[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/ai-security?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Next-Gen Trust Security](https://www.paloaltonetworks.com/network-security/next-gen-trust-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-security-solution?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection and Response (CDR)](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection and Response (CDR)](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.paloaltonetworks.com/deploybravely?ts=markdown) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Identity Security](https://www.paloaltonetworks.com/cyberpedia/identity-security?ts=markdown) 3. [Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown) 4. [Code Signing](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing?ts=markdown) Table of Contents * [Machine Identity Security: The Definitive Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis?ts=markdown) * [Machine Identity Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#machine?ts=markdown) * [Four Pillars of Machine Identity Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#four?ts=markdown) * [Machine Identity in the Attacker Workflow: Unit 42 Observations](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#observations?ts=markdown) * [Cloud Security Implications and Identity Sprawl](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#cloud?ts=markdown) * [Implementing a Machine Identity Security Program](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#program?ts=markdown) * [Machine Identity Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#faqs?ts=markdown) * [What Is Workload Identity? Securing Non-Human Identities](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity?ts=markdown) * [Workload Identity Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#workload?ts=markdown) * [The Core Components of Workload Identity Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#core?ts=markdown) * [Workload Identity in the Zero Trust Framework](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#framework?ts=markdown) * [Disrupting the Attack Lifecycle with Workload Identity](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#disrupting?ts=markdown) * [Workload Identity and the AI Agent Security Challenge](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#challenge?ts=markdown) * [Workload Identity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#faqs?ts=markdown) * [What Is a Non-Human Identity (NHI)? Machine Identity Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown) * [Non-Human Identity Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#explained?ts=markdown) * [The Critical Distinction: Standing vs. Non-Standing Privileges](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#privileges?ts=markdown) * [Lateral Movement and Attacker Workflow](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#lateral?ts=markdown) * [Non-Human Identity and Zero Trust Alignment](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#alignment?ts=markdown) * [CIEM, IAM, and PAM Relationships in NHI Security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#security?ts=markdown) * [Strategic Management and Testing of NHIs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#strategic?ts=markdown) * [Non-Human Identity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#faqs?ts=markdown) * What is Code Signing? Benefits, Risks \& Implementation * [Code Signing Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#signing?ts=markdown) * [Critical Benefits for Enterprise Security](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#critical?ts=markdown) * [The Technical Mechanism: How Code Signing Works](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#mechanism?ts=markdown) * [The Necessity of Trusted Timestamping](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#timestamping?ts=markdown) * [Standard vs. EV Code Signing Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#vs?ts=markdown) * [Addressing Vulnerabilities in the Signing Process](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#page-anchor?ts=markdown) * [Code Signing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#faqs?ts=markdown) * [What Is a TLS Decryption? Methods, Risks \& Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption?ts=markdown) * [TLS Decryption Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#explain?ts=markdown) * [How TLS Decryption Works](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#how?ts=markdown) * [Methods of Decryption: Passive vs. Active](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#methods?ts=markdown) * [The Role of TLS Decryption in Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#role?ts=markdown) * [Technical Challenges: TLS 1.3 and Performance](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#challenges?ts=markdown) * [Operational Best Practices and Privacy](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#operational?ts=markdown) * [TLS Decryption FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#faqs?ts=markdown) * [What Is a TLS Certificate? How TLS Secures Web Communication](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate?ts=markdown) * [TLS Certificate Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#explain?ts=markdown) * [The TLS Handshake Process](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#process?ts=markdown) * [TLS vs SSL Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#certificates?ts=markdown) * [Critical Use Cases For TLS](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#critical?ts=markdown) * [TLS Machine Identity Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#machine?ts=markdown) * [5 Pillars Of Certificate Management](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#pillar?ts=markdown) * [The Role Of Certificate Authorities](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#role?ts=markdown) * [Unit 42 Threat Insights: Certificate Abuse](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#abuse?ts=markdown) * [TLS Certificate FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate#faqs?ts=markdown) * [What Is a TLS/SSL Port? Port 443 and HTTPS Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port?ts=markdown) * [TLS/SSL Ports Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#explained?