[](https://www.paloaltonetworks.com/?ts=markdown)

* Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)
  ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [](https://www.paloaltonetworks.com/?ts=markdown)

* Products  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products  
  [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)
  
  * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)
  
  * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  
  * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)
  
  * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)
  
  * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  
  * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)
  
  * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)
  
  * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  
  * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)
  
  * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)
  
  * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)
  
  * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)
  
  * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)
  
  * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  
  * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)
  
  * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)
  
  * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)
  
  * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)
  
  * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)
  
  * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)
  
  * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)
  
  * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)
  
  * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)
  
  * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)  
    [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)
  
  * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)
  
  * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)
  
  * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)
  
  * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)
  
  * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)
  
  * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown)
  
  * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)
  
  * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown)
  
  * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)
  
  * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown)
  
  * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  
  * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* Solutions  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions  
  Secure AI by Design
  
  * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)  
    Network Security
  * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown)
  * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown)
  * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown)
  * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown)
  * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown)
  * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown)
  * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown)
  * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)  
    Cloud Security
  * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown)
  * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown)
  * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown)
  * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown)
  * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown)
  * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown)
  * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown)
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown)
  * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown)  
    Security Operations
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown)
  * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown)
  * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown)
  * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown)
  * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown)
  * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown)
  * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown)
  * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown)
  * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown)
  * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown)  
    Endpoint Security
  * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown)
  * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown)
  * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown)
  * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown)  
    [Industries](https://www.paloaltonetworks.com/industry?ts=markdown)
  * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown)
  * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown)
  * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown)
  * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown)
  * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown)

* Services  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services  
  [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)
  
  * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)
  
  * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown)
  
  * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown)
  
  * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown)
  
  * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown)
  
  * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown)
  
  * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown)
  
  * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown)
  
  * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown)
  
  * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown)
  
  * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown)
  
  * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown)
  
  * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown)
  
  * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown)
  
  * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)
  
  * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown)
  
  * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown)
  
  * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown)
  
  * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown)
  
  * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown)
  
  * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)
  
  * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown)
  
  * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown)
  
  * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown)
  
  * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown)  
    [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown)
  
  * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown)
  
  * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown)
  
  * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown)
  
  * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown)
  
  * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown)  
    [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg)  
    UNIT 42 RETAINER
    Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial.
    Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)

* Partners  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners  
  NextWave Partners
  
  * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown)
  * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown)
  * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown)
  * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown)
  * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown)
  * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown)
  * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown)
  * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown)  
    Take Action
  * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown)
  * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown)
  * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner)
  * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess)
  * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator)  
    [CYBERFORCE
    CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise.
    Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown)

* Company  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company  
  Palo Alto Networks
  
  * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
  * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown)
  * [Investor Relations](https://investors.paloaltonetworks.com)
  * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
  * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown)
  * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
  * [Military \& Veterans](https://jobs.paloaltonetworks.com/military)  
    [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown)
  * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown)
  * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown)
  * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown)
  * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown)
  * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown)
  * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
  * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown)  
    Careers
  * [Overview](https://jobs.paloaltonetworks.com/)
  * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/)  
    [A Newsweek Most Loved Workplace
    "Businesses that do right by their employees"
    Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown)

* More  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More  
  Resources
  
  * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
  * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/)
  * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
  * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
  * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
  * [Tech Insider](https://techinsider.paloaltonetworks.com/)
  * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/)
  * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/)
  * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown)
  * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown)
  * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown)
  * [Tech Docs](https://docs.paloaltonetworks.com/)
  * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown)
  * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)
  * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown)  
    Connect
  * [LIVE community](https://live.paloaltonetworks.com/)
  * [Events](https://events.paloaltonetworks.com/)
  * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown)
  * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown)
  * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)  
    [Blog
    Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity
    Learn more](https://www.paloaltonetworks.com/blog/)

* Sign In  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)

* [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown)  
  Search  
  All

* [Tech Docs](https://docs.paloaltonetworks.com/search)  
  Close search modal
  [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com)  
  [](https://www.paloaltonetworks.com/?ts=markdown)

1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
2. [Security Operations](https://www.paloaltonetworks.com/cyberpedia/security-operations?ts=markdown)
3. [Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown)
4. [What Is Threat and Vulnerability Management?](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management?ts=markdown)  
   Table of contents

