[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Security Operations](https://www.paloaltonetworks.com/cyberpedia/security-operations?ts=markdown) 3. [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) 4. [What Is Attack Surface and Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) Table of Contents * What Is Attack Surface Management? * [Importance of Knowing Your Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#importance?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#types?ts=markdown) * [Attack Vectors Commonly Exploited](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#attack?ts=markdown) * [Measuring and Assessing Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#measuring?ts=markdown) * [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#surface?ts=markdown) * [Reducing the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#reducing?ts=markdown) * [Real-World Examples of ASM](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#real?ts=markdown) * [Attack Surface Management (ASM) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#faqs?ts=markdown) * [What Is Exposure Management?](https://www.paloaltonetworks.com/cyberpedia/exposure-management?ts=markdown) * [Exposure Management Explained](https://www.paloaltonetworks.com/cyberpedia/exposure-management#exposure-management?ts=markdown) * [Components of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/exposure-management#components?ts=markdown) * [How Exposure Management Operates Across the Security Lifecycle](https://www.paloaltonetworks.com/cyberpedia/exposure-management#lifecycle?ts=markdown) * [Capabilities of an Exposure Management Platform](https://www.paloaltonetworks.com/cyberpedia/exposure-management#capabilities?ts=markdown) * [The Challenges](https://www.paloaltonetworks.com/cyberpedia/exposure-management#challenges?ts=markdown) * [Exposure Management Solutions](https://www.paloaltonetworks.com/cyberpedia/exposure-management#solutions?ts=markdown) * [Exposure Management Best Practices](https://www.paloaltonetworks.com/cyberpedia/exposure-management#best-practices?ts=markdown) * [Exposure Management FAQs](https://www.paloaltonetworks.com/cyberpedia/exposure-management#faq?ts=markdown) * [What Are the Types and Roles of Attack Surface Management (ASM)?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles?ts=markdown) * [The 4 Most Commonly Observed Security Attacks](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#the?ts=markdown) * [Types of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#types?ts=markdown) * [Categories of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#categories?ts=markdown) * [The 5 Primary Roles of ASM](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#asm?ts=markdown) * [Important Functions of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#important?ts=markdown) * [Types and Roles of Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles#faqs?ts=markdown) * [What Are Common Use Cases for Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management?ts=markdown) * [What Is the Purpose of Attack Surface Management?](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#what?ts=markdown) * [Decoding the Attack Surface: Ten Examples](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#ten?ts=markdown) * [Understanding ASM from the Threat Actor's Perspective](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#understanding?ts=markdown) * [Ethical Hackers and Attack Surface Management: A Unique Use Case](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#the?ts=markdown) * [Examples of Attack Surface Management Use Cases](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#use?ts=markdown) * [Common Use Cases for Attack Surface Management FAQ](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management#faqs?ts=markdown) * [What Is Continuous Threat Exposure Management (CTEM)?](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management?ts=markdown) * [Continuous Threat Exposure Management (CTEM) Explained](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#CTEM?ts=markdown) * [The Five Stages of Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#five-stages?ts=markdown) * [Understanding the Landscape of Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#understanding-the-landscape?ts=markdown) * [Benefits of Implementing Continuous Threat Exposure Management](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#benefits?ts=markdown) * [How to Deploy a CTEM Program: Best Practices](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#deploy?ts=markdown) * [CTEM FAQs](https://www.paloaltonetworks.com/cyberpedia/ctem-continuous-threat-exposure-management#faq?ts=markdown) * [How Does a CISO Effectively Manage the Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management?ts=markdown) * [The Value of Modern ASM Solutions](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#asmsolutions?ts=markdown) * [A Comprehensive Approach to ASM](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#approach?ts=markdown) * [Attack Surface Measurement Defined](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#attacksurface?ts=markdown) * [5 Core Capabilities of Modern Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#modern?ts=markdown) * [A CISO's Guide to Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management#faqs?ts=markdown) * [What Is the Attack Surface Management (ASM) Lifecycle?