[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) 4. [What Is Vulnerability Scanning?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning?ts=markdown) Table of Contents * [What Is Vulnerability Management?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) * [Vulnerability Management Explained](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#vulnerability?ts=markdown) * [Understanding Vulnerabilities, Threats and Risks](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#understanding?ts=markdown) * [Why Cloud Vulnerability Management Is Challenging](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#why?ts=markdown) * [Vulnerability Management Vs. Patch Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#management?ts=markdown) * [Overview of Common Vulnerabilities and Exposures (CVEs)](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#overview?ts=markdown) * [Vulnerability Management Vs. Vulnerability Assessment](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#vs?ts=markdown) * [Setting Up a Vulnerability Management Framework](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#framework?ts=markdown) * [The Four Key Steps of Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#the?ts=markdown) * [Improving Your Vulnerability Management Program](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#improving?ts=markdown) * [CWPP's Role in Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#roles?ts=markdown) * [Best Practices for Managing Cloud Workload Vulnerabilities](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#best?ts=markdown) * [Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management#faqs?ts=markdown) * [What Is Patch Management? Process, Policy, and Benefits](https://www.paloaltonetworks.com/cyberpedia/patch-management?ts=markdown) * [Understanding Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management#understanding?ts=markdown) * [Why Patch Management Is Important](https://www.paloaltonetworks.com/cyberpedia/patch-management#why?ts=markdown) * [The Patch Management Process](https://www.paloaltonetworks.com/cyberpedia/patch-management#process?ts=markdown) * [Patch Management in Cloud and Hybrid Environments](https://www.paloaltonetworks.com/cyberpedia/patch-management#patch?ts=markdown) * [Key Patch Management Challenges and How to Solve Them](https://www.paloaltonetworks.com/cyberpedia/patch-management#key?ts=markdown) * [How to Create an Effective Patch Management Policy](https://www.paloaltonetworks.com/cyberpedia/patch-management#policy?ts=markdown) * [Leveraging Tools and Technologies for Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management#leveraging?ts=markdown) * [CWPPs and Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management#cwpps-patch-management?ts=markdown) * [Patch Management FAQs](https://www.paloaltonetworks.com/cyberpedia/patch-management#faqs?ts=markdown) * [What Is Risk-Based Vulnerability Management?](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management?ts=markdown) * [Risk-Based Vulnerability Management Definition](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#vulnerability?ts=markdown) * [Why Organizations Need a Risk-Based Approach?](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#why?ts=markdown) * [Key Components of a Risk-Based Vulnerability Management Framework](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#key?ts=markdown) * [From Discovery to Remediation --- RBVM in Practice](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#practice?ts=markdown) * [Benefits of Adopting a Risk-Based Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#benefits?ts=markdown) * [Risk-Based Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management#faqs?ts=markdown) * [Vulnerability Management Program: Building a Risk-Based Framework](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program?ts=markdown) * [What Is a Vulnerability Management Program?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#what?ts=markdown) * [Key Components of a Successful Program](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#key?ts=markdown) * [How Does Cloud Vulnerability Management Work?](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#how?ts=markdown) * [Reporting and Metrics](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#reporting?ts=markdown) * [Challenges and Best Practices](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#challenges?ts=markdown) * [Vulnerability Management Program FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program#faqs?ts=markdown) * What Is Vulnerability Scanning? * [Vulnerability Scanning Explained](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vulnerability?ts=markdown) * [How Vulnerability Scanning Works](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#how?ts=markdown) * [Types of Vulnerability Scanning](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#types?ts=markdown) * [Vulnerability Scanning Vs. Penetration Testing](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vs?ts=markdown) * [CWPP \& Scanning in the Cloud](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#cwpp?ts=markdown) * [Vulnerability Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#practices?ts=markdown) * [Vulnerability Scanning FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#faqs?ts=markdown) * [Patch Management Vs. Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management?ts=markdown) * [Patch Management and Vulnerability Management Definition](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#patch?ts=markdown) * [Key Differences Between Patch and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#key?ts=markdown) * [Where They Overlap --- Coordination Is Key](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#where?ts=markdown) * [How to Build an Integrated Patch and Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#strategy?ts=markdown) * [Tools That Bridge Vulnerability and Patch Management](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#tools?ts=markdown) * [Patch Management vs. Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management#faqs?ts=markdown) * [What Is Threat and Vulnerability Management?](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management?ts=markdown) * [Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#threat?ts=markdown) * [Key Components of a Threat and Vulnerability Management Program](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#key?ts=markdown) * [Comparing Threat and Vulnerability Management by Risk Elimination](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#comparing?ts=markdown) * [The Value of Integrated Threat and Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#value?ts=markdown) * [Building a Threat and Vulnerability Management Strategy](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#building?ts=markdown) * [Threat and Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/threat-and-vulnerability-management#faqs?ts=markdown) * [Vulnerability Management Lifecycle: Key Phases and Execution](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle?ts=markdown) * [Understanding the Vulnerability Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#understanding?ts=markdown) * [Key Phases of the Vulnerability Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#key?ts=markdown) * [Vulnerability Management Lifecycle Implementation and Real-World Application](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#vulnerability?ts=markdown) * [Vulnerability Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-lifecycle#faqs?ts=markdown) * [How to Automate Vulnerability Management Steps, Tools, and Benefits](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management?ts=markdown) * [Understanding Vulnerability Management Automation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#understanding?ts=markdown) * [The Four Pillars of Automated Vulnerability Management Workflow](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#pillars?ts=markdown) * [Tools and Technologies for Vulnerability Remediation Automation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#tools?ts=markdown) * [Benefits of Vulnerability Management Automation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#benefits?ts=markdown) * [Challenges and Best Practices for Implementation](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#challenges?ts=markdown) * [How to Automate Vulnerability Management FAQs](https://www.paloaltonetworks.com/cyberpedia/automating-vulnerability-management#faqs?ts=markdown) * [What Is Continuous Vulnerability Management (CVM)?](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management?ts=markdown) * [Understand Continuous Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#understand?ts=markdown) * [CVM Vs. Traditional Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#traditional?ts=markdown) * [When to Consider Continuous Vulnerability Management](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#when?ts=markdown) * [How CVM Works in Enterprise Environments](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#how?ts=markdown) * [Key Benefits of CVM](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#key?ts=markdown) * [Challenges of CVM Adoption](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#challenges?ts=markdown) * [Best Practices for CVM Adoption](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#best?ts=markdown) * [Continuous Vulnerability Management (CVM) FAQs](https://www.paloaltonetworks.com/cyberpedia/continuous-vulnerability-management#faqs?ts=markdown) # What Is Vulnerability Scanning? 5 min. read Table of Contents * * [Vulnerability Scanning Explained](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vulnerability?ts=markdown) * [How Vulnerability Scanning Works](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#how?ts=markdown) * [Types of Vulnerability Scanning](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#types?ts=markdown) * [Vulnerability Scanning Vs. Penetration Testing](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vs?ts=markdown) * [CWPP \& Scanning in the Cloud](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#cwpp?ts=markdown) * [Vulnerability Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#practices?ts=markdown) * [Vulnerability Scanning FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#faqs?ts=markdown) 1. Vulnerability Scanning Explained * * [Vulnerability Scanning Explained](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vulnerability?ts=markdown) * [How Vulnerability Scanning Works](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#how?ts=markdown) * [Types of Vulnerability Scanning](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#types?ts=markdown) * [Vulnerability Scanning Vs. Penetration Testing](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#vs?ts=markdown) * [CWPP \& Scanning in the Cloud](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#cwpp?ts=markdown) * [Vulnerability Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#practices?ts=markdown) * [Vulnerability Scanning FAQs](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning#faqs?ts=markdown) Vulnerability scanning supports risk-based cybersecurity by proactively identifying security issues and potential vulnerabilities in IT