* [What Is Vulnerability Management?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown)
  * [Vulnerability Management Explained](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#vulnerability?ts=markdown)
  * [Understanding Vulnerabilities, Threats and Risks](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#understanding?ts=markdown)
  * [Why Cloud Vulnerability Management Is Challenging](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#why?ts=markdown)
  * [Vulnerability Management Vs. Patch Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#management?ts=markdown)
  * [Overview of Common Vulnerabilities and Exposures (CVEs)](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#overview?ts=markdown)
  * [Vulnerability Management Vs. Vulnerability Assessment](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#vs?ts=markdown)
  * [Setting Up a Vulnerability Management Framework](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#framework?ts=markdown)
  * [The Four Key Steps of Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#the?ts=markdown)
  * [Improving Your Vulnerability Management Program](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#improving?ts=markdown)
  * [CWPP's Role in Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#roles?ts=markdown)
  * [Best Practices for Managing Cloud Workload Vulnerabilities](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#best?ts=markdown)
  * [Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#faqs?ts=markdown)
* [What Is Patch Management? Process, Policy, and Benefits](https://www.paloaltonetworks.com/cyberpedia/patch-management?ts=markdown)
  * [Understanding Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management#understanding?ts=markdown)
  * [Why Patch Management Is Important](https://www.paloaltonetworks.com/cyberpedia/patch-management#why?ts=markdown)
  * [The Patch Management Process](https://www.paloaltonetworks.com/cyberpedia/patch-management#process?ts=markdown)
  * [Patch Management in Cloud and Hybrid Environments](https://www.paloaltonetworks.com/cyberpedia/patch-management#patch?ts=markdown)
  * [Key Patch Management Challenges and How to Solve Them](https://www.paloaltonetworks.com/cyberpedia/patch-management#key?ts=markdown)
  * [How to Create an Effective Patch Management Policy](https://www.paloaltonetworks.com/cyberpedia/patch-management#policy?ts=markdown)
  * [Leveraging Tools and Technologies for Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management#leveraging?ts=markdown)
  * [CWPPs and Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management#cwpps-patch-management?ts=markdown)
  * [Patch Management FAQs](https://www.paloaltonetworks.com/cyberpedia/patch-management#faqs?ts=markdown)
* [What Is Risk-Based Vulnerability Management?](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management?ts=markdown)
  * [Risk-Based Vulnerability Management Definition](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#vulnerability?ts=markdown)
  * [Why Organizations Need a Risk-Based Approach?](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#why?ts=markdown)
  * [Key Components of a Risk-Based Vulnerability Management Framework](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#key?ts=markdown)
  * [From Discovery to Remediation --- RBVM in Practice](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#practice?ts=markdown)
  * [Benefits of Adopting a Risk-Based Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#benefits?ts=markdown)
  * [Risk-Based Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#faqs?ts=markdown)
* [Vulnerability Management Program: Building a Risk-Based Framework](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program?ts=markdown)
  * [What Is a Vulnerability Management Program?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#what?ts=markdown)
  * [Key Components of a Successful Program](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#key?ts=markdown)
  * [How Does Cloud Vulnerability Management Work?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#how?ts=markdown)
  * [Reporting and Metrics](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#reporting?ts=markdown)
  * [Challenges and Best Practices](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#challenges?ts=markdown)
  * [Vulnerability Management Program FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#faqs?ts=markdown)
* [What Is Vulnerability Scanning?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning?ts=markdown)
  * [Vulnerability Scanning Explained](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vulnerability?ts=markdown)
  * [How Vulnerability Scanning Works](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#how?ts=markdown)
  * [Types of Vulnerability Scanning](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#types?ts=markdown)
  * [Vulnerability Scanning Vs. Penetration Testing](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vs?ts=markdown)
  * [CWPP \& Scanning in the Cloud](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#cwpp?ts=markdown)
  * [Vulnerability Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#practices?ts=markdown)
  * [Vulnerability Scanning FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#faqs?ts=markdown)
* [Patch Management Vs. Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management?ts=markdown)
  * [Patch Management and Vulnerability Management Definition](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#patch?ts=markdown)
  * [Key Differences Between Patch and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#key?ts=markdown)
  * [Where They Overlap --- Coordination Is Key](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#where?ts=markdown)
  * [How to Build an Integrated Patch and Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#strategy?ts=markdown)
  * [Tools That Bridge Vulnerability and Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#tools?ts=markdown)
  * [Patch Management vs. Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#faqs?ts=markdown)
* What Is Threat and Vulnerability Management?
  * [Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#threat?ts=markdown)
  * [Key Components of a Threat and Vulnerability Management Program](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#key?ts=markdown)
  * [Comparing Threat and Vulnerability Management by Risk Elimination](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#comparing?ts=markdown)
  * [The Value of Integrated Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#value?ts=markdown)
  * [Building a Threat and Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#building?ts=markdown)
  * [Threat and Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#faqs?ts=markdown)
* [Vulnerability Management Lifecycle: Key Phases and Execution](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle?ts=markdown)
  * [Understanding the Vulnerability Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#understanding?ts=markdown)
  * [Key Phases of the Vulnerability Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#key?ts=markdown)
  * [Vulnerability Management Lifecycle Implementation and Real-World Application](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#vulnerability?ts=markdown)
  * [Vulnerability Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#faqs?ts=markdown)
* [How to Automate Vulnerability Management Steps, Tools, and Benefits](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management?ts=markdown)
  * [Understanding Vulnerability Management Automation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#understanding?ts=markdown)
  * [The Four Pillars of Automated Vulnerability Management Workflow](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#pillars?ts=markdown)
  * [Tools and Technologies for Vulnerability Remediation Automation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#tools?ts=markdown)
  * [Benefits of Vulnerability Management Automation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#benefits?ts=markdown)
  * [Challenges and Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#challenges?ts=markdown)
  * [How to Automate Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#faqs?ts=markdown)
* [What Is Continuous Vulnerability Management (CVM)?](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management?ts=markdown)
  * [Understand Continuous Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#understand?ts=markdown)
  * [CVM Vs. Traditional Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#traditional?ts=markdown)
  * [When to Consider Continuous Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#when?ts=markdown)
  * [How CVM Works in Enterprise Environments](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#how?ts=markdown)
  * [Key Benefits of CVM](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#key?ts=markdown)
  * [Challenges of CVM Adoption](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#challenges?ts=markdown)
  * [Best Practices for CVM Adoption](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#best?ts=markdown)
* [Continuous Vulnerability Management (CVM) FAQs](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#faqs?ts=markdown)

