[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform?ts=markdown) 4. [What Is a Cloud Workload Protection Platform (CWPP)?](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform?ts=markdown) Table of Contents * What Is a Cloud Workload Protection Platform (CWPP)? * [The Importance of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#importance?ts=markdown) * [Key Features of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#features?ts=markdown) * [Benefits of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#benefits?ts=markdown) * [Cloud Workload Protection Vs. Application Security](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#security?ts=markdown) * [CWPPs and the Cloud-Native Application Protection Platform](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#protection?ts=markdown) * [CWPP Considerations for Security Leaders](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#leaders?ts=markdown) * [Cloud Workload Protection Platform FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#faqs?ts=markdown) * [What Is a Workload?](https://www.paloaltonetworks.com/cyberpedia/what-is-workload?ts=markdown) * [Workloads Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#workloads?ts=markdown) * [Cloud Workload Characteristics](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#cloud?ts=markdown) * [Cloud or On-Premises?](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#phases?ts=markdown) * [Workload Management](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#manage?ts=markdown) * [Workload Automation](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#automation?ts=markdown) * [Cloud Workload Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#protection?ts=markdown) * [What Is API Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security?ts=markdown) * [API Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#api?ts=markdown) * [Definition of an API](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#definition?ts=markdown) * [Why API Security Is Important](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#why?ts=markdown) * [Traditional Approach to Web Application Security](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#traditional?ts=markdown) * [Anatomy of an API Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#anatomy?ts=markdown) * [API Security Risks](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#risks?ts=markdown) * [API Security for SOAP, REST and GraphQL](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#graphql?ts=markdown) * [API Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#best?ts=markdown) * [Cortex Cloud's API Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#prisma?ts=markdown) * [API Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#faqs?ts=markdown) * [Agentless vs Agent-Based Security](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security?ts=markdown) * [Agentless Security](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security#agentless?ts=markdown) * [Is Agentless or Agent-Based Security Better?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security#better?ts=markdown) * [FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security#faqs?ts=markdown) * [What is the Difference Between Web Application Firewall (WAF) and Next-Generation Firewall (NGFW)?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws?ts=markdown) * [What Is a Web Application Firewall (WAF)?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#what?ts=markdown) * [What Is an NGFW?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#ngfw?ts=markdown) * [The Similarities and Differences Between WAFs and NGFWs](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#the?ts=markdown) * [When to Use WAFs vs. NGFWs](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#when?ts=markdown) * [How Do WAFs and NGFWs Complement Each Other?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#how?ts=markdown) * [What Customers Should Consider When Searching for a Web Application Security Solution](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#solution?ts=markdown) * [WAF vs NGFW FAQs](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#faqs?ts=markdown) * [What Is Layer 7?](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7?ts=markdown) * [Layer 7 Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#what?ts=markdown) * [Understanding the OSI Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#osi?ts=markdown) * [How Does Data Flow Through the OSI Model?](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#how?ts=markdown) * [The Role of Layer 7](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#role?ts=markdown) * [Layer 7 Load Balancing](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#load?ts=markdown) * [Layer 7 Security](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#security?ts=markdown) * [OSI Model Vs. the TCP/IP Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#model?ts=markdown) * [Layer 7 and the OSI Model FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#faqs?ts=markdown) * [What Is Web Application and API Protection?](https://www.paloaltonetworks.com/cyberpedia/what-is-web-application-and-api-protection?ts=markdown) * [What Is an API Gateway?](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway?ts=markdown) * [API Gateway Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#explained?ts=markdown) * [API Gateways for Microservices Architectures](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#architectures?ts=markdown) * [What Is the API Gateway Pattern?](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#pattern?ts=markdown) * [Challenges of API Gateways Potential Response Time Increases](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#response?ts=markdown) * [Use Cases and API Gateway Benefits](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#benefits?ts=markdown) * [Service Mesh Vs. API Gateway](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#service?ts=markdown) * [API Gateway Vs. Load Balancer](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#balancer?ts=markdown) * [API Gateways Security and WAFs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#security?ts=markdown) * [API Gateway Solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#solutions?ts=markdown) * [Industry Practices and Standards](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#practices?ts=markdown) * [API Gateway FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#faqs?ts=markdown) # What Is a Cloud Workload Protection Platform (CWPP)? 