systems and software. A key part of a vulnerability management program, vulnerability scans can be used across an organization's extended attack surface to detect security weaknesses. Security teams use vulnerability scanning tools to find known vulnerabilities inside an organization and those associated with a connected third party, such as partners or customers with access to [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown). Automated tools scan for known vulnerabilities, misconfigurations, and outdated software versions, providing a snapshot of an organization's security posture and highlighting areas that need immediate attention. Regular scans are crucial as they help identify potential entry points for cyberattackers, allowing organizations to address issues before they escalate into serious breaches. ## Vulnerability Scanning Explained Vulnerability scanning is a component of [vulnerability management](https://www.paloaltonetworks.com/cyberpedia/what-Is-vulnerability-management?ts=markdown) and serves as the primary method for identifying and cataloging security weaknesses across an organization's digital infrastructure. Using automated tools, it systematically probes systems, networks, and applications to uncover potential vulnerabilities before malicious actors can exploit them. ### What Is a Security Vulnerability? A vulnerability, according to Microsoft and MITRE, it's "a weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, OR availability." In other words, vulnerabilities can exist in source code, system configurations, or trust relationships between components. #### Common Cloud Security Vulnerabilities * **Misconfigurations**: Errors in security settings of cloud resources, often due to administrative oversights or lack of awareness. * **Poor access control**: Insufficient identity and credential management, including weak passwords and overprivileged accounts. * **Insecure APIs**: Weaknesses in cloud service interfaces that can expose sensitive data or enable unauthorized access. * **Inadequate data sanitation**: Neglecting to validate data can allow invalid data submitted to an application in a SQL injection, buffer overflow, or other attack to go undetected. * **Lack of visibility**: Limited oversight of cloud environments, making it difficult to detect vulnerabilities across complex infrastructures. * **Zero-day vulnerability**: An attacker-discovered vulnerability exploited before a patch is available (e.g., Log4j). * **Unpatched systems**: Failure to keep cloud infrastructure components and software up to date. * **Shared technology vulnerabilities**: Issues arising from the multitenant nature of cloud environments. * **Insufficient encryption**: Inadequate protection of data at rest or in transit. * **Inadequate logging and monitoring**: Lack of comprehensive activity tracking and alert systems. * **Unsecured storage**: Improperly configured storage resources like open S3 buckets. * **[Shadow IT](https://www.paloaltonetworks.com/cyberpedia/shadow-it?ts=markdown)**: Use of unauthorized cloud services by employees introducing unknown security risks. ### Role of Vulnerability Scanning in Vulnerability Management With regular vulnerability scans, organizations can maintain an up-to-date inventory of their assets and associated vulnerabilities, enabling them to prioritize remediation efforts effectively. Proper vulnerability management allows security teams to address weaknesses before they can be exploited, fortifying the security posture of the organization. To this end, vulnerability scanning provides the data to make informed decisions in the context of vulnerability management. Addressing vulnerabilities promptly, of course, will prevent data theft, financial loss, and damage to an organization's reputation. ## How Vulnerability Scanning Works Vulnerability scanning technology identifies security weaknesses through a multistep process that includes discovery, enumeration, and detection. ### Traditional IT Environments In traditional IT environments, the scanner begins with network reconnaissance to discover active devices within the defined scope. Techniques such as ping sweeps and port scans help identify live hosts and open ports. Once the scanner identifies active devices, it collects detailed information about operating systems, installed software, running services, and configuration settings using protocols like SNMP, SSH, and WMI. During the detection phase, the scanner cross-references the collected information against a database of known vulnerabilities. It checks for potential security weaknesses, such as missing patches, outdated software versions, and misconfigurations. For example, the scanner might look for default or weak passwords, open ports that should be closed, or services running with known vulnerabilities. Specific tests for common vulnerabilities, such as SQL injection or cross-site scripting (XSS), are also performed. ### Cloud Environments In cloud environments, the scanning process adapts to the unique characteristics of virtualized infrastructure and dynamic resource allocation. The scanner uses API calls to cloud service providers and network scans to discover active cloud instances, [containers](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container?ts=markdown), and services. [Cloud-native tools](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-application-protection-platform?ts=markdown) and integrations facilitate this discovery process. Once the scanner identifies active resources, it collects information about operating systems, installed software, running services, and configuration settings. The scanner leverages APIs provided by