# What Is Threat and Vulnerability Management?

5 min. read  
Table of contents

* * [Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#threat?ts=markdown)
  * [Key Components of a Threat and Vulnerability Management Program](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#key?ts=markdown)
  * [Comparing Threat and Vulnerability Management by Risk Elimination](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#comparing?ts=markdown)
  * [The Value of Integrated Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#value?ts=markdown)
  * [Building a Threat and Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#building?ts=markdown)
* [Threat and Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#faqs?ts=markdown)

1. Threat and Vulnerability Management

* * [Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#threat?ts=markdown)
  * [Key Components of a Threat and Vulnerability Management Program](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#key?ts=markdown)
  * [Comparing Threat and Vulnerability Management by Risk Elimination](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#comparing?ts=markdown)
  * [The Value of Integrated Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#value?ts=markdown)
  * [Building a Threat and Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#building?ts=markdown)
* [Threat and Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#faqs?ts=markdown)

Threat and vulnerability management (TVM) is an integrated cybersecurity discipline that combines vulnerability assessment with threat intelligence to create a risk-based approach to security. TVM helps organizations identify, prioritize, and remediate weaknesses before attackers can exploit them while simultaneously detecting and responding to active threats. By bridging traditional vulnerability scanning with real-time threat intelligence, TVM enables more effective resource allocation and dramatically improves security posture.

## Threat and Vulnerability Management

Threat and vulnerability management (TVM) is a comprehensive cybersecurity framework that combines two critical disciplines to create a unified defense strategy against today's complex digital risks. The integrated approach helps organizations move beyond reactive security postures toward a more strategic, risk-based methodology that aligns security efforts with actual business threats.

Breaking down TVM into its core components helps clarify its scope and purpose:

* **Vulnerability management** focuses on the systematic identification, classification, prioritization, and remediation of security weaknesses across an organization's digital landscape. These vulnerabilities might exist as software flaws, outdated systems, misconfigurations, weak access controls, or known Common Vulnerabilities and Exposures (CVEs). The process involves continuous scanning, assessment, and monitoring of systems to discover potential entry points before malicious actors can exploit them. Without proper [vulnerability management](https://www.paloaltonetworks.com/cyberpedia/what-Is-vulnerability-management?ts=markdown), organizations essentially leave their digital doors unlocked, creating opportunities for breaches and attacks.
* **Threat management** involves the strategies and tools employed to identify, assess, and address security threats that could jeopardize an organization's resources. It focuses on both current and potential risks, including [advanced persistent threats (APTs)](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt?ts=markdown), complex [malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown), social engineering tactics, and [insider threats](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown). Successful threat management demands ongoing monitoring, advanced detection systems, and well-defined response plans to minimize the impact of these threats as they emerge.

By correlating vulnerability data with real-time [cyber threat intelligence](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown), organizations can make more informed decisions about where to allocate limited security resources. A seemingly moderate vulnerability becomes significantly more critical when actively exploited in the wild or it affects business-critical systems. A unified approach prevents this by enabling security teams to:

* Develop risk-based remediation strategies that address the most pressing concerns first
* Reduce the overall attack surface through systematic weakness elimination
* Create more effective [incident response plans](https://www.paloaltonetworks.com/cyberpedia/incident-response-plan?ts=markdown) informed by vulnerability context
* Build a more resilient security posture that evolves with the threat landscape

## Key Components of a Threat and Vulnerability Management Program

A vigorous threat and vulnerability management program requires several interconnected components working in harmony to provide comprehensive protection. Let's explore the essential building blocks that make up an effective TVM program.

### Vulnerability Management Components

#### Asset Discovery and Inventory Management

Before you can protect your environment, you need to know what you're protecting. A complete, continuously updated inventory of all assets --- including hardware, software, cloud resources, IoT devices, and even [shadow IT](https://www.paloaltonetworks.com/cyberpedia/shadow-data?ts=markdown) --- forms the foundation of vulnerability management. Modern discovery tools use network scanning, agent-based approaches, and API integrations to maintain real-time visibility across complex environments.