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#examples?ts=markdown) * [Secure vs. Unsecured Port Comparison](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#vs?ts=markdown) * [TLS/SSL Port FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#faqs?ts=markdown) * [What Is a Self-Signed Certificate? Risks, Uses \& Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate?ts=markdown) * [Self-Signed Certificates Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#explained?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#examples?ts=markdown) * [How It Works](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#how?ts=markdown) * [Self-Signed Certificate Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#best?ts=markdown) * [Risks \& Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#challenges?ts=markdown) * [Unit 42 Intelligence: Attack Patterns](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#patterns?ts=markdown) * [Self-Signed Certificates FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#faqs?ts=markdown) * [What Is TLS Certificate Renewal? Process, Risks \& Automation](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal?ts=markdown) * [TLS Certificate Renewal: The Shift from Maintenance to Mission-Critical](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#certificate?ts=markdown) * [Why the 47-Day Mandate Redefines Renewal Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#mandate?ts=markdown) * [The Technical Lifecycle of a TLS Renewal](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#technical?ts=markdown) * [Critical Risks: The High Cost of Renewal Failure](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#critical?ts=markdown) * [Best Practices for Enterprise-Scale Renewal](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#best?ts=markdown) * [Overcoming Common Renewal Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#common?ts=markdown) * [TLS Certificate Renewal FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#faqs?ts=markdown) * [What Is PKI? Public Key Infrastructure \& Authentication Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-pki?ts=markdown) * [Key Data: Threats and Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#key?ts=markdown) * [Why PKI Matters for Modern Organizations](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#why?ts=markdown) * [How PKI Works: The Asymmetric Model](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#how?ts=markdown) * [Key Components of a PKI Framework](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#key?ts=markdown) * [Common Risks and Implementation Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#common?ts=markdown) * [PKI Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#best?ts=markdown) * [PKI in a Zero Trust Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#architecture?ts=markdown) * [Public Key Infrastructure (PKI) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#faqs?ts=markdown) * [What Is the TLS Handshake? Process, Steps, and Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake?ts=markdown) * [The Strategic Importance of the TLS Handshake](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#importance?ts=markdown) * [How the TLS Handshake Works: Step-by-Step](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#how?ts=markdown) * [TLS 1.2 vs. TLS 1.3: Evolution of Speed and Security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#vs?ts=markdown) * [The Role of Cipher Suites and Digital Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#role?ts=markdown) * [Identifying and Resolving TLS Handshake Failures](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#failures?ts=markdown) * [Advanced Security: TLS Fingerprinting and Threat Detection](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#advanced?ts=markdown) * [TLS Handshake Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#best?ts=markdown) * [TLS Handshake FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#faqs?ts=markdown) * [What Is the TLS Certificate Lifecycle? Implementation Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle?ts=markdown) * [TLS Certificate Lifecycle Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#tls?ts=markdown) * [The 6 Core Stages of the TLS Certificate Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#core?ts=markdown) * [Why TLS Certificate Lifecycle Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#why?ts=markdown) * [Key Causes of Certificate Failure](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#key?ts=markdown) * [Validation Checks: CRL and OCSP](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#validation?ts=markdown) * [How Automation Improves TLS Certificate Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#how?ts=markdown) * [TLS Certificate Lifecycle and Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#tls?ts=markdown) * [TLS Certificate Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#faqs?ts=markdown) * [What