cloud service providers (such as AWS, Azure, and Google Cloud) to gather this data. Agentless scanning in cloud environments involves the scanner communicating directly with cloud resources over the network and through cloud provider APIs. This method avoids deploying software agents on the target systems, making it suitable for dynamic cloud environments. In contrast, agent-based scanning involves installing lightweight agents on cloud instances or [containers](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container?ts=markdown). These agents gather detailed information about the system's configuration, software, and security settings, reporting back to the central scanning server or cloud management console. ### Detection Phase During the detection phase in both traditional and cloud environments, the scanner cross-references the collected information against a database of known vulnerabilities. It performs various checks to identify potential security weaknesses, such as missing patches, outdated software versions, and misconfigurations. The scanner might check for default or weak passwords, open ports that should be closed, or services running with known vulnerabilities. It may also execute specific tests designed to exploit common weaknesses, such as SQL injection or XSS vulnerabilities in web applications. The vulnerability database, which the scanner relies on, is continuously updated with the latest threat intelligence. This database contains information about known vulnerabilities, including their characteristics, potential impacts, and remediation steps. By comparing the cloud resource attributes against this database, the scanner can accurately identify security weaknesses. The scanner assigns severity scores to identified vulnerabilities, often using the [Common Vulnerability Scoring System (CVSS)](https://www.cve.org/). These scores help prioritize issues based on their potential impact and the likelihood of exploitation. Higher severity scores indicate more critical vulnerabilities that require immediate attention. ### Evaluation of Risk Vulnerability scanners assess the risk level of identified vulnerabilities by analyzing their potential impact and exploitability. They then prioritize risk based on business criticality and context or the existence of attack paths (vulnerabilities and risks linked in a manner that increases their criticality), as well as on standardized frameworks such as the [Common Vulnerability Scoring System (CVSS)](https://www.cve.org/). Like the CVSS, vulnerability prioritization generally involves categories that range from low to critical based on ease of exploitation and damage potential. Critical vulnerabilities, which could allow attackers to gain control over affected systems, require immediate remediation. Risk evaluation enables organizations to allocate resources effectively. ### Reporting and Analysis Throughout the scanning process, the scanner logs all findings. It then generates a detailed report that includes a list of identified vulnerabilities, their severity scores, and recommended remediation actions. Security teams use the report to understand the organization's security posture and to take corrective actions. Analysts review the scan results to ensure accuracy. They filter out false positives, where the scanner incorrectly flags a nonexistent issue, and verify that identified vulnerabilities are genuine threats. In this systematic, multistep approach, vulnerability scanning technology effectively identifies vulnerabilities across the organization's digital infrastructure. ## Types of Vulnerability Scanning Types of vulnerability scans can be categorized by their targets and methodologies, as each type serves a distinct purpose and aspects of an organization's IT security. ### Network Vulnerability Scans Network vulnerability scans focus on identifying vulnerabilities in an organization's network infrastructure. They check for open ports, misconfigurations, and potential entry points that attackers could target. Network scan essentially diagnose the security posture of network devices such as routers, switches, and firewalls. #### Use Cases * **Regular Security Audits**: Organizations perform network vulnerability scans periodically to ensure their network infrastructure remains secure against new threats and vulnerabilities. * **Post-Deployment Checks**: After deploying new network devices or configurations, IT teams use network scans to verify that no security issues have been introduced. * **Compliance Requirements**: Companies needing to comply with standards such as PCI DSS or HIPAA use network scans to demonstrate adherence to required security controls. ### Host-Based Vulnerability Scans Host-based vulnerability scans target individual systems or devices within a network. By examining servers, workstations, and other endpoints, host-based scans look for missing patches, outdated software, and configuration issues. Host-based scans help to ensure that each device complies with security policies and is protected against known threats. #### Use Cases * **Patch Management**: IT departments use host-based scans to identify systems that need software updates or patches, ensuring all endpoints are protected against known vulnerabilities. * **Configuration Audits**: Organizations verify that system configurations align with security policies and best practices, minimizing the risk of misconfigurations. * **Incident Response**: During a security incident, host-based scans help identify compromised systems and vulnerabilities that may have been exploited. ### Application Vulnerability Scans Application vulnerability scans scrutinize the security of web