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle?ts=markdown) * [The 6 Stages of Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#the?ts=markdown) * [4 Stages of the Attack Surface Management Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#lifecycle?ts=markdown) * [Strategies to Complement the ASM Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#strategies?ts=markdown) * [Challenges that the ASM Lifecycle Addresses](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#challenges?ts=markdown) * [Attack Surface Management Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle#faqs?ts=markdown) * [What is Attack Surface Assessment?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) * [What Is an Attack Surface?](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#attack-surface?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#types?ts=markdown) * [Examples of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#examples?ts=markdown) * [How to Reduce Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#reduce?ts=markdown) * [Attack Surface Assessment FAQs](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment#faqs?ts=markdown) * [ASM Tools: How to Evaluate and Select the Best Option](https://www.paloaltonetworks.com/cyberpedia/asm-tools?ts=markdown) * [The Need for Attack Surface Management (ASM) Solutions](https://www.paloaltonetworks.com/cyberpedia/asm-tools#need?ts=markdown) * [The Key 7 Components of ASM Tools](https://www.paloaltonetworks.com/cyberpedia/asm-tools#key?ts=markdown) * [How to Select and Evaluate the Right ASM Solution](https://www.paloaltonetworks.com/cyberpedia/asm-tools#how?ts=markdown) * [Common Challenges in Implementing ASM](https://www.paloaltonetworks.com/cyberpedia/asm-tools#common?ts=markdown) * [Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/asm-tools#faqs?ts=markdown) * [What is the Difference Between Attack Surface and Threat Surface?](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface?ts=markdown) * [Defining the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#defining?ts=markdown) * [Attack Vectors and Threat Vectors](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#attack?ts=markdown) * [Attack Surface Management and Analysis](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#analysis?ts=markdown) * [Real-World Examples of Attack Surface Exploits](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#real?ts=markdown) * [Protecting Your Digital and Physical Assets](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#protecting?ts=markdown) * [Frequently Asked Questions](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface#faqs?ts=markdown) * [What Is External Attack Surface Management (EASM)?](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management?ts=markdown) * [External Attack Surface Management Explained](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#external?ts=markdown) * [Internal vs. External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#vs?ts=markdown) * [How External Attack Surface Management Works](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#how?ts=markdown) * [Why EASM Is Important](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#why?ts=markdown) * [Use Cases for External Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#use?ts=markdown) * [Benefits of EASM](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#benefits?ts=markdown) * [Approaches to Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#approaches?ts=markdown) * [EASM Challenges](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#challenges?ts=markdown) * [How to Choose an Attack Surface Management Platform](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#platform?ts=markdown) * [External Attack Surface Management FAQs](https://www.paloaltonetworks.com/cyberpedia/easm-external-attack-surface-management#faqs?ts=markdown) # What Is Attack Surface and Attack Surface Management? 5 min. read Table of Contents * * [Importance of Knowing Your Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#importance?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#types?ts=markdown) * [Attack Vectors Commonly Exploited](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#attack?ts=markdown) * [Measuring and Assessing Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#measuring?ts=markdown) * [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#surface?ts=markdown) * [Reducing the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#reducing?ts=markdown) * [Real-World Examples of ASM](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#real?ts=markdown) * [Attack Surface Management (ASM) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#faqs?ts=markdown) 1. Importance of Knowing Your Attack Surface * * [Importance of Knowing Your Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#importance?ts=markdown) * [Types of Attack Surfaces](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#types?ts=markdown) * [Attack Vectors Commonly Exploited](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#attack?ts=markdown) * [Measuring and Assessing Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#measuring?ts=markdown) * [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#surface?ts=markdown) * [Reducing the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#reducing?ts=markdown) * [Real-World Examples of ASM](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#real?ts=markdown) * [Attack Surface Management (ASM) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management#faqs?ts=markdown) Attack Surface refers to the sum of all potential entry points that an attacker can exploit to gain unauthorized access to an organization's systems, data, and