5 min. read [Download The CNAPP Buyer's Guide](https://start.paloaltonetworks.com/cnapp-buyers-guide.html) Table of Contents * * [The Importance of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#importance?ts=markdown) * [Key Features of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#features?ts=markdown) * [Benefits of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#benefits?ts=markdown) * [Cloud Workload Protection Vs. Application Security](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#security?ts=markdown) * [CWPPs and the Cloud-Native Application Protection Platform](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#protection?ts=markdown) * [CWPP Considerations for Security Leaders](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#leaders?ts=markdown) * [Cloud Workload Protection Platform FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#faqs?ts=markdown) 1. The Importance of a CWPP * * [The Importance of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#importance?ts=markdown) * [Key Features of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#features?ts=markdown) * [Benefits of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#benefits?ts=markdown) * [Cloud Workload Protection Vs. Application Security](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#security?ts=markdown) * [CWPPs and the Cloud-Native Application Protection Platform](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#protection?ts=markdown) * [CWPP Considerations for Security Leaders](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#leaders?ts=markdown) * [Cloud Workload Protection Platform FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#faqs?ts=markdown) A cloud workload protection platform (CWPP) is a security solution engineered to address the unique requirements of protecting workloads in cloud environments. [Workloads](https://www.paloaltonetworks.com/cyberpedia/what-is-workload?ts=markdown) can be hosted on a range of infrastructures, from traditional virtual machines to modern containers and serverless functions, across public, private and hybrid clouds. Through various security controls, CWPPs preserve the integrity, confidentiality and availability of workloads. The cloud workload protection platform will continue to play a critical role in cloud security, evolving alongside technological advancements and shifting security paradigms as the future of the cloud unfolds. ![A workload-centric security solution that focuses on protecting workloads within modern environments, as Gartner defines a CWPP](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-cwpp/cloud-workload-protection-platform-capabilities.jpg) ***Figure 1**: A workload-centric security solution that focuses on protecting workloads within modern environments, as Gartner defines a CWPP* ## Cloud Workload Protection Platform (CWPP) Explained The cloud workload protection platform, or CWPP, is a solution developed to secure workloads. In cloud computing, workloads refer to the amount of processing that a cloud service has been contracted to handle. Workloads --- applications, databases, batch jobs, user requests --- can be hosted on various platforms, such as Amazon Web Services' Elastic Compute Cloud (AWS EC2), Microsoft Azure's Virtual Machines, or Google Cloud's containerized applications. But each of these workloads presents a potential attack vector for threat actors. In other words, every workload that performs a service, regardless of how briefly it's operational, could be targeted for attack. Here's where cloud workload protection platforms come in. CWPPs provide security measures to protect workloads from threats, not just when they're operational, but also during their transit stages --- when they're being moved, copied or modified, which can expose them to additional vulnerabilities. CWPP provides comprehensive protection via a range of cloud workload security capabilities, including: * [Vulnerability management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) * Host intrusion detection/prevention * Compliance management * Image analysis * Runtime protection * Behavioral monitoring of workload CWPPs help security teams to ensure consistent security control across cloud environments and are also incorporated into [continuous integration/continuous deployment (CI/CD) pipelines](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown) to enhance the security of [DevOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devops?ts=markdown) practices. ### Types of CWPP Solutions CWPP solutions can be broadly categorized into two types: 1. **Agent-based solutions** require the installation of security agents on each workload. The agent communicates with the CWPP's central management console, providing real-time information about the workload's security state. Agent-based solutions are known for their deep visibility and control but can be more resource-intensive. 