#### Vulnerability Scanning and Assessment

Regular scanning across all environments identifies potential weaknesses before attackers can exploit them. Effective scanning combines multiple approaches --- authenticated and unauthenticated scans, network-based and agent-based tools, and specialized scanners for web applications, [containers](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container?ts=markdown), and cloud configurations. These scans generate raw vulnerability data that requires further analysis.

#### Contextual Risk Scoring

Advanced TVM programs move beyond basic CVSS scores to implement contextual risk scoring that considers factors like:

* Asset criticality and business impact
* Threat intelligence about active exploitation
* Exposure to the internet or untrusted networks
* Compensating controls already in place
* Potential [lateral movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown) paths for attackers

#### Remediation Workflow Management

Fixing vulnerabilities requires coordination across security, IT, and development teams. Modern TVM programs implement structured workflows for [patch management](https://www.paloaltonetworks.com/cyberpedia/patch-management?ts=markdown), configuration changes, and other remediation actions. These workflows include validation testing to ensure fixes are properly implemented and don't introduce new issues.

#### Exception Handling and Compensating Controls

Some vulnerabilities can't be patched immediately --- or at all --- due to business constraints, compatibility issues, or legacy systems. A mature TVM program includes formal processes for documenting, approving, and regularly reviewing exceptions, along with implementing compensating controls to reduce risk when direct remediation isn't possible.

### Threat Management Components

#### Threat Intelligence Integration

Effective threat management depends on quality intelligence about emerging threats, attacker techniques, and industry-specific targeting. It includes:

* External feeds from commercial providers, ISACs, and government sources
* Open-source intelligence from forums, social media, and research publications
* Internal intelligence gathered from the organization's security tools and incident history

The most advanced programs use threat intelligence platforms (TIPs) to aggregate, deduplicate, and correlate this information into actionable insights.

#### Real-Time Threat Detection

Continuous monitoring across all environments is essential for identifying active threats. Real-Time Threat Detection typically combines:

* Network detection and response (NDR) systems analyzing traffic patterns
* Endpoint detection and response ([EDR](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection-and-response-edr?ts=markdown)) tools monitoring for suspicious behavior
* Cloud security posture management (CSPM) alerting on configuration drift
* [SIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-siem?ts=markdown) solutions correlating events across multiple security tools

AI and machine learning increasingly augment these technologies to identify subtle attack patterns that might otherwise go undetected.

#### Threat Actor Profiling

Understanding who might target your organization and how they operate provides valuable context for defense. It involves researching known threat groups targeting your industry, analyzing their tactics, techniques, and procedures (TTPs), and mapping these to the [MITRE ATT\&CK](https://www.paloaltonetworks.com/cyberpedia/what-is-mitre-attack?ts=markdown) framework to identify potential gaps in security controls.

#### Proactive Threat Hunting

Instead of relying solely on alerts, threat hunting involves actively seeking out potential compromises that might evade detection systems. Such a proactive process demands experienced analysts who are well-versed in adversary techniques, along with advanced tools for conducting query-based and hypothesis-driven investigations throughout the environment.

#### Incident Response Integration

When threats materialize despite preventive measures, a swift and coordinated response is crucial. The TVM program should connect directly to incident response processes, providing responders with vulnerability context that helps explain how attackers gained access and what other systems might be at risk.

Several factors bridge the gap between vulnerability management and threat management:

#### Automation and Orchestration

The scale and complexity of modern environments make manual TVM processes unsustainable. Security orchestration, automation, and response ([SOAR](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown)) platforms can automate routine tasks like vulnerability scanning, threat intelligence gathering, ticket creation, and even some remediation actions, allowing security teams to focus on higher-value activities.

#### Dashboards and Reporting

Translating technical security data into business-relevant insights requires thoughtful visualization and reporting. Effective dashboards provide role-appropriate views for different stakeholders --- technical details for operations teams, trend analysis for security leaders, and risk-oriented summaries for executives and boards.

#### Continuous Improvement Processes

The threat landscape evolves constantly, and so must TVM programs. Regular reviews of security incidents, near-misses, and program metrics help identify gaps and refine processes. Table-top exercises and red team assessments provide additional feedback on program effectiveness.

The most mature TVM programs integrate these components into a cohesive system that provides visibility across all environments --- from traditional on-premises networks to modern cloud infrastructures and remote work setups. A comprehensive approach like this ensures that security efforts align with actual risks and adapt to the organization's evolving digital footprint.

## Comparing Threat and Vulnerability Management by Risk Elimination

Understanding how vulnerability management and threat management differ and yet make complementary contributions to risk elimination helps organizations to maximize both approaches in their security strategy.

### Distinct Perspectives on Risk

**Vulnerability management** identifies what could be exploited within your environment. It's concerned with weaknesses, gaps, and flaws that exist regardless of whether anyone is actively trying to exploit them. Like surveying a building for structural weaknesses, vulnerability management creates an inventory of potential problems before they're used against you.