applications and software, identifying flaws that open doors to SQL injection, XSS, and insecure authentication mechanisms. Developers and IT teams should conduct application scans before and after application deployment. #### Use Cases * **Development Lifecycle** : Developers integrate application vulnerability scans into the [software development lifecycle (SDLC)](https://www.paloaltonetworks.com/cyberpedia/what-is-secure-software-development-lifecycle?ts=markdown) to identify and fix security issues during development. * **Predeployment Testing** : Before launching new web applications, organizations conduct application scans, such as [static code analysis testing (SAST)](https://www.paloaltonetworks.com/cyberpedia/what-is-sast-static-application-security-testing?ts=markdown), dynamic application security testing (DAST), and [software composition analysis (SCA)](https://www.paloaltonetworks.com/cyberpedia/what-is-sca?ts=markdown) to ensure applications are free from critical vulnerabilities. * **Continuous Monitoring**: Application scans run continuously on deployed applications to detect new vulnerabilities and ensure ongoing security. ### Database Vulnerability Scans Database vulnerability scans aim at discovering security weaknesses in database systems. These scans check for misconfigurations, weak passwords, and unpatched vulnerabilities in database management systems. Protecting databases is essential, as they often store sensitive and critical information. #### Use Cases * **Data Protection**: Organizations scan their databases to identify and address vulnerabilities that could lead to data breaches or unauthorized access to sensitive information. * **Compliance Audits** : Organizations subject to [PCI DSS](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown), [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown), [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), and other regulations use database scans to ensure their databases meet security and compliance requirements. * **Performance Tuning**: Database administrators use scans to identify and resolve misconfigurations that could impact database performance and security. ### Credentialed Scans Credentialed scans involve using valid login credentials to perform a more in-depth analysis of the target system. By accessing the system with legitimate credentials, these scans can provide a comprehensive view of the security state, uncovering issues that might not be visible in noncredentialed scans. #### Use Cases * **Comprehensive Security Assessments**: IT teams use credentialed scans to gain a deep understanding of the security posture of their systems, including configuration settings and installed software. * **Insider Threat Detection**: By using legitimate credentials, organizations can identify vulnerabilities that could be exploited by malicious insiders or compromised accounts. * **Policy Enforcement**: Credentialed scans help ensure systems comply with internal security policies and standards. ### Noncredentialed Scans Noncredentialed scans, on the other hand, don't use any login credentials and perform the scan from an external perspective. These scans simulate an attacker with no prior access to the system and are useful for identifying perimeter vulnerabilities. #### Use Cases * **External Threat Simulation**: Security teams simulate external attacks to identify vulnerabilities that could be exploited by attackers without prior access to the system. * **Perimeter Security Assessment**: Organizations use noncredentialed scans to evaluate the security of their network perimeter and identify potential entry points for cyberthreats. * **Initial Reconnaissance**: Noncredentialed scans provide an initial assessment of the organization's security posture before conducting more in-depth analyses. ### Internal Vulnerability Scans Internal vulnerability scans are conducted within the organization's internal network. These scans help identify vulnerabilities that could be exploited by internal threats or compromised devices. They provide a realistic view of the risks present inside the network perimeter. #### Use Cases * **Insider Threat Mitigation**: Internal scans help identify vulnerabilities that could be exploited by employees or compromised devices within the network. * **Network Segmentation Verification**: Organizations use internal scans to ensure that network segmentation controls are effective in limiting the spread of potential attacks. * **Routine Security Maintenance**: IT teams perform regular internal scans to maintain a secure internal environment, addressing vulnerabilities before they can be exploited. ### External Vulnerability Scans External vulnerability scans are performed from outside the organization's network, simulating an attack from an external source. They may focus on the outward-facing systems and services, such as web servers and email servers, to identify vulnerabilities that could be exploited over the internet. #### Use Cases * **Internet-Facing Asset Protection**: Companies scan their external-facing systems to identify and mitigate vulnerabilities accessible from the internet. * **Third-Party Risk Assessment**: Organizations assess the security of third-party services and partners by conducting external scans on their exposed systems. * **Regulatory Compliance**: External scans help organizations meet compliance requirements by demonstrating the security of their internet-facing assets. ## Vulnerability Scanning Vs. Penetration Testing While automated vulnerability scans are designed to detect issues such as missing patches, misconfigurations, and outdated software, penetration testing involves a