2. **Agentless solutions** don't require the installation of security agents. Instead, they integrate with the cloud provider's API or hypervisor to monitor workloads. [Agentless solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security?ts=markdown) can be less resource-intensive and easier to deploy but may offer less visibility and control than agent-based solutions. ## The Importance of a CWPP Traditional security solutions can't protect modern enterprises. The cloud workload protection platform emerged with the adoption of cloud services --- and quickly became essential as the era of single-cloud deployments gave way to multicloud and hybrid cloud models. Although these models provide enterprises with enumerable opportunities, they also usher in complexities and unique risks. Virtual machines (VMs), containers, serverless and other diverse workload types --- alongside the varying configurations of public, private and hybrid clouds --- heighten the dynamism and heterogeneity of cloud environments. The CWPP brings much needed simplicity to the cloud ecosystem. It provides comprehensive visibility in a unified platform capable of securing diverse workloads. By implementing a CWPP that aligns with their needs, organizations can maximize the benefits of the cloud with confidence. ## Key Features of a CWPP A well-rounded CWPP brings a multitude of security components under one roof, providing an omnibus suite of integrated capabilities to secure cloud workloads. ### Vulnerability Management The CWPP supports continuous vulnerability assessment to identify and prioritize vulnerabilities in cloud workloads. Incorporating vulnerability databases like CVE (Common Vulnerabilities and Exposures), the CWPP applies threat intelligence to assess the risk posed by vulnerabilities. The platform also supports vulnerability remediation, either by providing patching tools or integrating with existing patch management solutions. The CWPP aids in prioritizing mitigation based on the severity of vulnerabilities, contextual risk factors with the workload, and the sensitivity of the data and services affected. ### Configuration Management The CWPP allows for configuration management, monitoring and enforcement of security best practices. It aligns with industry standards like [CIS Benchmarks](https://www.cisecurity.org/cis-benchmarks) and provides automated compliance checks against these standards. The platform also offers remediation advice or automates the enforcement of secure configurations. ### Compliance Management Compliance management ensures that cloud workloads align with regulatory standards such as [PCI DSS](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown), [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown) and [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown). To help organizations maintain compliance, CWPPs provide automated monitoring and offer compliance-oriented security configurations. The platform also generates compliance reports detailing the compliance status of cloud workloads, as well as dashboards to visualize security posture and compliance status. In the event of a security incident, CWPPs help ensure a swift and compliant response, minimizing potential regulatory penalties. ### Image Analysis [Image analysis](https://docs.paloaltonetworks.com/prisma/prisma-cloud/21-08/prisma-cloud-compute-edition-admin/runtime_defense/image_analysis_sandbox) involves scrutinizing container images for potential security issues and pulling those that possibly contain outdated, vulnerable packages or embedded malware before they enter the runtime environment. The CWPP also allows you to implement policies that define which registries, repositories and images you can trust. By using trusted images, organizations can ensure that application components only originate from authorized sources. ### Consistency Across Cloud Environments CWPPs ensure that security policies and controls are consistently applied across all cloud environments. This encompasses public clouds like Amazon Web Services, Google Cloud Platform and Microsoft Azure, as well as private clouds and on-premises infrastructure. ### CI/CD Pipeline Integration The CWPP integrates with existing security tools and processes --- including [SIEMs](https://www.paloaltonetworks.com/cyberpedia/what-is-siem?ts=markdown) and [SOAR](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown) platforms and [DevOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devops?ts=markdown) tools. By integrating with [CI/CD pipelines](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown), the CWPP can provide security feedback early in the software development lifecycle and help facilitate shift-left security practices to catch and fix security issues before they make it to production. In doing so, it helps teams align with the principles of [DevSecOps.](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops?ts=markdown) ### Runtime Protection Runtime protection involves monitoring and protecting workloads as they run in the cloud computing environment, defending against attacks and unauthorized activities in real time. The CWPP commands runtime protection with robust threat detection capabilities, using techniques such as behavioral analysis, [machine learning (ML)](https://www.paloaltonetworks.com/cyberpedia/machine-learning-ml?ts=markdown) and signature-based detection. It integrates with [cyber threat intelligence](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) feeds for up-to-date threat detection. For response, the CWPP supports incident response automation, like automated quarantine or workload shutdown, and provides detailed forensics to investigate incidents. ### Microsegmentation Many CWPP's offer [microsegmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-microsegmentation?ts=markdown) capabilities that allow developers and security teams to isolate workloads and limit lateral movement within the environment. This feature, when present, integrates seamlessly with native cloud networking and [container](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container?ts=markdown) networking solutions. ### Web Application and API Security (WAAS) Some CWPPs incorporate elements of [web application and API security (WaaS)](https://www.paloaltonetworks.com/cyberpedia/what-is-web-application-and-api-protection?ts=markdown), especially as they pertain to [containerized](https://www.paloaltonetworks.com/cyberpedia/containerization?ts=markdown) and cloud-native applications. For instance, regarding [API security](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security?ts=markdown), a CWPP may include functionalities to ensure secure communication between [microservices](https://www.paloaltonetworks.com/cyberpedia/what-are-microservices?ts=markdown) in a microservices architecture, which is often implemented in [cloud-native applications](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-native?ts=markdown). ### Web Application Firewall (WAF) Some advanced CWPPs offer security features typically part of a [web application firewall (WAF)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-web-application-firewall?ts=markdown). WAFs protect against OWASP Top 10 security risks, such as injection, broken authentication and [cross-site scripting (XSS)](https://www.paloaltonetworks.com/cyberpedia/xxs-cross-site-scripting?ts=markdown) vulnerabilities. It's important to note that while CWPPs can have overlapping functionalities with WAFs and [API Security](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security?ts=markdown) solutions, they should complement and not replace these solutions. ## Benefits of a CWPP Essential for safeguarding cloud-hosted workloads, cloud workload protection platforms offer a multitude of benefits, significantly enhancing the security posture of the cloud network. ### Granular Visibility Providing granular visibility into workloads across [cloud service providers (CSP)](https://www.paloaltonetworks.com/cyberpedia/cloud-service-provider?ts=markdown), as well as private and hybrid cloud environments, CWPPs eliminate blind spots in the environment. Detailed insights into applications, databases and computing tasks allow for the prompt detection of anomalies and potential security threats. Enhanced visibility also enables security teams to maintain an updated inventory of workloads, while increasing their understanding and management of the attack surface. ### Efficient Compliance Compliance management is an area where CWPPs bring extraordinary value. The platform streamlines the compliance process, monitoring adherence to a myriad of regulations. Their automated compliance reporting capabilities not only save time but also provide auditable evidence of compliance and help enterprises avoid penalties and reputational damage that could result from compliance breaches. ### Improved Security Posture Through features like system hardening, microsegmentation and threat detection, CWPPs minimize the attack surface and restrict lateral movement of threats within the cloud environment. Vulnerability management capabilities identify potential weak points, providing remediation recommendations or patches to secure these vulnerabilities. In addition, CWPPs employ advanced technologies such as AI and ML to detect and proactively respond to threats to enhance the organization's security resilience. ### Scalability and Agility As organizations grow, their cloud environments often need to scale, which introduces new workloads and possibly new vulnerabilities. CWPPs, with their scalable architectures, efficiently adapt to changes, providing protection regardless of the size or complexity of the environment. Their capacity to secure diverse workload types leaves organizations free to adopt VMs, containers, serverless, or on-prem servers to accommodate evolving needs. Additionally, because CWPPs support DevOps practices, integrating with CI/CD pipelines and enabling [shift left security](https://www.paloaltonetworks.com/cyberpedia/shift-left-security?ts=markdown), teams can accelerate the pace of software delivery without compromising security. ### Reduced Complexity Despite the intricacies of cloud security, CWPPs help to reduce the overall complexity for DevOps and security teams. By consolidating multiple security controls in a single platform, CWPPs eliminate the need to manage disparate security tools. Consolidation not only simplifies security management but also ensures a unified security strategy across all workloads. ## Cloud Workload Protection Vs. Application Security Both cloud workload protection and application security ([AppSec](https://www.paloaltonetworks.com/cyberpedia/appsec-application-security?ts=markdown)) play crucial roles in cloud security. While they share the goal of protecting cloud-native assets, they do so from different angles and at different stages of the application lifecycle. Cloud workload protection aims to secure workloads against threats that could lead to [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown). It does this by homing in on the environment where the application runs (the workload), which includes securing the underlying infrastructure and monitoring runtime activities. AppSec is a broader term that encompasses measures taken to improve the security of an application. It involves identifying, fixing and preventing security vulnerabilities within the application. While cloud workload protection focuses on the runtime environment of