**Threat management**, by contrast, focuses on who's targeting your organization and how they're doing it. It identifies adversary intent, capability, and activity, examining the "who" and "how" of attacks by monitoring for signs of compromise and analyzing attack patterns, as well as tracking threat actors targeting your industry or region.

Think of vulnerability management as identifying all the possible entry points to your house, while threat management tells you which doors burglars in your neighborhood are checking and what tools they're carrying.

### Time Horizons and Action Focus

**Vulnerability management** operates primarily in a proactive, preventative mode --- addressing issues before exploitation occurs. It creates a systematic approach to discovering and eliminating weaknesses on a scheduled basis, often through regular scanning cycles and patching routines.

**Threat management** tends to operate in a more immediate timeframe, detecting and responding to active or imminent threats. While it includes proactive elements like [threat hunting](https://www.paloaltonetworks.com/cyberpedia/threat-hunting?ts=markdown), it places emphasis on real-time monitoring, detection, and rapid response capabilities.

### The Risk Elimination Synergy

The power of a unified TVM approach comes from the combined perspectives of vulnerability and threat management. Consider an organization facing thousands of vulnerabilities across its environment. Vulnerability management might prioritize fixes based on CVSS scores or asset value. Threat management will likely detect suspicious activity but lack context about the underlying vulnerabilities being targeted.

When integrated, these disciplines create a dynamic risk prioritization system. Vulnerabilities actively exploited in the wild or affecting systems under current attack immediately rise to the top of the remediation queue. The contextual approach ensures security teams address the most relevant risks first, fixing the right weaknesses at the right time.

The table below summarizes the key differences and complementary roles of each discipline in risk elimination:

|------------------------|--------------------------------------------------------------|-------------------------------------------------------------------------------|------------------------------------------------------------|
| **Aspect**             | **Vulnerability Management**                                 | **Threat Management**                                                         | **Combined Approach**                                      |
| **Primary Focus**      | Security weaknesses and exposures                            | Adversary behavior and intentions                                             | Contextual risk based on both exposure and threat activity |
| **Key Question**       | "What could go wrong?"                                       | "What is going wrong?"                                                        | "What should we address first and why?"                    |
| **Time Orientation**   | Preventative (before exploitation)                           | Detective and responsive (during/after exploitation attempts)                 | Continuous risk reduction lifecycle                        |
| **Primary Activities** | Scanning, assessment, patching, configuration                | Monitoring, detection, threat intelligence, incident response                 | Risk-based prioritization and orchestrated defense         |
| **Decision Driver**    | Vulnerability severity and asset criticality                 | Threat actor capability and activity patterns                                 | Exploitability in current threat context                   |
| **Metrics**            | Vulnerability counts, patch coverage, mean time to remediate | Detection coverage, mean time to detect/respond, threat intelligence coverage | Risk reduction rate, security posture improvement          |

***Table 1**: Vulnerability management and threat management at a glance*

### From Theory to Practice

The TVM integrated approach transforms abstract risk management theory into practical action. For example, when the Log4Shell vulnerability emerged in late 2021, organizations with mature TVM programs could rapidly:

1. Identify affected assets through [vulnerability scanning](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning?ts=markdown) (vulnerability management).
2. Monitor for exploitation attempts through network and [endpoint detection](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection?ts=markdown) (threat management).
3. Prioritize remediation based on both exposure and observed attacks.
4. Deploy temporary mitigations to the most at-risk systems while patches were being developed.

Without this unified approach, organizations either responded too broadly (trying to patch everything at once) or too narrowly (missing systems where the vulnerability posed the greatest risk).

In combining "what could go wrong" with "what is going wrong," modern TVM programs create a dynamic, intelligence-driven approach to security that maximizes the impact of limited resources.

## The Value of Integrated Threat and Vulnerability Management

Traditional, siloed approaches to vulnerability management and threat detection have created inefficiencies that modern security teams can't afford. That's where integrated threat and vulnerability management delivers value.

### Enhanced Decision Intelligence

The most immediate benefit of integrated TVM is vastly improved decision-making. Rather than treating all vulnerabilities with equal urgency or responding to threats without understanding the underlying weaknesses, TVM creates a contextual risk framework that considers multiple factors:

* Vulnerability severity and exploitability
* Asset criticality to business operations
* Current threat landscape and attacker behavior
* Existing security controls and compensating measures

A multidimensional view enables security teams to make smarter decisions about resource allocation. For example, a medium-severity vulnerability on a business-critical system that's actively being exploited in your industry would receive higher priority than a high-severity vulnerability with no known exploits on a non-critical system.

