they need, and which components their SOC should include. While there are no specific guidelines to help organizations with their decisions, some best practices exist for scoping out their various options, including ensuring compliance regulations are met. Whether one is building a physical SOC, a hybrid of cloud and on-premises, or partnering with a third party, some general benchmarks should be considered. Before starting, it's important to note --- to ensure success --- that the project has an executive sponsor or "champion" as well as a strong business use case and budget for the long term. There are several ways that security teams can ensure the success of their SOC in any incarnation. ### Optimize Security Teams by Focusing on Staff and Personnel Beyond investing in security solutions and tools, the most important factor in any successful SOC will remain the human element. While machine learning and automation will undoubtedly improve outcomes like response times, accuracy, and remediation overall --- especially for low-level, repetitive tasks --- attracting, training and retaining security personnel, including engineers, analysts and architects, needs to be baked into any cohesive SOC strategy. \  ### Augmenting Teams with Automation and Machine Learning Leverage automation and machine learning to their full potential to augment and complement humans in security. Advanced analytics and AI can significantly reduce the time teams spend processing massive amounts of data in the enterprise to come up with critical security insights. By automatically detecting anomalous patterns across multiple data sources and also automatically providing alerts with context, machine learning today can deliver on its promise of speeding investigations and removing blind spots. ### Automating Workflows Security leaders can identify repeatable, low-level tasks that can work with human decision-making to help accelerate incident investigations. With too many manual processes involved in security operations and incident response (IR), including numerous threat feeds to monitor, investing in automation capabilities such as those in a [SOAR solution](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown) can help orchestrate actions across the product stack for faster and more scalable IR. ### Auditing Your Environment to Reduce Risks Associated with Tool Sprawl Due to acquisitions, mergers and a lack of standardization for similar security products, many organizations are burdened with a disparate swath of tools across their security stack. One of the first steps an organization can take to reduce the security impact of tool sprawl is to audit protected systems and entities. Identify precisely what is being protected and what is being prevented from happening. Is it intellectual property? Customers' personal information? By identifying as much as possible, whether software or physical assets, an organization can better prioritize protecting high-value and high-risk data. Having this end-to-end visibility can help identify gaps and potential threat vectors. ***Want to learn the basics of a Security Operations Center? Read our [What is a SOC?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown) article.*** ## SOC Roles and Responsibilities FAQs ### What are the main roles within a SOC? **SOC Manager:** Oversees the SOC's operations and ensures effective incident management. **Security Analyst:** Monitors and analyzes network traffic, detects threats, and responds to incidents. **Incident Responder:** Takes action during security incidents to mitigate damage and restore normal operations. **Threat Hunter:** Proactively searches for hidden threats within the network. **Security Engineer:** Maintains and optimizes security tools and infrastructure. ### What are the responsibilities of a SOC Manager? **Managing the SOC team:** Ensuring adequate resources, training, and performance. **Developing and implementing security policies and procedures:** Defining protocols for incident response, vulnerability management, and security compliance. **Coordinating incident response efforts:** Leading and overseeing the response to security incidents. **Ensuring compliance with regulatory requirements:** Maintaining adherence to relevant security standards and regulations. **Reporting on SOC activities and performance:** Providing regular updates to senior management on the SOC's operations and effectiveness. ### What are the duties of a Security Analyst in a SOC? **Analyzing security alerts and determining their validity:** Assessing the severity and potential impact of security events. **Investigating and responding to security incidents:** Identifying the root cause, containing the threat, and restoring normal operations. **Conducting vulnerability assessments and recommending mitigation measures:** Identifying security weaknesses and recommending solutions to address them. **Keeping up-to-date with the latest threat intelligence:** Staying informed about emerging threats and attack techniques. **Documenting incidents and creating reports:** Maintaining detailed records of security events and providing comprehensive reports to stakeholders. ### What are the contributions of an Incident Responder? **Quickly responding to detected security incidents:** Taking swift action to contain and mitigate threats. **Analyzing the impact and scope of incidents:** Assessing the extent of damage and identifying affected systems. **Coordinating with other teams to contain and eradicate threats:** Collaborating with internal and external resources to ensure effective incident resolution. **Conducting post-incident analysis and reporting:** Identifying root causes, lessons learned, and recommendations for improvement. **Developing and maintaining incident response plans:** Defining procedures and protocols for handling different types of security incidents. ### What skills are required for a Threat Hunter? **Advanced knowledge of cyber threats and attack techniques:** Understanding various threat actors, their motives, and attack methodologies. **Proficiency in using threat hunting tools and technologies:** Utilizing specialized tools for proactive threat detection and analysis. **Strong analytical and problem-solving skills:** Identifying patterns, anomalies, and potential indicators of compromise. **Experience with forensic analysis and malware reverse engineering:** Investigating suspicious activities and extracting critical information from compromised systems. **Excellent communication and reporting abilities:** Effectively communicating findings and recommendations to technical and non-technical audiences. Related Content [What Is a SOC? Security Operations Centers come in many forms with differing objectives.](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown) [Cortex XSIAM Extended Intelligence and Automation Management (XSIAM) is a revolutionary approach that delivers better security with a better operating model for the modern SOC.](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) [SOC Modernization and the Role of XDR Discover top priorities and challenges for SecOps teams in this report by ESG.](https://www.paloaltonetworks.com/resources/research/esg-xdr-and-soc-modernization?ts=markdown) [How to Plan for Tomorrow's SOC, Today Modernize your SOC with four immediate steps you can take to improve SOC efficiencies and three security technologies that are key to future-proofing your SOC.](https://start.paloaltonetworks.com/modernize-your-soc-playbook.html) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=Security%20Operations%20Center%20%28SOC%29%20Roles%20and%20Responsibilities&body=Dive%20into%20the%20roles%20and%20responsibilities%20of%20a%20Security%20Operations%20Center%20%28SOC%29.%20Discover%20how%20SOC%20teams%20detect%2C%20analyze%2C%20and%20respond%20to%20cyber%20threats.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/soc-roles-and-responsibilities) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/guide-to-deploying-secops-automation?ts=markdown) How Do I Deploy SecOps Automation? [Next](https://www.paloaltonetworks.com/cyberpedia/soc-as-a-service?ts=markdown) What is SOC as a Service (SOCaaS)? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language