workloads, AppSec focuses on the application code, its dependencies and the way it interacts with users and systems. Application security includes practices such as [static application security testing (SAST)](https://www.paloaltonetworks.com/cyberpedia/what-is-sast-static-application-security-testing?ts=markdown), dynamic application security testing (DAST), [software composition analysis (SCA)](https://www.paloaltonetworks.com/cyberpedia/what-is-sca?ts=markdown), and interactive application security testing (IAST). AppSec also enters the development process with security requirements definition, [threat modeling](https://www.paloaltonetworks.com/cyberpedia/threat-modeling?ts=markdown), secure coding practices and security testing. ### Security for the Stage of the Software Lifecycle Cloud workload protection is primarily concerned with the deployment and operation stages, while AppSec starts from the early [stages of software development](https://www.paloaltonetworks.com/cyberpedia/what-is-secure-software-development-lifecycle?ts=markdown) and continues through deployment and operation. Starting with application code, often referred to as shifting security left, can't be understated in terms of importance to the resilience of the software development lifecycle. Teams that understand the differences between cloud workload protection and AppSec can help their organizations to implement a more comprehensive and effective cloud security strategy. It's not a matter of choosing one over the other but understanding how they complement each other. ![Cloud workload protection to keep workloads secure across the entire application lifecycle](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-cwpp/video-thumbnail-cwp-keep-workloads-secure-across-the-entire-application-lifecycle.jpg) ***Video:** Cloud workload protection to keep workloads secure across the entire application lifecycle* close ## CWPPs and the Cloud-Native Application Protection Platform The cloud workload protection platform and the [cloud-native application protection platform (CNAPP)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-application-protection-platform?ts=markdown) are two security solutions designed to protect cloud-based workloads. The CNAPP, however, is a broader security solution that comprises several security modules, one being the CWPP. In other words, when you have a CNAPP, you also have a CWPP. In addition to integrating the complete functionality of the cloud workload protection platform, CNAPPs provide comprehensive code-to-cloud security by seamlessly integrating the full functionality of: * [Code Security](https://www.paloaltonetworks.com/cyberpedia/what-is-code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cyberpedia/what-is-web-application-and-api-protection?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem?ts=markdown) * Cloud Network Security (CNS) The result of true integration within the CNAPP is end-to-end visibility and control. Though some organizations begin their cloud journey with the CWPP or CSPM, only the CNAPP addresses the spectrum of security issues, providing a robust, layered defense to secure cloud-native applications from development through runtime. ## CWPP Considerations for Security Leaders Security leaders should take several key considerations into account when contemplating the implementation of a cloud workload protection platform. ### Coverage Does the CWPP solution support all the types of cloud infrastructures the organization uses --- including virtual machines, containers and serverless functions, across private and public clouds? ### Compatibility Is the CWPP compatible with your existing tech stack? It should be able to integrate seamlessly with your cloud service providers, container orchestrators and existing security tools and processes, such as CI/CD pipelines and ITSM tools. ### Automation Will the platform support the growth of your organization? As the scale and dynamism of cloud environments can overwhelm manual security processes, the CWPP solution should support automation, equipping your teams to respond quickly and effectively to security incidents. ### Regulatory Compliance Does the CWPP solution help ensure compliance with regulatory standards and internal policies? The cloud workload protection platform you choose should help your organization meet its regulatory compliance requirements. This includes features to support compliance reporting and the enforcement of compliance-related controls. ### Usability How steep is the learning curve? You'll want the platform to be user-friendly, with intuitive interfaces and workflows. A user-friendly platform will accelerate adoption and minimize the extent of staff training needed to gain proficiency. ### Vendor Reputation and Stability Is the vendor a recognized leader in the field of cloud security? Is their platform and solutions portfolio well regarded by peers and analysts? The vendor you choose should have a proven track record and a stable financial position to ensure the ability to provide continued platform development and support in the future. ### Vendor Support What type of support can you expect from the vendor? In addition to the vendor's reputation, inquire about the quality of their customer support. As the threat landscape evolves, they should provide routine updates to the platform to address emerging threats and vulnerabilities. They should also offer robust support to assist with implementation, troubleshooting and other issues. ### Deploying a CWPP The deployment of a CWPP involves several steps: * **Planning:** Develop a deployment plan, considering factors such as the order of workload protection, rollback procedures and potential downtime. * **Testing:** Before full deployment, conduct