infrastructure. As organizations adopt cloud technologies, remote work, and Internet of Things (IoT) devices, their attack surface expands, making monitoring and securing all vulnerabilities increasingly challenging. The potential entry points that an attack surface comprises include: * **Applications:** Software accessible externally * **Websites:** All company-hosted websites * **Networks:** Any network used to connect devices * **Devices:** Any connected device * **Cloud infrastructure:** Any cloud services used Attack Surface Management (ASM) performs several critical functions to give a [security operations center (SOC)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown) the visibility needed to ensure security across an organization: * Provides a complete, up-to-date [inventory of all assets](https://www.paloaltonetworks.com/cyberpedia/what-is-it-asset-inventory?ts=markdown) (both known and unknown). * Continuously finds potential vulnerabilities * Offers risk prioritization. ### What is Attack Surface Management? ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-attack-surface-management.png) close #### Learn how Cortex Xpanse, an attack surface management platform, provides protection for all public-facing assets and synchronizes that data across other existing tools, ensuring complete network coverage. ## Importance of Knowing Your Attack Surface In cybersecurity, the principle "you can't secure what you don't know exists" is a fundamental truth. If an organization lacks visibility into its internal and external assets, it cannot effectively protect them from cyber threats. Every unmonitored device, misconfigured cloud instance, or forgotten web application represents a potential entry point for attackers. Without a clear understanding of its attack surface, an organization risks [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown), operational disruptions, and [regulatory non-compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown). The evolving IT landscape, influenced by cloud adoption, remote work, and third-party integrations, complicates maintaining visibility. [Shadow IT](https://www.paloaltonetworks.com/cyberpedia/shadow-it?ts=markdown), where employees use unauthorized software or cloud services, worsens the problem. These unmanaged assets typically evade traditional security monitoring, leaving security teams unaware of [potential threats](https://www.paloaltonetworks.com/cyberpedia/what-are-unknown-cyberthreats?ts=markdown). Organizations that actively monitor and manage their attack surface can: * Identify and mitigate vulnerabilities before they are exploited. * Reduce the risk of cyberattacks by limiting exposure to attackers. * Improve compliance with security regulations by securing all assets. ### Attack Surface vs. Threat Surface While the terms attack surface and threat surface are often used interchangeably, they represent different aspects of cybersecurity. The attack surface includes all possible vulnerabilities within an organization, whether actively exploited or not. In contrast, the threat surface focuses specifically on the vulnerabilities currently targeted by cybercriminals. The attack surface is broad and relatively static, while the threat surface is dynamic, shifting based on emerging cyber threats and new attack techniques. *** ** * ** *** *Learn how to identify the differences in your attack and threat surfaces to strengthen your security strategies: [What is the Difference Between Attack Surface and Threat Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-vs-threat-surface?ts=markdown)?* *** ** * ** *** ![Components of an Attack Surface](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/Unit-42-Cyberpedia-What-Is-attack-surface-management.svg "Components of an Attack Surface") ## Types of Attack Surfaces Attack surfaces can be categorized into three main types: Digital Attack Surface, Physical Attack Surface, and Social Engineering Attack Surface. Each type presents unique risks and requires specific security measures to mitigate vulnerabilities. ### Digital Attack Surface The digital attack surface includes all internet-connected assets vulnerable to attackers, such as web applications, APIs, cloud environments, and digital credentials. Risks often arise from misconfigurations, outdated software, or unauthorized third-party integrations. As organizations move to the cloud, their digital footprint grows, increasing potential entry points. ### Physical Attack Surface The physical attack surface includes hardware and components that can be compromised to access sensitive data, such as laptops, servers, USB drives, mobile devices, and network connections. Attackers exploit physical security weaknesses, like stolen devices or unauthorized area access, to breach an organization's systems. ### Social Engineering Attack Surface Unlike digital and physical attack surfaces, the social engineering attack surface involves the human element of cybersecurity. Attackers exploit psychological manipulation techniques to deceive employees into revealing confidential information, clicking on malicious links, or bypassing security protocols. Common [social engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering?ts=markdown) methods include phishing, pretexting, baiting, and impersonation attacks. Since human error is often the weakest link in security, organizations must invest in employee awareness training to mitigate these risks. *** ** * ** *** *Deep dive into the types, categories and roles of attack surface management: [What Are the Types and Roles of Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/attack-surface-management-types-and-roles?ts=markdown)?