combination of automated tools and manual techniques to simulate an attacker's actions. In other words, ethical hackers simulate a real-world attack to identify security gaps and potential entry points, complex issues an automated scan might miss. | | ### Vulnerability Scans | ### Penetration Testing | |----------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | **Goal** | Identify known vulnerabilities within a system, network, or application. | Determine the real-world impact of vulnerabilities by actively exploiting them. | | **Scope and Depth** | These scans provide a broad overview of potential vulnerabilities across a wide range of assets. They're comprehensive but generally don't delve deeply into the exploitation of each vulnerability. | Penetration tests focus on depth rather than breadth, thoroughly investigating specific vulnerabilities to assess their exploitability and potential damage. This often includes attempting to gain unauthorized access, escalate privileges, or exfiltrate data. | | **Automation Vs. Manual Effort** | Mostly automated processes that use predefined databases of known vulnerabilities. They require minimal human intervention and can be scheduled to run regularly. | Involves manual effort by skilled security professionals (ethical hackers). It combines automated tools with human ingenuity to uncover complex vulnerabilities that automated scans might miss. | | **Frequency** | Conducted regularly, such as weekly, monthly, or quarterly, to ensure ongoing identification of new vulnerabilities. | Usually performed less frequently, such as annually or biannually, or after significant changes to the system or network, to provide a point-in-time assessment of security posture. | | **Outcome** | Generate detailed reports listing detected vulnerabilities, their severity ratings, and general remediation recommendations. These reports help prioritize which issues need attention. | Produce reports that include identified vulnerabilities and the methods to exploit them, the impact of successful exploitation, and detailed remediation steps. These insights are valuable for understanding real-world risks and improving defensive strategies. | | **Expertise Required** | Can be operated by IT staff with a basic understanding of security, as the tools are user-friendly and automated. | Requires expertise from experienced security professionals with deep knowledge of attack techniques, system internals, and the latest threat landscape. | | **Regulatory and Compliance** | Often mandated by regulatory frameworks and industry standards to ensure continuous monitoring and management of vulnerabilities. | May be required by regulations but typically serves as a more rigorous form of security assessment. | ## CWPP \& Scanning in the Cloud [Cloud workload protection platform (CWPP)](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform?ts=markdown), specifically its vulnerability scanning capability, have become an indispensable component of modern cloud security. Unlike traditional scanning tools designed for on-premises infrastructure, CWPPs are built to understand and navigate the unique complexities of cloud environments, which are characterized by highly dynamic, ephemeral, and diverse [workloads](https://www.paloaltonetworks.com/cyberpedia/what-is-workload?ts=markdown) like virtual machines, containers, and serverless functions. A CWPP's vulnerability scanning provides deep, contextual insight into the security posture of these [cloud-native](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-native?ts=markdown) assets, which involves continuous discovery of new workloads as they spin up, assessing their configurations, and identifying misconfigurations common in rapidly deployed cloud services. The efficacy of CWPPs in vulnerability scanning extends beyond detection to include proactive and integrated approaches. Many CWPP solutions offer [shift-left](https://www.paloaltonetworks.com/cyberpedia/shift-left-security?ts=markdown) capabilities, enabling vulnerability scanning of container images and code before they are even deployed into production. Early detection in the [CI/CD pipeline](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown) then allows development and security teams to identify and remediate vulnerabilities pre-deployment, significantly reducing the cost and effort of fixing issues that would otherwise propagate into live environments. By integrating threat intelligence and understanding the business criticality and network exposure of affected workloads, CWPPs can prioritize identified vulnerabilities based on their actual risk. This [risk-based approach to vulnerability management](https://www.paloaltonetworks.com/cyberpedia/risk-based-vulnerability-management?ts=markdown) moves organizations beyond simply generating a long list of vulnerabilities to providing a focused view of the most pressing threats. Coupled with runtime protection that monitors for active exploitation and behavioral anomalies, CWPPs ensure that vulnerability scanning isn't a static, periodic exercise but rather a continuous, intelligent process that adapts to the fast-paced nature of cloud operations. ## Vulnerability Management Best Practices Vulnerability scanning, though automated, isn't without challenges. Security teams will need to manage false positives and ensure coverage of all assets --- in addition to keeping pace with emerging threats. Best practices designed to maximize the effectiveness and accuracy of vulnerability assessments go far in preempting complications. Consider adopting the following practices: * Regularly schedule scans to maintain continuous monitoring of systems and