[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-security-solution?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.paloaltonetworks.com/deploybravely?ts=markdown) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Identity Security](https://www.paloaltonetworks.com/cyberpedia/identity-security?ts=markdown) 3. [Privileged Access Management](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management?ts=markdown) 4. [What Is Defense-in-Depth?](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth?ts=markdown) Table of Contents * [What Is Privileged Access Management (PAM)?](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management?ts=markdown) * [Privileged Access Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#privileged?ts=markdown) * [Why PAM Is Critical Today](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#why?ts=markdown) * [How PAM Works](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#how?ts=markdown) * [Core Pillars of Modern PAM Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#core?ts=markdown) * [Examples of Privileged Access](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#examples?ts=markdown) * [PAM Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#pam?ts=markdown) * [Common PAM Challenges and How to Solve Them](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#common?ts=markdown) * [Use Cases \& Real-World Scenarios](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#scenarios?ts=markdown) * [Emerging Trends: Where PAM Is Going](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#emerging?ts=markdown) * [Privileged Access Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#faqs?ts=markdown) * What Is Defense-in-Depth?: A Layered Cybersecurity Strategy * [Defense-in-Depth Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#explained?ts=markdown) * [Key Data: Threats \& Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#key?ts=markdown) * [The Core Architectural Components of Defense-in-Depth](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#core?ts=markdown) * [Defense-in-Depth in the Modern Cloud and Identity Landscape](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#landscape?ts=markdown) * [Disrupting the Attack Lifecycle: Defense-in-Depth and Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#disrupting?ts=markdown) * [Defense-in-Depth versus Zero Trust Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#architecture?ts=markdown) * [Best Practices for Implementing a Layered Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#best?ts=markdown) * [Defense-in-Depth FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#faqs?ts=markdown) * [What Is Just-In-Time Access?](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown) * [Just-in-Time Access Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#explained?ts=markdown) * [Key Data: Threats and Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#key?ts=markdown) * [Types of Just-in-Time Access](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#types?ts=markdown) * [How Just-in-Time Access Works (Conceptual Flow)](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#how?ts=markdown) * [Key Components and Capabilities](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#components?ts=markdown) * [Key Steps to Implementing Just-in-Time Access](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#steps?ts=markdown) * [Common Risks and Implementation Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#risks?ts=markdown) * [Just-in-Time Access in a Zero Trust and Modern Security Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#architecture?ts=markdown) * [Just-in-Time Access FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#architecture?ts=markdown) * [Zero Standing Privileges: Protecting Enterprise Access Control](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges?ts=markdown) * [Zero Standing Privileges Explained](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#zero?ts=markdown) * [ZSP and Other Access Models](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#vs?ts=markdown) * [The Critical Risk of Standing Privileges](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#privileges?ts=markdown) * [Key Benefits of Adopting ZSP](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#key?ts=markdown) * [A Practical Roadmap for ZSP Implementation](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#practical?ts=markdown) * [Zero Standing Privileges FAQs](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#faqs?ts=markdown) * [What Is Least Privilege Access?](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown) * [Least Privilege Access, Defined](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#definition?ts=markdown) * [Benefits of Least Privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#benefits?ts=markdown) * [Example of Least Privilege Access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#example?ts=markdown) * [Least Privilege vs. Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#vs?ts=markdown) * [Managing Least Privilege Access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#manage?ts=markdown) * [Least Privilege Access FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#faqs?ts=markdown) # What Is Defense-in-Depth? 