[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Security Operations](https://www.paloaltonetworks.com/cyberpedia/security-operations?ts=markdown) 3. [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) 4. [What Is the Attack Surface Management (ASM) Lifecycle?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle?ts=markdown) Table of Contents * [What Is Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) * [Importance of Knowing Your Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#importance?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#types?ts=markdown) * [Attack Vectors Commonly Exploited](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#attack?ts=markdown) * [Measuring and Assessing Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#measuring?ts=markdown) * [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#surface?ts=markdown) * [Reducing the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#reducing?ts=markdown) * [Real-World Examples of ASM](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#real?ts=markdown) * [Attack Surface Management (ASM) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#faqs?ts=markdown) * [What Is Exposure Management?](https://www.paloaltonetworks.com/cyberpedia/exposure-management?ts=markdown) * [Exposure Management Explained](https://www.paloaltonetworks.com/cyberpedia/exposure-management#exposure-management?ts=markdown) * [Components of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/exposure-management#components?ts=markdown) * [How Exposure Management Operates Across the Security Lifecycle](https://www.paloaltonetworks.com/cyberpedia/exposure-management#lifecycle?ts=markdown) * [Capabilities of an Exposure Management Platform](https://www.paloaltonetworks.com/cyberpedia/exposure-management#capabilities?ts=markdown) * [The Challenges](https://www.paloaltonetworks.com/cyberpedia/exposure-management#challenges?ts=markdown) * [Exposure Management Solutions](https://www.paloaltonetworks.com/cyberpedia/exposure-management#solutions?ts=markdown) * [Exposure Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/exposure-management#best-practices?ts=markdown) * [Exposure Management FAQs](https://www.paloaltonetworks.com/cyberpedia/exposure-management#faq?ts=markdown) * [What Are the Types and Roles of Attack Surface Management (ASM)?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles?ts=markdown) * [The 4 Most Commonly Observed Security Attacks](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#the?ts=markdown) * [Types of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#types?ts=markdown) * [Categories of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#categories?ts=markdown) * [The 5 Primary Roles of ASM](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#asm?ts=markdown) * [Important Functions of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#important?ts=markdown) * [Types and Roles of Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#faqs?ts=markdown) * [What Are Common Use Cases for Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management?ts=markdown) * [What Is the Purpose of Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#what?ts=markdown) * [Decoding the Attack Surface: Ten Examples](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#ten?ts=markdown) * [Understanding ASM from the Threat Actor's Perspective](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#understanding?ts=markdown) * [Ethical Hackers and Attack Surface Management: A Unique Use Case](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#the?ts=markdown) * [Examples of Attack Surface Management Use Cases](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#use?ts=markdown) * [Common Use Cases for Attack Surface Management FAQ](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#faqs?ts=markdown) * [What Is Continuous Threat Exposure Management (CTEM)?](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management?ts=markdown) * [Continuous Threat Exposure Management (CTEM) Explained](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#CTEM?ts=markdown) * [The Five Stages of Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#five-stages?ts=markdown) * [Understanding the Landscape of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#understanding-the-landscape?ts=markdown) * [Benefits of Implementing Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#benefits?ts=markdown) * [How to Deploy a CTEM Program: Best Practices](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#deploy?ts=markdown) * [CTEM FAQs](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#faq?ts=markdown) * [How Does a CISO Effectively Manage the Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management?ts=markdown) * [The Value of Modern ASM Solutions](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#asmsolutions?ts=markdown) * [A Comprehensive Approach to ASM](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#approach?ts=markdown) * [Attack Surface Measurement Defined](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#attacksurface?ts=markdown) * [5 Core Capabilities of Modern Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#modern?ts=markdown) * [A CISO's Guide to Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#faqs?ts=markdown) * What Is the Attack Surface Management (ASM) Lifecycle? * [The 6 Stages of Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#the?ts=markdown) * [4 Stages of the Attack Surface Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#lifecycle?ts=markdown) * [Strategies to Complement the ASM Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#strategies?ts=markdown) * [Challenges that the ASM Lifecycle Addresses](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#challenges?ts=markdown) * [Attack Surface Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#faqs?ts=markdown) * [What is Attack Surface Assessment?