networks. * Use both authenticated and unauthenticated scans to gain a comprehensive view of vulnerabilities. * Prioritize the scanning of all critical assets and systems to ensure the most significant risks are identified and addressed promptly. * Use a risk-based approach to prioritize remediation efforts based on the severity and potential impact of identified vulnerabilities. * Maintain an updated vulnerability database to ensure scans detect the latest threats. * Integrate vulnerability scanning into the development lifecycle to identify and address security issues early in the software development process. * Document and track all identified vulnerabilities and remediation efforts to maintain a clear security posture. * Collaborate with different departments to ensure all stakeholders are aware of vulnerabilities and involved in remediation efforts. * Validate the effectiveness of remediation actions by performing follow-up scans. * Ensure compliance with relevant regulatory requirements by incorporating mandatory scans into the security policy. * Train staff on the importance and use of vulnerability scanning tools to maximize their effectiveness. * Regularly review and update scanning policies and procedures to adapt to the evolving threat landscape. ## Vulnerability Scanning FAQs ### Why is vulnerability scanning important? Vulnerability scanning systematically examines systems, networks, and applications to identify security weaknesses, misconfigurations, and vulnerabilities. It's important because it provides a snapshot of an organization's security posture, helping IT teams to prioritize remediation efforts, prevent breaches, and ensure compliance with industry regulations. ### How frequently should vulnerability scans be conducted? The frequency of vulnerability scans depends on the organization's size, industry, and specific security needs. It's generally recommended to perform scans weekly or monthly. Additionally, scans should be conducted after significant changes to the network or systems, such as new software installations, patches, or system configurations. ### Is vulnerability scanning a compliance requirement? Vulnerability scanning is a requirement for some regulations and standards. For others, vulnerability scanning isn't required but is considered a best practice for meeting cybersecurity, data protection, and data privacy requirements. Regulations and standards that require vulnerability testing include PCI DSS, ISO 27001, CMMC, FISMA, and SOX. Others are supported by vulnerability scans but don't require them, including SOC 2, HIPAA, GDPR, and NIST SP 800-53. ### What are the differences between credentialed and noncredentialed scans? Credentialed scans use valid access credentials to perform in-depth examinations of target systems, providing detailed insights into vulnerabilities that require authenticated access. On the other hand, noncredentialed scans operate without access credentials and simulate an unauthenticated attacker's view. This provides an outside-in perspective of the security posture and helps identify externally accessible vulnerabilities. ### Can vulnerability scanning tools detect all types of vulnerabilities? While vulnerability scanning tools are highly effective at identifying known vulnerabilities and misconfigurations, they could be more foolproof. They might miss zero-day vulnerabilities (unknown vulnerabilities) and issues requiring specific business logic assessments. For comprehensive security, vulnerability scanning should complement manual testing, penetration testing, and continuous monitoring. ### What is the role of vulnerability management? The role of vulnerability management is to reduce the risk of security breaches and protect sensitive data by systematically identifying, assessing, and addressing security vulnerabilities. This proactive approach helps maintain a strong security posture, ensures compliance with industry standards and regulations, and minimizes potential damage from cyberthreats. By continuously monitoring and improving the security of cloud environments and IT systems, vulnerability management contributes to the overall resilience and stability of an organization's infrastructure. ### Who uses a vulnerability management program? Organizations across all industries --- government agencies, financial institutions, healthcare providers, and technology companies --- utilize vulnerability management programs, as they're essential for protecting sensitive data, ensuring compliance with regulations, and maintaining a strong security posture. ### What is a threat in terms of cybersecurity? In cybersecurity, a threat refers to any potential malicious activity or event that aims to exploit vulnerabilities in systems, networks or applications, with the intent to compromise the confidentiality, integrity, or availability of data and resources. Threats can originate from various sources, such as hackers, cybercriminals, nation-states, or even insiders, and can manifest in various forms --- malware, phishing attacks, denial-of-service attacks, ransomware, or social engineering schemes. ### What is a Common Vulnerability Scoring System (CVSS)? The Common Vulnerability Scoring System (CVSS) is a widely adopted, standardized framework for assessing and rating the severity of security vulnerabilities in IT systems and cloud environments. CVSS provides a numerical score between 0 and 10, taking into account factors such as the ease of exploitation, impact on confidentiality, integrity, and availability, and the level of required user interaction. Higher scores indicate more severe vulnerabilities, enabling organizations to prioritize remediation