3 min. read [Explore Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) Table of Contents * * [Defense-in-Depth Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#explained?ts=markdown) * [Key Data: Threats \& Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#key?ts=markdown) * [The Core Architectural Components of Defense-in-Depth](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#core?ts=markdown) * [Defense-in-Depth in the Modern Cloud and Identity Landscape](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#landscape?ts=markdown) * [Disrupting the Attack Lifecycle: Defense-in-Depth and Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#disrupting?ts=markdown) * [Defense-in-Depth versus Zero Trust Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#architecture?ts=markdown) * [Best Practices for Implementing a Layered Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#best?ts=markdown) * [Defense-in-Depth FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#faqs?ts=markdown) 1. Defense-in-Depth Explained * * [Defense-in-Depth Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#explained?ts=markdown) * [Key Data: Threats \& Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#key?ts=markdown) * [The Core Architectural Components of Defense-in-Depth](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#core?ts=markdown) * [Defense-in-Depth in the Modern Cloud and Identity Landscape](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#landscape?ts=markdown) * [Disrupting the Attack Lifecycle: Defense-in-Depth and Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#disrupting?ts=markdown) * [Defense-in-Depth versus Zero Trust Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#architecture?ts=markdown) * [Best Practices for Implementing a Layered Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#best?ts=markdown) * [Defense-in-Depth FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#faqs?ts=markdown) Defense-in-Depth is a proactive cybersecurity strategy that employs multiple, independent, and overlapping security controls to protect an organization's critical assets. Drawing its name from a military strategy, the core principle is that if one line of defense is compromised or fails, subsequent layers are already in place to detect, delay, or stop an attack, preventing a catastrophic single point of failure. This holistic approach extends beyond technical solutions to encompass People, Processes, and Technology, providing a robust and resilient security posture across modern hybrid and cloud environments. Key Takeaways: * **Layered Protection**: Defense-in-depth uses multiple, independent security controls. \* **Friction and Containment**: The primary goal is to slow down attackers and limit lateral movement. \* **Redundancy is Key**: No single point of failure protects critical assets from compromise. \* **Modern Context**: It must be adapted to dynamic environments such as cloud and remote work. \* **Identity-Centric**: Modern Defense-in-Depth places strong controls around user and machine identity. \* **Detection Focus**: The strategy supports early, persistent threat detection across all layers. ## Defense-in-Depth Explained Defense-in-depth is an information assurance concept that originated in military strategy. In cybersecurity, this means placing overlapping security controls across the entire computing environment. The approach acknowledges that perimeter defenses are no longer sufficient against sophisticated attacks. Each layer is designed to defend against a specific set of threats, and the combination ensures a comprehensive security posture. The strategic value ofDefense-in-Depthis its resilience. If a [firewall](https://www.paloaltonetworks.com/cyberpedia/what-is-a-firewall?ts=markdown) fails, the next layer, such as strong [Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-security?ts=markdown) controls, will challenge the attacker. The effectiveness of this strategy relies on the diversity of controls. Using different vendors or technologies for each layer reduces the risk that a single vulnerability will compromise the entire stack. This strategic redundancy directly supports the core objective of threat mitigation and breach containment. ## Key Data: Threats \& Trends The need for defense-in-depth is underscored by the current threat landscape, where attackers continuously evolve their techniques to bypass single security controls. **Strategic Alignment: Defense-in-Depth vs. Modern Threat Vectors** | **Threat Context** | **[Unit 42 Intelligence \& Industry Trends](https://unit42.paloaltonetworks.com/)** | |------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | **Identity Exploitation** | 80% of successful breaches exploit identity- and credential-related weaknesses. Threat actors, including Unit 42-tracked groups, prioritize compromising privileged accounts to enable lateral movement and ultimately steal data.Defense-in-Depthmust focus on identity as the primary control plane. | | **Cloud Misconfiguration** | Cloud and IAM misconfigurations are consistently ranked among the top initial access vectors. A robustDefense-in-Depthstrategy in the cloud requires controls like Cloud Security Posture Management (CSPM) and Cloud Infrastructure Entitlement Management (CIEM) to prevent configuration drift that bypasses perimeter defenses. | | **Ransomware Attack Chains** | Defense-in-Depth directly disrupts the ransomware kill chain. Multi-layered defenses, such as Endpoint Detection and Response (EDR) coupled with network microsegmentation and automated Just-in-Time (JIT) access, can stop ransomware from executing, encrypting data, and exfiltrating information. | | **Dwell Time** | Every layer reduces attacker dwell time. The redundancy provided by Defense-in-Depth---for example, when a firewall fails and an EDR solution catches the payload---gives Security Operations Center (SOC) teams more time to detect, contain, and remediate the threat before major damage occurs. | ***Table 1**: HowDefense-in-Depthstrategy uses layered controls to mitigate modern risks.