* *** ** * ** *** ### Examples of Human Attack Surfaces The human attack surface refers to vulnerabilities due to human behavior, errors, and social engineering tactics. Cybercriminals exploit trust, manipulation, and deception to gain unauthorized access to systems, steal data, or execute attacks. #### Phishing Attacks [Phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) remains one of the most effective cyberattack methods because it targets human psychology rather than technical vulnerabilities. Attackers use fraudulent emails, messages, or websites to trick users into providing sensitive information like usernames, passwords, financial details, or personal data. #### Insider Threats [Insider threats](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown) occur when employees, contractors, or partners misuse their access to an organization's systems intentionally or unintentionally. Unlike external threats, insider threats bypass traditional security defenses because the attacker has legitimate access to critical resources. #### Social Media Exploits Social media platforms serve as goldmines for attackers seeking intelligence on individuals and organizations. Cybercriminals, hacktivists, and nation-state actors can leverage personal and professional details shared on social media to craft targeted attacks. *** ** * ** *** *Explore various ASM use cases and how they apply across industries: [What are Common Use Cases for Attack Surface Management](https://www.paloaltonetworks.com/cyberpedia/common-use-cases-for-attack-surface-management?ts=markdown)?* *** ** * ** *** ## Attack Vectors Commonly Exploited Attack vectors are the paths or methods attackers use to exploit vulnerabilities and gain access to an organization's systems and data. It is a way for an attacker to exploit a vulnerability and reach its target. Examples of attack vectors include: * Phishing * [Malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown) * Social Engineering * Web Application Vulnerabilities * Network Attacks * Zero-Day Exploits * Cloud Misconfigurations * Supply Chain Attacks * Insider Threats * Physical Attacks ## Measuring and Assessing Attack Surface Security teams may overlook vulnerabilities without proper measurement and assessment of the attack surface, increasing the risk of cyberattacks. By accurately measuring and assessing, organizations can: * Identify security gaps before they are exploited. * Prioritize risks based on severity and impact. * Enhance incident response by understanding potential entry points. * Ensure compliance with regulatory frameworks like [NIST](https://www.paloaltonetworks.com/cyberpedia/nist?ts=markdown), [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), and ISO 27001. ### Methods to Determine the Attack Surface 1. Asset Inventory \& Discovery * Organizations must first identify all digital, physical, and human-related assets that contribute to their attack surface. * This includes cloud environments, on-premises infrastructure, mobile devices, APIs, and third-party systems. * Regular asset discovery scans ensure that new, unknown, or unmanaged assets are identified and included in security protocols. 2. Network and System Scanning * **Network Scanners:** Identify open ports, misconfigured firewalls, and exposed services. * **Vulnerability Scanners:** Detect unpatched software, outdated systems, and exploitable security flaws. * **Penetration Testing (Pen Testing):** Simulates real-world cyberattacks to uncover weaknesses before malicious actors do. 3. Risk-Based Prioritization * Not all vulnerabilities pose the same level of risk. Organizations must prioritize attack vectors based on: * Likelihood of exploitation (e.g., unpatched critical vulnerabilities). * Potential impact (e.g., exposure of customer data). * Ease of remediation (e.g., quick patching vs. long-term fixes). * [Threat intelligence feeds](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) help security teams track active exploits and emerging threats, ensuring resources focus on the most critical risks. 4. Human Attack Surface Analysis * Security assessments must include an evaluation of human vulnerabilities, such as: * Social engineering susceptibility (e.g., phishing simulations). * Insider threats (e.g., monitoring user access and behavior). * Credential hygiene (e.g., enforcing strong passwords and multi-factor authentication). *** ** * ** *** *Explore the dynamic framework of the ASM lifecycle and how it helps security teams proactively detect and mitigate cyber risks: [What is the ASM Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management-lifecycle?ts=markdown)?