efforts and allocate resources effectively. ### What is a code security vulnerability? A code security vulnerability refers to a weakness or flaw within the source code of a software application, resulting from programming errors, insecure coding practices, or misconfigurations. Exploiting such vulnerabilities can enable attackers to compromise the application, gain unauthorized access to sensitive data, or perform malicious actions, potentially causing significant harm to the affected organization. ### How are vulnerabilities scored for severity? Vulnerabilities are scored for severity using standardized frameworks like CVSS, which considers factors such as the potential impact on confidentiality, integrity and availability, the complexity of exploitation, and the required level of user interaction. The resulting numerical score allows organizations to rank vulnerabilities based on their severity, helping to prioritize remediation efforts and allocate resources in a risk-based manner. ### What should be scanned for vulnerabilities? Organizations should scan all components of their IT environment for vulnerabilities, including network devices, servers, workstations, applications, databases, and cloud infrastructure. Regular scanning of both internal and external systems, as well as the integration of vulnerability scanning into the software development lifecycle, ensures comprehensive coverage and helps to maintain a strong security posture. ### Who is responsible for vulnerability management? Responsibility for vulnerability management typically falls on a combination of IT security teams, network administrators, system administrators and security engineers, and to a lesser extent, application developers. Effective vulnerability management requires collaboration and coordination across these teams, with individuals responsible for identifying, assessing, and remediating vulnerabilities, as well as implementing security best practices and ensuring compliance with industry standards and regulations. In some organizations, a dedicated vulnerability management team or a chief information security officer (CISO) may oversee the process. ### What is the most common type of vulnerability scan? The most common type of vulnerability scan is the automated network vulnerability scan, which utilizes vulnerability scanning tools to identify and assess security weaknesses within an organization's network devices, servers and workstations. These scans typically cover a wide range of known vulnerabilities, including those related to outdated software, misconfigurations and insecure network protocols, helping organizations maintain a secure and compliant IT environment. ### What is a CVE vulnerability scan? A CVE (Common Vulnerabilities and Exposures) vulnerability scan is a process that uses a vulnerability scanning tool to identify known security vulnerabilities within IT systems, based on the CVE database. The CVE database is a publicly accessible, standardized repository of known security vulnerabilities, maintained by the MITRE Corporation. CVE vulnerability scans help organizations detect and address known vulnerabilities in their systems, reducing the risk of security breaches and improving security posture. ### What is vulnerability scanning in NIST? Vulnerability scanning in NIST refers to the process of identifying security vulnerabilities in IT systems, following the guidelines and recommendations provided by the National Institute of Standards and Technology (NIST). NIST offers best practices, such as those found in NIST Special Publication 800-53 and 800-115, to help organizations implement effective vulnerability scanning processes, maintain a strong security posture and ensure compliance with federal regulations and industry standards. Related content [Code to Cloud Vulnerability Management Innovative vulnerability management dashboard streamlines discovery, prioritization and remediation of vulns, ensuring robust security from code to cloud.](https://www.paloaltonetworks.com/blog/prisma-cloud/vulnerability-management-innovation/) [Improve Your Multicloud Security Posture Multicloud environments are complex and difficult to secure without a proactive approach to security and visibility.](https://www.paloaltonetworks.com/resources/datasheets/tip-sheet-improve-your-multicloud-security-posture?ts=markdown) [5 Best Practices for Securing Modern Web Applications and APIs As Web apps and APIs evolve, so does the attack surface. Developers and security practitioners need a comprehensive solution to protect their web apps and APIs.](https://www.paloaltonetworks.com/resources/ebooks/5-best-practices-for-securing-modern-web-applications-and-apis?ts=markdown) [State of Cloud-Native Security Report Over 3,000 cloud security and DevOps professionals identify their challenges, how they handle them and what they've learned in the process.](https://www.paloaltonetworks.com/state-of-cloud-native-security?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Vulnerability%20Scanning%3F&body=Vulnerability%20scanning%20is%20an%20automated%20process%20to%20identify%20security%20flaws%20in%20networks%2C%20systems%20and%20applications%2C%20enabling%20remediation%20and%20enhancing%20security%20posture.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/vulnerability-scanning) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management-program?ts=markdown) Vulnerability Management Program: Building a Risk-Based Framework [Next](https://www.paloaltonetworks.com/cyberpedia/patch-management-vs-vulnerability-management?ts=markdown) Patch Management Vs. Vulnerability Management {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language