* ## The Core Architectural Components of Defense-in-Depth Adequate defense-in-depth architecture structures security controls into logical layers. While the classic model included seven layers, the modern interpretation focuses on operational areas and where controls are enforced. The primary layers of a contemporary defense-in-depth model include: * **Physical Security** : Securing the physical hardware, including data centers, servers, and [endpoints](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint?ts=markdown). Controls involve locks, surveillance, access logging, and visitor authentication. * **Perimeter Security** : The first line of defense, focused on separating the organization's network from the open internet. This layer uses [next-generation firewalls](https://www.paloaltonetworks.com/cyberpedia/what-is-a-next-generation-firewall-ngfw?ts=markdown), [intrusion prevention systems (IPS)](https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-prevention-system-ips?ts=markdown), and anti-malware gateways. * **Network Security** : Segmenting the network internally to control traffic flow and limit attacker movement. This includes virtual [Network Segmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-network-segmentation?ts=markdown), access control lists (ACLs), and internal monitoring systems. * **Endpoint Security** : Protecting individual computing devices like laptops, servers, and mobile devices. Controls include [endpoint detection and response (EDR)](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection-and-response-edr?ts=markdown), host firewalls, and [data loss prevention (DLP)](https://www.paloaltonetworks.com/cyberpedia/what-is-data-loss-prevention-dlp?ts=markdown). * **Application Security** : Securing the organization's software and services. This involves [web application firewalls (WAFs),](https://www.paloaltonetworks.com/cyberpedia/what-is-a-web-application-firewall?ts=markdown) code review, secure development lifecycle practices ([SDLC](https://www.paloaltonetworks.com/cyberpedia/what-is-secure-software-development-lifecycle?ts=markdown)), and API protection. * [**Data Security**](https://www.paloaltonetworks.com/cyberpedia/what-is-data-security?ts=markdown): The innermost and most critical layer, focused on the information itself. Measures include encryption (at rest and in transit), data masking, tokenization, and strict data access policies. * **People and Policy** : The human element and administrative controls. This includes [security awareness training](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training?ts=markdown), strong governance, acceptable use policies, and disaster recovery plans. A diverse set of controls ensures that no single failure compromises the entire defense. **Layered Defense: Control Mechanisms across the IT Stack** | **Security Layer** | **Primary Control Type** | **Objective** | |--------------------|---------------------------------|-----------------------------------------------------------------------| | **Data** | Encryption, Access Policy | Prevent unauthorized access or modification of sensitive information. | | **Application** | WAF, SAST/DAST Testing | Mitigate vulnerabilities within the software itself. | | **Network** | Segmentation, Microsegmentation | Restrict network connectivity and limit the attack's blast radius. | | **Perimeter** | Next-Gen Firewall, IPS | Block external threats from entering the internal network. | ***Table 2**: A "Defense in Depth" approach to risk mitigation.* ## Defense-in-Depth in the Modern Cloud and Identity Landscape The shift to cloud computing and remote work has expanded the attack surface, requiring a modification of the traditionalDefense-in-Depthmodel. Physical and perimeter layers become less dominant, while identity, data, and configuration controls become the primary focus. Cloud environments introduce [shared responsibility models](https://www.paloaltonetworks.com/cyberpedia/cloud-security-is-a-shared-responsibility?ts=markdown) where the organization must prioritize securing its own workloads, data, and access controls. **Key Cloud and Identity Security Considerations:** * **Cloud [Misconfiguration](https://www.paloaltonetworks.com/cyberpedia/security-misconfiguration-api8?ts=markdown)** : Public cloud settings---such as overly permissive S3 bucket policies---often serve as the weakest link. A comprehensiveDefense-in-Depthstrategy requires continuous [cloud security posture management (CSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown) to enforce secure configurations. This prevents common initial access vectors for threat actors. * **Machine Identity Risks** : The proliferation of [non-human identities](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown), such as service accounts, APIs, and microservices, creates new targets. A layered defense must include rigorous authentication and access policies for these machine identities. Failure to secure these can lead to unauthorized access to cloud resources. * **Excess Entitlements** : [Identity and access management (IAM)](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown) is central to modern Defense-in-Depth. Enforcing the [principle of least privilege (PoLP)](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege?ts=markdown) is a required layer that ensures users and systems have only the minimum permissions necessary for their tasks. This prevents an attacker who compromises an account from having free rein over it. ## Disrupting the Attack Lifecycle: Defense-in-Depth and Lateral Movement Defense-in-depth is the primary strategic answer to the attack lifecycle. Instead of solely focusing on initial prevention,Defense-in-Depthis designed for detection and containment after a breach occurs. By creating security 'speed