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) * [What Is an Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#attack-surface?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#types?ts=markdown) * [Examples of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#examples?ts=markdown) * [How to Reduce Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#reduce?ts=markdown) * [Attack Surface Assessment FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#faqs?ts=markdown) * [ASM Tools: How to Evaluate and Select the Best Option](https://www.paloaltonetworks.com/cyberpedia/asm-tools?ts=markdown) * [The Need for Attack Surface Management (ASM) Solutions](https://www.paloaltonetworks.com/cyberpedia/asm-tools#need?ts=markdown) * [The Key 7 Components of ASM Tools](https://www.paloaltonetworks.com/cyberpedia/asm-tools#key?ts=markdown) * [How to Select and Evaluate the Right ASM Solution](https://www.paloaltonetworks.com/cyberpedia/asm-tools#how?ts=markdown) * [Common Challenges in Implementing ASM](https://www.paloaltonetworks.com/cyberpedia/asm-tools#common?ts=markdown) * [Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/asm-tools#faqs?ts=markdown) * [What is the Difference Between Attack Surface and Threat Surface?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface?ts=markdown) * [Defining the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#defining?ts=markdown) * [Attack Vectors and Threat Vectors](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#attack?ts=markdown) * [Attack Surface Management and Analysis](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#analysis?ts=markdown) * [Real-World Examples of Attack Surface Exploits](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#real?ts=markdown) * [Protecting Your Digital and Physical Assets](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#protecting?ts=markdown) * [Frequently Asked Questions](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#faqs?ts=markdown) * [What Is External Attack Surface Management (EASM)?](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management?ts=markdown) * [External Attack Surface Management Explained](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#external?ts=markdown) * [Internal vs. External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#vs?ts=markdown) * [How External Attack Surface Management Works](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#how?ts=markdown) * [Why EASM Is Important](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#why?ts=markdown) * [Use Cases for External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#use?ts=markdown) * [Benefits of EASM](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#benefits?ts=markdown) * [Approaches to Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#approaches?ts=markdown) * [EASM Challenges](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#challenges?ts=markdown) * [How to Choose an Attack Surface Management Platform](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#platform?ts=markdown) * [External Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#faqs?ts=markdown) # What Is the Attack Surface Management (ASM) Lifecycle? 3 min. read Table of Contents * * [The 6 Stages of Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#the?ts=markdown) * [4 Stages of the Attack Surface Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#lifecycle?ts=markdown) * [Strategies to Complement the ASM Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#strategies?ts=markdown) * [Challenges that the ASM Lifecycle Addresses](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#challenges?ts=markdown) * [Attack Surface Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#faqs?ts=markdown) 1. The 6 Stages of Cyberattacks * * [The 6 Stages of Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#the?ts=markdown) * [4 Stages of the Attack Surface Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#lifecycle?ts=markdown) * [Strategies to Complement the ASM Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#strategies?ts=markdown) * [Challenges that the ASM Lifecycle Addresses](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#challenges?ts=markdown) * [Attack Surface Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#faqs?ts=markdown) [Attack surface management](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) is the systematic process of identifying, assessing, and securing an organization's digital assets and entry points susceptible to [cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack?ts=markdown). Unlike other cybersecurity approaches, an attack surface management solution considers security risks proactively and from an attacker's perspective. The attack surface management lifecycle facilitates more aggressive tactics that seek out vulnerabilities on the digital attack surface to enhance the overall [security posture](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown). This lifecycle approach is crucial because it provides a dynamic framework to help security teams proactively detect and mitigate cyber risk. ## The 6 Stages of Cyberattacks