Is Certificate Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management?ts=markdown) * [Certificate Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#certificate?ts=markdown) * [Core Capabilities of Certificate Management](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#core?ts=markdown) * [Common Challenges: The "Red Flag" Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#challenges?ts=markdown) * [How Certificate Management Supports Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#how?ts=markdown) * [Implementation Roadmap: Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#implementation?ts=markdown) * [Certificate Management vs. TLS Certificate Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#certificate?ts=markdown) * [Certificate Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#faqs?ts=markdown) * [What Is Cert-Manager? Kubernetes Certificate Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager?ts=markdown) * [cert-manager Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#explained?ts=markdown) * [Core Components: Issuers and Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#core?ts=markdown) * [1. Issuers and ClusterIssuers](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#issuers?ts=markdown) * [2. Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#certificates?ts=markdown) * [How cert-manager Automates Machine Identity](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#how?ts=markdown) * [Common Compatible Cloud Platforms](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#common?ts=markdown) * [Zero Trust and Kubernetes Security Alignment](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#alignment?ts=markdown) * [Integrating cert-manager into DevSecOps Workflows](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#workflows?ts=markdown) * [Benefits for DevSecOps Teams](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#benefits?ts=markdown) * [cert-manager FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#faqs?ts=markdown) * [TLS/SSL Offloading: Definition \& Decision Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading?ts=markdown) * [TLS/SSL Offloading Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#offloading?ts=markdown) * [SSL Termination vs. SSL Bridging](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#vs?ts=markdown) * [Key Differences in Workflow](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#key?ts=markdown) * [Unit 42 Perspective: Risks of Uninspected Traffic](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#unit42?ts=markdown) * [Benefits for Security and Infrastructure Teams](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#benefits?ts=markdown) * [CISO Decision Checklist: SSL Termination vs. SSL Bridging for Compliance](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#ciso?ts=markdown) * [Detailed CISO Decision Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#checklist?ts=markdown) * [Summary Recommendation for CISOs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#summary?ts=markdown) * [TLS/SSL Offloading FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#faqs?ts=markdown) * [What Is an X.509 Certificate? Definition, Standards, and Role](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate?ts=markdown) * [X.509 Certificates Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#page-anchor?ts=markdown) * [The Anatomy Of An X.509 Certificate](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#anatomy?ts=markdown) * [Important X.509 v3 Extensions](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#page-anchor?ts=markdown) * [The X.509 Trust Hierarchy And Chain](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#hierarchy?ts=markdown) * [Machine Identity And Management Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#identity?ts=markdown) * [Risks Of Poor Certificate Management](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#risks?ts=markdown) * [Zero Trust And X.509 Alignment](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#alignment?ts=markdown) * [How Does X.509 Support Zero Trust?](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#support?ts=markdown) * [X.509 Certificate FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#page-anchor?ts=markdown) * [What Is Certificate Validation? Guide to Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation?ts=markdown) * [Certificate Validation Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#validation?ts=markdown) * [The Role of Certificate Authorities and the Chain of Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#role?ts=markdown) * [The Hierarchy of Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#trust?ts=markdown) * [The Sequence of the Validation Process](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#process?ts=markdown) * [Types of Certificate Validation Levels](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#levels?ts=markdown) * [Unit 42 Insights: The Risk of Identity Exposure](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#insight?ts=markdown) * [Threat Behavior Observations](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#behavior?ts=markdown) * [Troubleshooting Common Validation Failures](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#troubleshoot?ts=markdown) * [Certificate Validation FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#certificate?ts=markdown) * [What Is Certificate Pinning? Benefits, Risks \& Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning?ts=markdown) * [Certificate Pinning Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#certificate?ts=markdown) * [How