* *** ** * ** *** ![Automated Attack Surface Management](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/automated-attack-surface-management.jpg "Automated Attack Surface Management") ### Tools and Techniques for Attack Surface Analysis Attack surface analysis involves identifying, assessing, and reducing the points of entry attackers can exploit in an organization's digital, physical, and human attack surfaces. Security teams use a combination of automated tools, manual assessments, and proactive security frameworks to monitor and mitigate risks continuously: **Automated Attack Surface Discovery** tools continuously scan and inventory an organization's infrastructure, identifying external-facing assets, shadow IT, vulnerabilities, and misconfigurations. **[Vulnerability Scanners](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning?ts=markdown)** assess known software, network, and application weaknesses, providing detailed risk reports for remediation. **Network Scanning \& Security Testing** helps organizations identify open ports, weak firewall rules, and exposed services that could be exploited. **Penetration Testing (pen testing) \& Red Team Exercises** involve simulating real-world cyberattacks to uncover security weaknesses that automated tools may miss. **Cloud Security \& Configuration Management** tools assess misconfigurations, access controls, and compliance risks in cloud environments. **[Endpoint Detection \& Response (EDR)](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection-and-response-edr?ts=markdown) \& Behavioral Analytics** tools monitor endpoint activity, detect anomalies, and prevent malware attacks. **[Identity \& Access Management (IAM)](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown) Auditing** tools assess user access, enforce [least privilege policies](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown), and detect unauthorized login attempts. **Threat Intelligence \& Dark Web Monitoring** platforms help security teams identify active attack campaigns, leaked credentials, and zero-day vulnerabilities before they are exploited. [**Security Orchestration, Automation, and Response (SOAR)** platforms](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown) automate security workflows, incident response, and attack surface remediation. *** ** * ** *** *Explore how to assess the three types of attack surfaces and gain expert tips on reducing attack surface risks: [What is Attack Surface Assessment](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment)?* *** ** * ** *** ## Attack Surface Management (ASM) [Attack Surface Management (ASM)](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) is the process of continuously identifying, monitoring, and mitigating risks across an organization's digital and physical assets. ### Importance of Managing Attack Surfaces Organizations that lack attack surface management are more susceptible to cyber threats because they may not be aware of all their exposed assets. Effective ASM ensures: * Greater visibility across all internet-facing and internal systems. * Proactive risk mitigation through automated detection and patching. * Regulatory compliance with security standards such as NIST, GDPR, and ISO 27001. ### Attack Surface Management Strategies * Continuous Asset Discovery -- Automatically detect new, unknown, or unmanaged assets. * Risk-Based Prioritization -- Focus security efforts on high-risk vulnerabilities. * Automated Response -- Implement security workflows to mitigate threats efficiently. *** ** * ** *** *Explore the definitive CISO's guide to ASM, with expert strategies for risk assessment, asset control, and cybersecurity: [How Does a CISO Effectively Manage the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management?ts=markdown)?* *** ** * ** *** ## Reducing the Attack Surface Reducing an organization's attack surface is a proactive approach to cybersecurity that involves minimizing potential entry points, hardening security controls, and continuously monitoring for vulnerabilities. By adopting a security-first approach and leveraging proactive attack surface reduction techniques, organizations can limit exposure, improve cyber resilience, and significantly reduce the likelihood of successful cyberattacks. ### Attack Surface Reduction Strategies To effectively reduce security risks, organizations must actively minimize exposure by implementing security best practices and eliminating unnecessary attack vectors. Key strategies include: * Eliminating unnecessary software and services that create additional entry points. * Implementing least privilege access controls to restrict user permissions. * Using strong authentication measures such as [Multi-Factor Authentication (MFA)](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication?ts=markdown). * Segmenting networks into isolated zones to restrict lateral movement. * Disabling default credentials and hardening configurations. ### Steps to Reduce Potential Vulnerabilities 1. Conduct Regular Security Assessments -- Perform penetration testing and vulnerability scans. 2. Patch and Update Systems -- Apply security updates and software patches immediately. 3. [Encrypt Sensitive Data](https://www.paloaltonetworks.com/cyberpedia/what-is-data-security?ts=markdown) -- Protect information at rest and in transit. 4. Monitor Third-Party Access -- Restrict vendor and contractor permissions. 5. Control Shadow IT -- Identify and manage unauthorized cloud applications. ### Limiting Attack Surface Expansion As organizations adopt cloud computing, remote work, IoT, and edge computing, their attack surface grows. Security teams must enforce strict security policies and leverage automation to prevent expansion from leading to unmanageable risks: **Cloud Security \& Access Controls** Secure cloud environments with least privilege IAM policies, continuous [cloud security posture monitoring (CSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown), and real-time misconfiguration detection. **Endpoint Protection \& Zero Trust Security** With remote work and BYOD (Bring Your Own Device) policies increasing risk, enforcing endpoint detection and response (EDR), managed device security, and Zero Trust Network Access (ZTNA) reduces exposure. **Continuous Security Monitoring \& Automated Threat Detection** [Deploying SIEM (Security Information and Event