Before delving into the details of the attack surface management lifecycle, it is worthwhile to understand how threat actors assess and exploit an organization's risk base. Knowledge of the six stages of a cyber attack provides context to the four lifecycle steps and how they can thwart an attacker at various points. * **Reconnaissance** ---research, identify and select targets (e.g., on-premise digital assets, an internet-facing asset, [data in cloud environments](https://www.paloaltonetworks.com/cyberpedia/data-discovery?ts=markdown), or another external attack surface with public-facing entry points) that will allow them to meet their objectives. * **Weaponization and delivery** ---Determine which methods to deliver malicious payloads (e.g., [ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown)). * **Exploitation**---deploy an exploit against vulnerable applications or systems to exploit initial entry points into the organization. * **Installation** ---Install [malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown) to conduct further operations, such as maintaining access, persistence, and escalating privileges. * **Command and control** ---Establish a command channel to communicate and pass information back and forth between the infected devices and their infrastructure (e.g., to share surveillance information, remotely control systems, or execute [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown)). * **Actions on the objective**---act upon their motivations to achieve their goal. ## 4 Stages of the Attack Surface Management Lifecycle The attack surface management lifecycle comprises four steps or stages that security teams follow to protect the digital attack service. It is a continuous risk assessment process to facilitate [vulnerability management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) and enhance organizational cybersecurity. The proactive approach of the attack surface management lifecycle helps identify the entire [asset inventory](https://www.paloaltonetworks.com/cyberpedia/what-is-it-asset-inventory?ts=markdown), especially those at high risk and unknown assets, to allow security teams to remediate issues and improve security ratings. ### Stage 1: Asset Discovery and Classification [Attack surface management solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) identify and map systems and applications using automated asset discovery tools and techniques. These include those that are part of third-party, external-facing cloud bases, remote and on-premise endpoints, and users' devices (i.e., bring your device or BYOD). Specialized external attack surface management (EASM) is sometimes used to discover third-party digital assets across multi-cloud environments. Attack surface management solutions are adept at overcoming the challenges of uncovering unauthorized or unknown assets. ASM often leverages many of the same advanced reconnaissance techniques as a would-be attacker. These systems can continue to scan for digital assets, frequently identifying them in real time. Once identified, digital assets are cataloged in a detailed inventory that includes hardware, software, applications, [data storage devices](https://www.paloaltonetworks.com/cyberpedia/data-storage?ts=markdown), and every internet-facing asset. The inventory is classified based on criticality, sensitivity, and potential risk exposure. Continuous monitoring and regular updating of the inventory are essential to ensure that the attack surface management process remains effective. ### Stage 2: Risk Assessment and Vulnerability Management With a clear view of all assets, organizations can conduct a [comprehensive risk assessment](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) to identify potential attack vectors, such as outdated software, misconfigurations, or unsecured endpoints. Several different methods are used to analyze and assess identified assets for vulnerabilities. These methods include automated vulnerability scanning, penetration testing (pen testing), configuration audits, [software composition analysis](https://www.paloaltonetworks.com/cyberpedia/what-is-sca?ts=markdown), and [threat intelligence](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) integration. This gives security teams visibility into cyber risk factors, such as software flaws, misconfigurations, and known vulnerabilities. Attack surface management solutions use threat modeling to analyze attack vectors to assess the likelihood of it being targeted for an attack and the potential impact. Threat modeling helps security teams narrow the scope of threats to a specific system and prioritize them. It gives them insights that save time and allow for speedy remediation of priority threats. The information provided by attack management solutions and contextual prioritization improves vulnerability management by guiding security teams in determining the best approach for remediation. Security teams can use risk assessment and contextual data to plan cyber risk remediation based on prioritization criteria, such as exploitability, impact, and previous attacks. This is important because more vulnerabilities are often identified than resources available to fix them quickly. ### Stage 3: Implementing Remediation Measures The mapping and contextualization of the attack surface are used to direct remediation efforts. Based on priorities, automated and manual attack surface management tactics are used. Attack surface management solutions help security teams determine a workflow