Certificate Pinning Works](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#how?ts=markdown) * [Listiche: Key Stages of a Pinning Failure](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#key?ts=markdown) * [Types of Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#types?ts=markdown) * [Listiche: Static vs. Dynamic Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#static?ts=markdown) * [Why Pinning Is Essential for Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#why?ts=markdown) * [Certificate Pinning vs. Standard SSL/TLS](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#certificate?ts=markdown) * [Benefits of Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#benefits?ts=markdown) * [Risks and Limitations of Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#risks?ts=markdown) * [When to Use Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#when?ts=markdown) * [When to Avoid Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#when?ts=markdown) * [Certificate Pinning Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#certificate?ts=markdown) * [Certificate Pinning and Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#identity?ts=markdown) * [FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#faqs?ts=markdown) * [What is Cloud Workload Security? Protection \& Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security?ts=markdown) * [Cloud Workload Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#cloud?ts=markdown) * [Why Cloud Workload Security Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#why?ts=markdown) * [Key Components of a Cloud Workload Security Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#key?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#use-cases?ts=markdown) * [Cloud Workload Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#practices?ts=markdown) * [Benefits of Strong Cloud Workload Security](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#practices?ts=markdown) * [Cloud Workload Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#faqs?ts=markdown) * [What Is ACME Protocol?](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol?ts=markdown) * [ACME Protocol Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#dora?ts=markdown) * [How The ACME Protocol Works](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#how?ts=markdown) * [ACME Across The Machine Identity Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#across?ts=markdown) * [ACME Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#challenges?ts=markdown) * [Why ACME Matters For Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#why?ts=markdown) * [Implementation Patterns](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#implementation?ts=markdown) * [Real World Evidence](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#world?ts=markdown) * [Where ACME Secrets Leak In Real Life](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#where?ts=markdown) * [ACME Protocol FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#faq?ts=markdown) * [What is SPIFFE? Universal Workload Identity Framework Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe?ts=markdown) * [SPIFFE Explained: Solving the Workload Identity Problem](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#explained?ts=markdown) * [Core Components of the SPIFFE Standard](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#core?ts=markdown) * [The SPIFFE Workload API](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#workload?ts=markdown) * [Why Traditional Secret Management Fails in Cloud-Native Environments](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#why?ts=markdown) * [The Problem of "Secret Zero"](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#problem?ts=markdown) * [Vulnerabilities of Static Credentials and Long-Lived Tokens](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#tokens?ts=markdown) * [IP-Based Security vs. Identity-Based Security](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#vs?ts=markdown) * [How SPIFFE Implementation Works: The Attestation Process](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#how?ts=markdown) * [The Role of SPIRE as the Reference Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#role?ts=markdown) * [Critical Use Cases for Enterprise Security](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#critical?ts=markdown) * [SPIFFE FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#faqs?ts=markdown) * [What Is an SSL Stripping Attack?](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack?ts=markdown) * [Why SSL Stripping Belongs in Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#why?ts=markdown) * [SSL Stripping Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#sslstripping?ts=markdown) * [How SSL Stripping Works](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#how?ts=markdown) * [Where SSL Stripping Happens](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#where?ts=markdown) * [Signs of SSL Stripping](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#where?ts=markdown) * [Identity-Focused Impact](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#identity?ts=markdown) * [Machine Identity Security Impact](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#machine?ts=markdown) * [How to Prevent SSL Stripping](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#howto?ts=markdown) * [SSL Stripping Prevention Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#checklist?ts=markdown) * [SSL Stripping FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#faqs?ts=markdown) * [What Is a Machine Identity?](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity?ts=markdown) * [How