### Operational Efficiency Gains

Beyond better decisions, integrated TVM delivers operational improvements that help understaffed security teams accomplish more:

* **Reduced Alert Fatigue**: Correlating vulnerability data with threat intelligence enables TVM platforms to suppress alerts for vulnerabilities that pose minimal risk in your environment. For instance, a vulnerability that requires physical access in a secure data center might generate unnecessary noise without contextual filtering.
* **Accelerated Response Times**: When threats emerge that target specific vulnerabilities, an integrated TVM platform can automatically trigger accelerated patching workflows for affected systems. Doing so dramatically reduces the time between threat identification and protection implementation.
* **Streamlined Remediation Workflows**: Instead of security teams discovering vulnerabilities and then struggling to get IT teams to implement fixes, integrated TVM creates clear, prioritized workflows with actionable remediation steps. The alignment between detection and response eliminates costly delays and communication barriers.

### Strategic Alignment with Modern Environments

Traditional security approaches were designed for static, on-premises infrastructures with clear perimeters. Today's hybrid and multicloud environments demand a different approach:

* **Multi-Environment Visibility** : Comprehensive TVM solutions extend across on-premises, cloud, container, and [endpoint](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint?ts=markdown) environments, providing unified visibility that matches today's distributed infrastructure.
* **DevSecOps Integration** : As organizations adopt more agile development practices, TVM platforms can integrate with [CI/CD pipelines](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown) to identify vulnerabilities early in the development cycle when they're easier and less expensive to fix.
* **Dynamic Risk Adaptation**: Cloud environments change rapidly, with new assets deployed and retired continuously. Integrated TVM adapts to these changes, automatically discovering new assets and evaluating their security posture without manual intervention.

### Compliance and Governance Benefits

Beyond operational and tactical advantages, integrated TVM strengthens an organization's overall governance and compliance posture:

* **Evidence-Based Reporting**: When auditors or regulators inquire about security controls, integrated TVM provides comprehensive documentation of vulnerability identification, risk assessment, and remediation activities.
* **Risk-Based Exceptions**: Not all vulnerabilities can be immediately patched. Integrated TVM provides the context needed to justify and document exceptions based on actual risk, satisfying compliance requirements while maintaining operational stability.
* **Continuous Improvement Metrics**: By tracking vulnerability trends, remediation times, and threat patterns over time, integrated TVM delivers metrics that demonstrate security program maturity and improvement to stakeholders.

## Building a Threat and Vulnerability Management Strategy

Whether you're starting from scratch or maturing an existing program, following these structured steps will help establish a robust TVM foundation that evolves with your organization's needs and the changing threat landscape.

### Step 1: Conduct Comprehensive Asset Discovery and Inventory

A successful TVM program begins with knowing what you need to protect. Modern environments span traditional data centers, cloud infrastructure, IoT devices, operational technology, and remote endpoints --- all of which must be accounted for. Start with these actions:

* Deploy automated discovery tools across all network segments
* Implement [cloud security posture management (CSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown) for cloud resource discovery
* Establish API connections to configuration management databases (CMDBs)
* Create processes to capture shadow IT and developer-created resources
* Classify assets based on business criticality and data sensitivity

Key implementation tip: Don't aim for perfection immediately. Begin with your most critical business systems and expand coverage methodically. Implement continuous discovery to capture new assets as they're deployed, particularly in dynamic cloud environments.

### Step 2: Establish Continuous Vulnerability Scanning and Risk Scoring

Once you know what you have, implement regular vulnerability assessment across all environments using multiple scanning approaches. Key components include:

* Authenticated scans of internal systems for comprehensive detection
* External perimeter scanning to identify internet-facing vulnerabilities
* Agent-based assessment for remote endpoints and [cloud workloads](https://www.paloaltonetworks.com/cyberpedia/what-is-workload?ts=markdown)
* Specialized scanning for web applications, containers, and APIs
* Configuration analysis against security baselines and hardening guides

The raw vulnerability data requires context to become actionable. Implement a risk scoring framework that considers:

* Base vulnerability severity (CVSS score)
* Asset criticality to business operations
* Exploitability factors (available exploit code, complexity)
* Exposure level (internet-facing, internal segmentation)
* Compensating controls that may reduce actual risk

**Key implementation tip**: Start with weekly scans of critical systems and gradually increase frequency. For cloud environments and public-facing assets, aim for daily or continuous scanning.

### Step 3: Integrate Threat Intelligence

Vulnerabilities exist in a vacuum until threat intelligence provides context about how attackers might exploit them. An effective TVM program incorporates multiple intelligence sources to prioritize remediation efforts. Implementation steps include:

* Subscribe to commercial threat intelligence feeds relevant to your industry
* Join information sharing communities (ISACs) for sector-specific intelligence
* Establish processes to capture and analyze internal threat data
* Implement a threat intelligence platform (TIP) to aggregate and correlate sources
* Create automated workflows that link threat indicators to vulnerability data

**Key implementation tip**: Don't overwhelm yourself with too many intelligence sources initially. Focus on quality over quantity, starting with feeds specifically relevant to your technology stack and industry.