to remediate risks and provide tools that automate some tasks, such as: * Configuration updates * Implementation of [data encryption](https://www.paloaltonetworks.com/cyberpedia/data-encryption?ts=markdown) * Installation of patches and updates * Ongoing asset identification and associated risk assessments * Remediation controls * Retiring orphaned domains * Scanning third-party assets for risks and weaknesses * System debugging Several manual tactics are used for remediation to find issues that automated tools can miss. These tactics include: * Expert analysis by skilled security teams to dig into complex threats * Human-led forensic analysis to understand the nature and impact of data breaches * Manual audits and reviews of systems, policies, and procedures * Regular manual penetration testing In addition, remediation can involve broader measures. These include implementing [least privilege access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown), [multi factor authentication (MFA)](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication?ts=markdown), and training and awareness programs reinforcing the importance of following security practices. Digital attack surface remediation efforts are executed by several different teams, including: * **Security teams**---handle risk and vulnerability management. * **IT operations teams**---make updates to affected systems. * **Development teams**---incorporate insights about attack vectors into their software development lifecycle (SDLC) as they build, update, and maintain digital assets. ### Stage 4: Continuous Improvement and Adaptation Attack surface management is an ongoing process. The steps detailed above should be repeated continuously to ensure the early detection of changes in the environment that can introduce new attack vectors and evolving attacker tactics. Among the attack surface management tools that support ongoing monitoring for new vulnerabilities and threats are: * **Configuration management tools**---detect and rectify misconfigurations in network devices and systems according to predefined security policies. * **[Intrusion detection and prevention systems (IDPS)](https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-detection-system-ids?ts=markdown)**--- continuously monitor for suspicious activities and can automatically block or alert about potential threats. * **Patch management systems**--- automatically detect outdated software and apply necessary patches and updates to close security gaps. * **[Security information and event management (SIEM) systems](https://www.paloaltonetworks.com/cyberpedia/what-is-siem?ts=markdown)**---aggregate and analyze data from various sources, automating alerting and response processes based on identified threats. * **Vulnerability scanners**---scan systems and applications for known vulnerabilities, providing regular updates and alerts. Continuous monitoring enables attack surface management to detect and assess new vulnerabilities and attack vectors in real time. These alerts give security teams the information they need to launch immediate and effective remediation responses. In addition, environments can be adapted to better prepare for defense against evolving and zero-day threats. ## Strategies to Complement the ASM Lifecycle The attack surface management (ASM) lifecycle is critical to a strong cybersecurity posture. However, it's essential to recognize that ASM alone is not enough to protect your organization entirely. Following are some strategies that can be used to complement the ASM lifecycle and further strengthen your security: ### Attack Surface Reduction (ASR) Attack surface reduction (ASR) is a crucial part of the attack surface management process that involves implementing strategies to minimize the number of potential entry points for an attacker. Key tactics include requiring multiple forms of verification before granting access (e.g., multi-factor authentication), keeping software and systems up-to-date with the latest patches (e.g., patch management), and [limiting user access rights](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown) only to what is strictly necessary for their role (e.g., the [principle of least privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown), PoLP). ### Cyber Attack Surface Management (CASM) Cyber attack surface management integrates with existing data sources to provide organizations with a continuously updated, unified view of their entire attack surface. This gives security teams the insights to understand their asset inventory and prioritize remediation based on contextual data. CASM addresses system blindspots and compliance issues with its comprehensive visibility and continuous monitoring and management of these assets. These capabilities ensure compliance with security policies and [compliance standards](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown). ### External Attack Surface Management (EASM) External attack surface management (EASM) identifies and secures an organization's internet-facing assets, preventing cyber threats from outside the internal network. The process identifies all public-facing systems, services, and endpoints, including websites, web applications, servers, and cloud-based resources. EASM also analyzes these external assets for weaknesses, misconfigurations, or outdated components that threat actors could exploit. This continuous monitoring of the internet-facing attack surface allows security teams to detect new emerging risks. ### Digital Risk