Do Machine Identities Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#how?ts=markdown) * [Machine Identity Management (MIM) vs. Human IAM](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#vs?ts=markdown) * [Architecture Components and Identity Types](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#types?ts=markdown) * [Secrets Management vs. Machine Identity Management](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#secrets?ts=markdown) * [Lateral Movement and Attacker Workflow](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#workflow?ts=markdown) * [Cloud Security Implications and CIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#ciem?ts=markdown) * [Implementation Steps for Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#implementation?ts=markdown) * [Machine Identity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#faqs?ts=markdown) # What is Code Signing? 3 min. read [Explore Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) Table of Contents * * [Code Signing Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#signing?ts=markdown) * [Critical Benefits for Enterprise Security](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#critical?ts=markdown) * [The Technical Mechanism: How Code Signing Works](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#mechanism?ts=markdown) * [The Necessity of Trusted Timestamping](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#timestamping?ts=markdown) * [Standard vs. EV Code Signing Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#vs?ts=markdown) * [Addressing Vulnerabilities in the Signing Process](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#page-anchor?ts=markdown) * [Code Signing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#faqs?ts=markdown) 1. Code Signing Explained * * [Code Signing Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#signing?ts=markdown) * [Critical Benefits for Enterprise Security](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#critical?ts=markdown) * [The Technical Mechanism: How Code Signing Works](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#mechanism?ts=markdown) * [The Necessity of Trusted Timestamping](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#timestamping?ts=markdown) * [Standard vs. EV Code Signing Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#vs?ts=markdown) * [Addressing Vulnerabilities in the Signing Process](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#page-anchor?ts=markdown) * [Code Signing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-code-signing#faqs?ts=markdown) Code signing is a security process that uses digital signatures to verify the identity of a software author and guarantee that the code has not been altered or corrupted since it was signed. By using a cryptographic hash to bind an executable to a digital certificate, it establishes a chain of trust between developers and end users. Key Points * **Identity Verification**: Confirms the legitimate origin of software through a validated digital certificate. \* **Data Integrity**: Detects any unauthorized modifications made to the code after the signature was applied. \* **User Trust**: Reduces security warnings and "Unknown Publisher" alerts during installation on major operating systems. \* **Non-Repudiation**: Provides legal and technical proof of authorship that a developer cannot easily disown. \* **Malware Prevention**: Helps security systems block unsigned or tampered files that often carry malicious payloads. ![A detailed technical architectural diagram split into two vertical sections. The left section, 'SOFTWARE PUBLISHER (SIGNING PROCESS)', shows a flowchart starting from a developer workstation where unsigned code is generated. The right section, 'END USER (VERIFICATION PROCESS)', shows a user device receiving the signed software.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-code-signing/two-major-phases-of-the-code-signing-lifecycle.webp "A detailed technical architectural diagram split into two vertical sections. The left section, 'SOFTWARE PUBLISHER (SIGNING PROCESS)', shows a flowchart starting from a developer workstation where unsigned code is generated. The right section, 'END USER (VERIFICATION PROCESS)', shows a user device receiving the signed software.") ***Figure 1**: Two major phases of the code signing lifecycle.* ## Code Signing Explained Software distribution across open networks exposes executables to various risks, including man-in-the-middle attacks and unauthorized injections. Code signing addresses these vulnerabilities by applying a digital seal to scripts, drivers, and applications. When a user downloads a signed file, the operating system examines the signature against a trusted Certificate Authority (CA). This mechanism relies on Public Key Infrastructure (PKI) to manage the relationship between public and private keys. The developer uses a private key to sign the code, while the end user's system uses the corresponding public key to verify it. If a single bit of the original code changes, the hash no longer matches, signature verification fails, and the system blocks or warns against execution. In modern cybersecurity architecture, signing is a prerequisite for visibility and control. Security leaders prioritize signed code to maintain compliance with frameworks like [SOC 2](https://www.paloaltonetworks.com/cyberpedia/soc-2?ts=markdown) or [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown), which require strict validation of software provenance. As [supply chain attacks](https://www.paloaltonetworks.com/cyberpedia/aspm-supply-chain-threats?ts=markdown) increase, code