a pilot test to identify potential issues and assess the CWPP's effectiveness. * **Deployment:** Deploy the CWPP according to your plan, ensuring all workloads are protected and the platform is correctly configured. * **Monitoring and Adjusting:** After deployment, continuously monitor the CWPP's performance and adjust as necessary to ensure optimal protection. ## Cloud Workload Protection Platform FAQs ### What is a virtual machine? A virtual machine (VM) is a software emulation of a physical computer. It uses the architecture and functions of a physical computer, but its implementation involves specialized software called a hypervisor. The hypervisor separates compute environments from the physical hardware in an arrangement that allows multiple VMs to run simultaneously on one machine. Each VM behaves independently, as though it were a distinct physical machine. ### What is file integrity monitoring? File integrity monitoring (FIM) is a security process and technology that monitors and reports on changes to critical system and application files. It checks the integrity of these files against a known baseline to detect unauthorized modifications that could indicate a breach. FIM is essential for regulatory compliance and can help detect and alert on potential malicious activities. ### What is meant by security control? Security control refers to a safeguard or countermeasure, a mechanism implemented to counteract risks that could affect valuable resources and data. Security controls can be administrative (policies, procedures), physical (locks, gates), or technical (firewalls, access controls). They can also be preventive, detective or corrective. ### What is access management? Access management, also referred to as [identity and access management (IAM)](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown), is a key concept in information security that involves defining and managing the roles and access privileges of network users. The objective of IAM is to minimize the potential for unauthorized access by ensuring all users have the right level of access to the systems and resources needed to perform their tasks. Access management mechanisms can include authentication, authorization and audit controls. ### How does a CWPP handle data privacy? CWPPs help enforce data privacy regulations by ensuring that sensitive data within workloads is protected, regardless of where the workloads are hosted. This protection can include encryption, tokenization and access controls, among other measures. ### What is runtime protection? Runtime protection refers to security measures that safeguard workloads while they're operational or "running." Runtime protection includes detecting and blocking malicious activities, preventing unauthorized access and ensuring the integrity of running processes. ### How do CWPPs deal with zero-day threats? Many CWPPs use advanced technologies like machine learning and AI to detect anomalous behavior that might indicate a zero-day threat. They can also integrate with threat intelligence feeds to stay updated with the latest vulnerabilities and threats. ### What is the difference between CWPP and CSPM? CWPP enables you to provide container-based and host-based workload protection across your network --- from multiple CSPs to on-premises data centers. Cloud security posture management implements continuous, automated security and compliance processes to secure the infrastructure where workloads are deployed. ### What is a workload-centric stack? A workload-centric stack refers to the layers of technologies --- including hardware, software and networking components --- that are chosen to meet the needs of a workload. This could include the servers, storage systems, networking devices, operating systems, middleware, runtime environments and applications. When developers tailor technologies to the characteristics and requirements of the workload, the result is a workload-centric stack arranged to meet precise performance needs, scalability requirements and security considerations. Related Content [Agentless vs. Agent-Based Security When it comes to securing multicloud and hybrid systems, security pros turn to two approaches: agent-based and agentless security. But how do these differ and which is the best fit...](https://www.paloaltonetworks.com/blog/prisma-cloud/agentless-vs-agent-based-security-how-to-use-them-both-to-stay-secure/?ts=markdown) [Cortex Cloud Workload Protection Cortex Cloud combines runtime protection with vulnerability management and compliance to secure any cloud-native workload across build, deploy and run.](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) [Cloud Detection and Response Buyer's Guide Cloud detection and response (CDR) solutions stop attacks in their tracks. Understand must-have features and important questions to ask when evaluating solutions.](https://www.paloaltonetworks.com/resources/guides/cloud-detection-and-response-cdr-buyers-guide?ts=markdown) [State of Cloud-Native Security Report Over 3,000 cloud security and DevOps professionals identify their challenges, how they handle them and what they've learned in the process.](https://www.paloaltonetworks.com/state-of-cloud-native-security?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20a%20Cloud%20Workload%20Protection%20Platform%20%28CWPP%29%3F&body=Learn%20how%20Cloud%20Workload%20Protection%20Platforms%20%28CWPPs%29%20defend%20VMs%2C%20containers%2C%20and%20serverless%20applications%20against%20cyber%20threats%20with%20advanced%20security.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform) Back to Top [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-workload?ts=markdown) What Is a Workload? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language