Protection Services (DRPS) Digital risk protection services are specialized cybersecurity solutions that focus on identifying, monitoring, and mitigating digital risks outside the traditional security perimeter. It encompasses threat intelligence, brand protection, data leakage detection, fraud and phishing detection, and reputation monitoring. With DRPS, security teams can extend their cyber risk vulnerability management beyond their internal network. ## Challenges that the ASM Lifecycle Addresses ### Addressing Cloud-Based Attack Vectors The attack surface management lifecycle addresses many challenges, especially managing cloud-based attack vectors that span complex multi-cloud environments. It provides tools and processes to help security teams gain comprehensive visibility across cloud environments. This enables more thorough identification and management of assets in multi-cloud and hybrid cloud service models, including [SaaS](https://www.paloaltonetworks.com/cyberpedia/what-is-saas?ts=markdown), [IaaS](https://www.paloaltonetworks.com/cyberpedia/what-is-infrastructure-as-a-service?ts=markdown), and [PaaS](https://www.paloaltonetworks.com/cyberpedia/platform-as-a-service-paas?ts=markdown). ### IoT and Remote Workforce Considerations Attack surface management solutions address IoT and remote workforce considerations. Both remote workforces and IoT devices have contributed to expanding perimeters and attack surfaces. The attack management lifecycle helps security teams monitor these distributed users and devices. It also facilitates the management of security protections to mitigate their risks. This includes managing [endpoint security](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint?ts=markdown) and continuously monitoring and updating security measures across the sprawling IoT and remote worker landscape. ### Evolving Threat Landscape Following the attack surface management lifecycle stages expedites the detection of and response to evolving and emerging threats. Continuous monitoring provides insights that identify current vulnerabilities and anticipate future threats. This enables a proactive cybersecurity approach that keeps security teams ahead of threats. These capabilities are supported by threat intelligence about emerging threats, attack patterns, and threat actors. It also leverages ethical hackers, who provide a different view than automated systems. Their simulations of cyberattacks find attack vectors before threat actors can exploit them. ## Attack Surface Management Lifecycle FAQs ### What is attack surface management (ASM), and why is it important? Attack surface management is the continuous process of identifying, cataloging, monitoring, and securing an organization's digital assets (e.g., network infrastructure, applications, endpoints, and cloud services). ASM is important because it helps security teams actively manage entry points where an attacker could potentially gain access to systems or data. ### How does ASM differ From traditional cybersecurity approaches? Traditional cybersecurity often defends known assets and vulnerabilities within the organization's network. ASM takes a more comprehensive approach, covering internal and public-facing external digital assets (e.g., cloud services and other third-party systems and applications). In addition, ASM is proactive, taking a continuous approach to asset discovery and assessment to stay on top of evolving environments and threats. ### What are the key components of the attack surface management lifecycle? The ASM lifecycle comprises several crucial components, including asset discovery, vulnerability management, integration of threat intelligence, compliance monitoring, risk assessment and mitigation, incident response, and strategy adaptation based on evolving threats and critical business needs. Related Content [What is Attack Surface Management? Attack Surface Management (ASM) is the process of continuously identifying, monitoring and managing all internal and external internet-connected assets for potential attack vectors...](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) [Unit 42^®^ Attack Surface Assessment Services An Attack Surface Assessment combines visibility into your internet-facing assets with actionable recommendations to help you mitigate threats and reduce business risk. The Unit 42...](https://www.paloaltonetworks.com/resources/unit-42/unit42-ds-attack-surface-assessment?ts=markdown) [The State of the Global Attack Surface Check out our infographic to understand the top 5 findings of our global attack surface analysis using observed scan data, not self-reported surveys.](https://www.paloaltonetworks.com/resources/infographics/the-state-of-the-global-attack-surface?ts=markdown) [KuppingerCole 2023 Leadership Compass Report for Attack Surface Management. A comprehensive guide to the ASM Market](https://start.paloaltonetworks.com/kuppingercole-asm-report.html) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20the%20Attack%20Surface%20Management%20%28ASM%29%20Lifecycle%3F&body=Safeguard%20your%20digital%20frontiers%20with%20a%20comprehensive%20attack%20surface%20management%20lifecycle%2C%20a%20strategy%20that%20evolves%20with%20cyber%20threats%20to%20protect%20your%20assets.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management?ts=markdown) How Does a CISO Effectively Manage the Attack Surface? [Next](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) What is Attack Surface Assessment? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language