Management)](https://www.paloaltonetworks.com/cyberpedia/what-is-siem?ts=markdown), threat intelligence feeds, and automated attack surface monitoring helps detect threats before they become breaches. ## Real-World Examples of ASM ### Preventing a Cloud Misconfiguration Data Breach **Scenario:** A multinational retailer had thousands of cloud storage buckets across different regions, many managed by different teams. Without continuous attack surface assessment, security teams overlooked a misconfigured cloud storage bucket that was left publicly accessible. * **Risk:** The bucket contained sensitive customer payment information, leaving it exposed to cybercriminals scanning for misconfigured assets. * **Solution:** The company implemented an External Attack Surface Management (EASM) tool that continuously scanned cloud assets for misconfigurations. Within hours of detection, the misconfigured bucket was secured, preventing a potential data breach that could have cost millions in fines and reputational damage. ### Identifying and Patching Critical Vulnerabilities Before an Exploit **Scenario:** A global financial institution discovered that several of its customer-facing applications were running outdated versions of a widely used web server software. * **Risk:** A recently disclosed zero-day vulnerability in that software was actively being exploited by threat actors, putting millions of customer accounts at risk. * **Solution:** By using automated vulnerability scanning, the security team quickly identified which applications were running the vulnerable software and prioritized patching those systems within 24 hours. Because of this proactive attack surface assessment, the institution avoided potential breaches that could have led to massive financial and reputational loss. ### Detecting a Rogue Insider Before a Data Leak **Scenario:** A tech startup was expanding rapidly and granted employees broad access to internal systems. An attack surface assessment revealed that multiple employees still had access to sensitive financial data even after switching roles. * **Risk:** One former employee, who had access to proprietary software source code, attempted to sell it on the dark web after leaving the company. * **Solution:** By conducting regular access control audits as part of attack surface management, the company flagged unnecessary access privileges and revoked them before the ex-employee could exploit them. This prevented intellectual property theft and legal repercussions. ## Attack Surface Management (ASM) FAQs ### How does cloud computing impact an organization's attack surface? Cloud services expand the attack surface by introducing external storage, shared computing environments, third-party integrations, and misconfiguration risks. ### How does Attack Surface Management differ from traditional vulnerability management? ASM focuses on **external attack surfaces** and continuously identifies unknown assets, whereas traditional vulnerability management primarily assesses **known internal assets** and patches vulnerabilities. ### What are the key components of an effective Attack Surface Management strategy? Key components include asset discovery, risk assessment, continuous monitoring, automated remediation, and third-party risk evaluation. ### What tools and technologies are used for Attack Surface Management? Common tools include attack surface monitoring platforms, external threat intelligence feeds, penetration testing tools, vulnerability scanners, and security automation frameworks. ### How can organizations improve their Attack Surface Management? Organizations can improve ASM by conducting regular security assessments, implementing zero trust architecture, using continuous monitoring solutions, reducing unnecessary exposure, and enforcing strong access controls. Related Content \[The State of the Global Attack Surface Modern attack surfaces are inherently dynamic. The attack surface is unique, persistent and growing --- new issues are constant across industries. Is your organization prepared?\](https://www.paloaltonetworks.com/resources/infographics/the-state-of-the-global-attack-surface ?ts=markdown) \[Cortex Xpanse Web Attack Surface Management Cloud-based operations have made it increasingly difficult for the security operations center (SOC) and application security (AppSec) teams to keep tabs on attack surfaces.\](https://www.paloaltonetworks.com/resources/datasheets/xpanse-web-asm ?ts=markdown) \[Unit 42^®^ Attack Surface Assessment The best way to manage exposure, reduce risk and improve your security posture is to understand your attack surface through the eyes of an attacker.\](https://www.paloaltonetworks.com/resources/unit-42/unit42-ds-attack-surface-assessment ?ts=markdown) \[Cybersecurity Checklist: 57 Tips to Proactively Prepare Is your organization an easy target for threat actors? How can you minimize damage in the event of a cyberattack by limiting attackers' ability to spread through your networks and...\](https://www.paloaltonetworks.com/resources/guides/unit42-cybersecurity-checklist-57-tips ?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Attack%20Surface%20Management%3F&body=Learn%20how%20attack%20surface%20management%20%28ASM%29%20identifies%2C%20analyzes%2C%20and%20reduces%20vulnerabilities%20across%20digital%20assets%2C%20enhancing%20security%20and%20risk%20mitigation.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management) Back to Top [Next](https://www.paloaltonetworks.com/cyberpedia/exposure-management?ts=markdown) What Is Exposure Management? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language