signing serves as a critical checkpoint for ensuring that internal and third-party tools remain authentic. ## Critical Benefits for Enterprise Security Organizations must move beyond treating code signing as an optional step and instead integrate it as a mandatory enforcement policy within the [CI/CD](https://www.paloaltonetworks.com/cyberpediawhat-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown) pipeline. Unsigned software introduces blind spots that threat actors exploit to gain persistence within a network. **Eliminating Operating System Friction** Operating systems like Windows and macOS use built-in security features to discourage the execution of unverified files. When software lacks a valid signature, users encounter aggressive "SmartScreen" warnings or "Unknown Publisher" alerts. Signed code bypasses these hurdles, ensuring a professional user experience and higher adoption rates for internal and external tools. **Hardening Software Supply Chain Integrity** The software supply chain has become a primary target for sophisticated adversaries seeking to inject malicious code into trusted updates. Code signing acts as a physical seal for digital goods. If an attacker modifies a signed library or executable, the signature breaks immediately, alerting security teams to a potential breach before the software is deployed. **Establishing Legal Non-Repudiation** Non-repudiation ensures that a software author cannot deny their association with a specific piece of code. This is vital for forensic investigations and compliance audits. By maintaining a clear record of who signed what and when, enterprises can quickly trace the origin of a configuration change or a new internal application. ## The Technical Mechanism: How Code Signing Works Code signing utilizes asymmetric cryptography to create a unique digital fingerprint for a file. This process ensures that the software delivered to the end user is bit-for-bit identical to the version the developer released. **Generating the Cryptographic Hash** The process begins by running the software's source code or executable through a hashing algorithm, such as SHA-256. This creates a fixed-length string of characters called a hash. Even a minor change to the code, like adding a single space, results in a completely different hash value. **The Role of the Private Key** The developer uses a private key to sign the hash, producing a digital signature that can be verified with a corresponding public key. This encrypted hash is the digital signature. It is then bundled with the software and the developer's public key certificate. **The Verification Loop** When the user attempts to run the software, the operating system performs a dual-step check. First, it verifies the digital signature using the developer's public key to recover the original hash. Second, it calculates a new hash of the downloaded file. If the two hashes match, the software is verified as authentic. ## The Necessity of Trusted Timestamping Digital certificates eventually expire, but software often needs to remain valid for years. Timestamping adds a verifiable date and time to the signature. This proves the code was signed while the certificate was still valid, allowing the operating system to trust the file even after the certificate's expiration date has passed. ## Standard vs. EV Code Signing Certificates Choosing the correct certificate type depends on the required level of trust and the sensitivity of the software being distributed. | Feature | Unsecured Port | Secured Port (TLS/SSL) | | **Identity Verification** | Verifies organization exists | Rigorous background check and identity proofing | | **Key Storage** | Software-based (Less secure) | Hardware-based (HSM or USB Token) | | **SmartScreen Reputation** | Built over time through downloads | Built over time through downloads (Microsoft discontinued instant EV reputation in 2023) | | **Drivers** | Not accepted for kernel-mode driver submission | Required to submit drivers to Microsoft's Hardware Developer Center for Windows 10/11 | |----------------------------|------------------------------------------------|------------------------------------------------------------------------------------------| **Standard Validation (OV)** Organization Validation (OV) certificates verify that the signing organization exists and is legitimate. They are suitable for most commercial and internal software distribution. Private keys for OV certificates are often stored in software, which increases exposure risk if a developer's workstation is compromised. **Extended Validation (EV)** EV certificates provide the highest level of assurance. They require hardware-based key storage, usually on a FIPS-compliant device, which prevents the private key from being copied or exported. For enterprise leaders, EV is the standard for protecting high-value customer-facing applications. ## Addressing Vulnerabilities in the Signing Process While code signing is a powerful security control, it is not infallible. Attackers frequently target the signing infrastructure itself to give their [malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown) a veneer of legitimacy. **Key Theft and Improper Storage** The most significant risk in code signing is the compromise of the private key. If a developer stores a private key on a local drive without a password, an attacker who gains access to that machine can sign malware as if they were the legitimate company. **Malware Signing** Threat actors often use stolen or fraudulently obtained certificates to sign malicious payloads. Signed malware is much less likely to be flagged by legacy antivirus