### Step 4: Define and Implement Risk-Based Remediation SLAs

With visibility into assets, vulnerabilities, and threats established, clear remediation expectations based on actual risk rather than arbitrary timeframes can be created. Sample risk-based SLA framework:

* **Critical risk** (actively exploited vulnerabilities on business-critical assets): 24-48 hours
* **High risk** (exploitable vulnerabilities on important systems): 7 days
* **Medium risk** (less exploitable or on less critical systems): 30 days
* **Low risk** (difficult to exploit or minimal impact): 90 days or next maintenance window

**Implementation considerations:**

* Document exception processes for vulnerabilities that can't be immediately remediated
* Create automated ticketing workflows that route to appropriate remediation teams
* Establish escalation procedures for SLA violations
* Implement verification scanning to confirm successful remediation

**Key implementation tip**: Involve IT operations and application teams in defining these SLAs to ensure they're realistic and achievable. Unrealistic timeframes will lead to noncompliance and program failure.

### Step 5: Align with Adjacent Security Processes

TVM doesn't exist in isolation. For maximum effectiveness, integrate it with related security functions for a cohesive approach. Critical integrations include:

* **Security incident response**: Provide vulnerability context during incidents
* **Threat hunting**: Direct hunting activities based on vulnerability insights
* **Change management**: Ensure security reviews before deployment
* **Compliance reporting**: Map vulnerabilities to compliance requirements
* **DevSecOps** : [Shift left](https://www.paloaltonetworks.com/cyberpedia/shift-left-security?ts=markdown) to begin vulnerability detection in development pipelines

Implementation recommendation: Start with simple integration points like sharing data between systems and progress to more sophisticated automated workflows as the program matures.

### Step 6: Measure, Monitor, and Continuously Improve

Establish metrics that track both operational efficiency and risk reduction to demonstrate program value and identify improvement opportunities. Key metrics to track:

* **Exposure window**: Time between vulnerability discovery and remediation
* **Mean Time to Detect (MTTD)**: How quickly new vulnerabilities are identified
* **Mean Time to Remediate (MTTR)**: Average time to fix vulnerabilities by risk level
* **Patch coverage**: Percentage of systems patched within SLA timeframes
* **Risk reduction rate**: Trending of overall vulnerability risk score over time
* **Vulnerability density**: Number of vulnerabilities per asset, tracking improvement
* **Escape rate**: Vulnerabilities that bypass early detection and reach production

**Continuous improvement activities:**

* Conduct quarterly program reviews, analyzing metric trends
* Perform tabletop exercises to test TVM's response to emerging threats
* Gather feedback from security and IT teams on process bottlenecks
* Benchmark your program against industry standards and peers
* Update scoring models as the threat landscape evolves

**Key implementation tip**: Select a small set of meaningful metrics initially rather than trying to measure everything. Focus on metrics that drive behavior change and demonstrate value to leadership.

### Implementation Roadmap Considerations

Building a mature TVM program isn't an overnight process. Consider this phased approach:

**First 90 Days:**

* Complete initial asset inventory of critical systems
* Implement basic vulnerability scanning
* Establish simple risk scoring and remediation priorities
* Begin tracking basic metrics

**6-12 Months:**

* Expand scanning coverage to all environments
* Integrate threat intelligence
* Implement formal SLAs and exception processes
* Begin integration with adjacent security functions

**12+ Months:**

* Implement advanced contextual risk scoring
* Automate remediation workflows
* Establish comprehensive metrics and reporting
* Integrate with business risk management processes

## Threat and Vulnerability Management FAQs

### What is time-to-exploit (TTE)?

Time-to-exploit (TTE) refers to the time elapsed between the public disclosure of a vulnerability and the first known instance of exploitation in the wild. Security teams use this metric to assess the urgency of remediation efforts. A short TTE indicates that attackers are moving quickly to take advantage of known vulnerabilities, which raises the stakes for patching or mitigating those issues before exploitation occurs.

### What is external attack surface discovery?

External attack surface discovery is the process of identifying and cataloging all internet-exposed assets an organization owns or operates, which may include web servers, APIs, cloud services, and unknown or unmanaged assets such as shadow IT.

### What is the signal-to-noise ratio in vulnerability data?

The signal-to-noise ratio in vulnerability data measures how much meaningful, actionable insight exists relative to irrelevant or low-priority findings. A high ratio means teams can focus on legitimate risks without being overwhelmed by false positives or trivial issues. Optimizing this ratio is critical to effective vulnerability prioritization and response.

### What is vulnerability debt tracking?

Vulnerability debt tracking refers to the ongoing measurement and monitoring of unremediated vulnerabilities that accumulate over time. Similar to technical debt, it highlights long-term security liabilities that result from deferred remediation due to resource constraints, operational risks, or misaligned priorities. Tracking this backlog helps organizations understand systemic risk and make informed decisions about where to invest in remediation.

### What is the Exploit Prediction Scoring System (EPSS)?

The Exploit Prediction Scoring System (EPSS) is a data-driven model that estimates the likelihood a given vulnerability will be exploited in the wild within a short time frame. Unlike CVSS, which reflects theoretical severity, EPSS scores are dynamic and based on real-world indicators such as exploit availability, threat actor interest, and historical trends.