programs. By appearing "trusted," these files can bypass initial security screenings and [move laterally](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown) through a network. **Unit 42 Insight: Abuse of Trusted Certificates** [Research from Unit 42](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) indicates that threat actors are increasingly prioritizing the theft of legitimate certificates. In recent campaigns, nearly 25% of observed malware samples utilized some form of digital signature to evade detection. This trend highlights the need for organizations to treat code signing keys as Tier-0 assets, similar to administrative credentials. ## Best Practices for Secure Key Management To maintain a resilient, comprehensive security posture, organizations must implement strict controls over how certificates are requested, stored, and used. **Centralized Private Key Storage** Avoid decentralized key management where individual developers hold their own certificates. Use a Hardware Security Module (HSM) or a secure cloud-based key vault. Centralization allows the security team to monitor all signing activity and ensures that keys never leave a protected environment. **Implementing Role-Based Access Control (RBAC)** Limit signing authority to a specific set of individuals or automated build systems. Use a "[least privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown)" model where developers can submit code for signing, but only an authorized system or administrator can execute the final signature. This prevents unauthorized personnel from signing rogue versions of software. **Regular Certificate Auditing and Revocation** Maintain an inventory of all active certificates and their expiration dates. If a key is suspected of being compromised, it must be revoked immediately through the CA. Regular audits ensure that old, unused certificates are retired, reducing the overall attack surface of the organization. ## Implementation Checklist for Secure Code Signing Organizations can use this checklist to evaluate code signing maturity: | Requirement | Action Item | Priority | | **Private Key Protection** | Store all private keys in a FIPS 140-2 Level 2+ Hardware Security Module (HSM). | Critical | | **Centralized Governance** | Establish a single policy for who can sign code and which CAs are authorized. | High | | **Timestamping** | Use a trusted timestamping authority to ensure the signature remains valid after the certificate expires. | High | | **Automation** | Integrate signing into the CI/CD pipeline to prevent manual key handling by developers. | Medium | | **Scanning** | Scan code for malware and secrets before the signing process occurs. | Critical | |----------------------------|-----------------------------------------------------------------------------------------------------------|----------| ## Code Signing FAQs ### What is the difference between a digital signature and code signing? A digital signature is a broad cryptographic technique used to verify any electronic document. Code signing is a specific application of digital signatures designed for software, scripts, and executables. ### Why does Windows say "Unknown Publisher" for my application? This occurs when the software is either unsigned or signed with a certificate that is not trusted by the Windows Root Store. It can also happen if the certificate has expired or been revoked. ### Is signed code always safe to run? No. Code signing only proves who wrote the code and that it hasn't changed. If a legitimate developer's system is compromised, or if a malicious actor obtains a valid certificate, they can sign harmful software. ### What happens if a code signing certificate expires? If the code was not "timestamped" during the signing process, the signature becomes invalid when the certificate expires. Timestamping ensures the code remains trusted as long as the signature was applied while the certificate was active. ### Does code signing protect my software from being pirated? No, code signing is designed to verify authenticity and integrity, not to act as digital rights management (DRM). It does not prevent unauthorized copying. ### Do I need a separate certificate for different platforms like Windows and macOS? Yes. Microsoft requires certificates compatible with their Authenticode standard, while Apple requires developers to sign code through their specific Apple Developer Program. ### Can I sign my code with a self-signed certificate? You can, but it is not recommended for public distribution. Self-signed certificates are not trusted by operating systems by default and will cause "Untrusted Publisher" warnings. ### Is code signing the same as encryption? No. Encryption provides confidentiality by hiding file contents. Code signing provides authenticity (who signed it) and integrity (that it hasn't changed), but leaves the file readable. ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20is%20Code%20Signing%3F%20Benefits%2C%20Risks%20%26%20Implementation&body=Learn%20how%20code%20signing%20ensures%20software%20integrity%20and%20publisher%20authenticity.%20Explore%20how%20it%20works%2C%20its%20role%20in%20supply%20chain%20security%2C%20and%20Unit%2042%20insights.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-code-signing) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown) What Is a Non-Human Identity (NHI)? Machine Identity Security Explained [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption?ts=markdown) What Is a TLS Decryption? Methods, Risks \& Best Practices {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/ai-security?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language