### What is the Vulnerability Exploitability eXchange (VEX)?

The Vulnerability Exploitability eXchange (VEX) is a machine-readable format that communicates whether a given vulnerability affects a product and, if so, whether it's exploitable under specific conditions. VEX is part of broader [SBOM](https://www.paloaltonetworks.com/cyberpedia/what-is-software-bill-materials-sbom?ts=markdown) and vulnerability intelligence workflows.

### What is exposure management?

[Exposure management](https://www.paloaltonetworks.com/cyberpedia/exposure-management?ts=markdown) is a continuous practice of identifying, measuring, and reducing the ways attackers could exploit an organization's digital environment. It combines asset discovery, vulnerability assessment, threat intelligence, and risk scoring to provide a comprehensive view of potential attack paths. The goal is to reduce the organization's exposure before attackers can act.

### What is pre-exploit telemetry?

Pre-exploit telemetry consists of behavioral signals or environmental indicators that suggest an attacker may be preparing to exploit a vulnerability. Examples include reconnaissance activity, enumeration behavior, or configuration drift detection.

### What is temporal risk scoring?

Temporal risk scoring adjusts vulnerability severity based on time-sensitive factors such as the release of exploit code, active exploitation in the wild, or newly discovered attack techniques. It provides a more realistic and responsive risk rating than static scores by accounting for changes in the threat landscape over time.

### What is chokepoint identification in attack path analysis?

Chokepoint identification involves locating strategic points in an environment where attacker movement or privilege escalation can be detected or blocked. These chokepoints help defenders focus monitoring and mitigation efforts on critical nodes that attackers must pass through, improving the efficiency of risk reduction.

### What is prioritization bias in vulnerability management?

Prioritization bias occurs when remediation efforts are influenced by subjective factors such as media coverage, internal politics, or perceived urgency. Prioritization based on anything other than objective risk data can lead to misaligned efforts where high-risk vulnerabilities are overlooked in favor of more visible but less dangerous issues.

### What is dynamic asset criticality mapping?

Dynamic asset criticality mapping assigns and updates the importance of assets in real time based on changing business functions, usage patterns, and threat activity. Rather than relying on static asset labels, this approach adapts to operational context, allowing risk-based prioritization that reflects the current impact of compromise.

### What are adaptive risk thresholds?

Adaptive risk thresholds adjust the criteria for alerting, prioritization, or action based on evolving conditions such as threat landscape shifts, operational constraints, or business objectives, which ensures that security controls remain aligned with organizational risk tolerance.

### What is exposure-aware patching?

Exposure-aware patching prioritizes vulnerabilities for remediation based on how exposed the affected asset is to potential attackers. It considers factors such as internet accessibility, network segmentation, and attack surface visibility.

### What is compensating control effectiveness modeling?

Compensating control effectiveness modeling evaluates how well alternative security measures mitigate the risk of a known vulnerability when direct remediation isn't feasible. CCE modeling helps justify risk acceptance or delay in patching by demonstrating that other safeguards substantially reduce exploitability.

### What is cross-domain vulnerability correlation?

Cross-domain vulnerability correlation links vulnerability data across different technical domains --- cloud, endpoint, network, identity --- to build a unified picture of exploitability and risk.
Related Content  
[Code to Cloud Vulnerability Management
Innovative vulnerability management dashboard streamlines discovery, prioritization and remediation of vulns, ensuring robust security from code to cloud.](https://www.paloaltonetworks.com/blog/prisma-cloud/vulnerability-management-innovation/?ts=markdown)  
[Improve Your Multicloud Security Posture
Multicloud environments are complex and difficult to secure without a proactive approach to security and visibility.](https://www.paloaltonetworks.com/resources/datasheets/tip-sheet-improve-your-multicloud-security-posture?ts=markdown)  
[5 Best Practices for Securing Modern Web Applications and APIs
As Web apps and APIs evolve, so does the attack surface. Developers and security practitioners need a comprehensive solution to protect their web apps and APIs.](https://www.paloaltonetworks.com/resources/ebooks/5-best-practices-for-securing-modern-web-applications-and-apis?ts=markdown)  
[State of Cloud-Native Security Report
Over 3,000 cloud security and DevOps professionals identify their challenges, how they handle them and what they've learned in the process.](https://www.paloaltonetworks.com/state-of-cloud-native-security?ts=markdown)  
![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Threat%20and%20Vulnerability%20Management%3F&body=Learn%20the%20components%20of%20TVM%2C%20how%20it%20differs%20from%20siloed%20approaches%2C%20the%20business%20benefits%20of%20integration%2C%20and%20practical%20steps%20to%20implement%20it%20in%20your%20company.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management)  
Back to Top  
[Previous](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management?ts=markdown) Patch Management Vs. Vulnerability Management  
[Next](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle?ts=markdown) Vulnerability Management Lifecycle: Key Phases and Execution  
{#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language