bumps' within the infrastructure, the strategy buys valuable time for security operations teams. [Unit 42 Insight:](https://unit42.paloaltonetworks.com/) Attackers consistently prioritize privilege escalation and lateral movement to advance their goals. Unit 42 research shows that even a successful initial access does not guarantee a total breach if internal segmentation and strong identity controls are in place. The layers of aDefense-in-Deptharchitecture directly disrupt these post-exploitation phases, making it harder for an adversary to move from one compromised system to another. Poorly segmented networks are often the primary enabler of rapid internal compromise. HowDefense-in-DepthContains Attacker Behavior: * **Disrupts Reconnaissance**: Network segmentation prevents attackers from easily scanning the internal network and identifying high-value assets after initial access. * **Limits Credential Theft**: Strong application and data security controls protect credentials and secrets stored on compromised systems, limiting an attacker's ability to use them in subsequent steps. * **Prevents Privilege Escalation** : Multifactor authentication (MFA) and [JIT (Just-in-Time) access](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown) protocols at the application layer block the attacker from simply using stolen credentials to gain administrative rights. * **Increases Time-to-Detect** : Each barrier forces attackers to generate more measurable events, increasing the likelihood that an EDR or [security information and event management (SIEM)](https://www.paloaltonetworks.com/cyberpedia/what-is-siem?ts=markdown)system will flag their presence. ## Defense-in-Depth versus Zero Trust Architecture Defense-in-depth and [zero trust](https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture?ts=markdown) are often discussed together, as they are complementary, not competing, security models.Defense-in-Depthis a layered protection strategy, while zero trust is a framework that governs access based on the principle of "never trust, always verify." **Defense-in-Depth vs. Zero Trust Architecture** | **Feature** | **Defense-in-Depth** | **Zero Trust (ZT)** | |---------------------|------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------| | **Core Philosophy** | Resilience through overlapping layers; perimeter-aware initially. | Access is never granted by default; micro-perimeters everywhere. | | **Primary Goal** | Slow down an inevitable breach; containment and detection. | Prevent breach entirely by verifying every user, device, and connection. | | **Focus Area** | Broad coverage across perimeter, network, data, and applications. | Identity and micro-segmentation, regardless of physical location. | | **Relationship** | Defense-in-Depth is a strategy that benefits from Zero Trust principles as layers. | Zero Trust usesDefense-in-Depthcomponents (e.g., MFA, EDR) to enforce its policies. | ***Table 3**: A comparative analysis of Defense-in-Depth and Zero Trust, highlighting how the two methodologies transition from broad, layered resilience to granular, identity-centric verification.* Adopting a zero trust framework is the most modern and effective way to implement the identity and network layers of a defense-in-depth strategy. By strictly enforcing policies and continuously verifying them, zero trust dramatically strengthens containment within the traditionalDefense-in-Depthmodel. ## Best Practices for Implementing a Layered Security Model Implementing a successfulDefense-in-Depthprogram requires organizational alignment, consistent policy enforcement, and a technology stack capable of centralized management. Prioritized Implementation Steps: * **Establish a Baseline** : Conduct a thorough assessment to map current controls against high-value assets, identifying existing layers and crucial security gaps. Use frameworks like the [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework) to structure the evaluation. * **Enforce Identity-First Policies**: Center granular access control and continuous validation. Adopt MFA for all users, including privileged accounts, and implement JIT access for administrative tasks. * **Segment Everything**: Move beyond simple network segmentation to microsegmentation across cloud and on-premises environments. This ensures that any single compromised workload cannot easily communicate with or access other parts of the infrastructure. * **Automate Response** : Integrate threat intelligence and security automation tools ([SOAR](https://www.paloaltonetworks.com/cyberpedia/what-is-soar?ts=markdown)/[XSIAM](https://www.paloaltonetworks.com/cyberpedia/what-is-extended-security-intelligence-and-automation-management-xsiam?ts=markdown)) across the layers. When one layer detects an anomaly, the response should automatically trigger countermeasures in other layers, such as isolating an endpoint or revoking a user session. * **Test and Validate** : Conduct regular [penetration testing](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing?ts=markdown) and red-team exercises against specific layers of defense. This active validation confirms that the layered defenses are genuinely independent and resilient against modern attack techniques. ## Defense-in-Depth FAQs ### What are the primary benefits of using a defense-in-depth strategy? Defense-in-Depth significantly increases organizational resilience. Its main benefits include reducing the likelihood of a successful data breach, minimizing the impact if a breach occurs, and giving security teams more time to detect and respond to ongoing attacks. ### How does defense-in-depth apply to an organization using cloud services? In the cloud, Defense-in-Depth relies heavily on securing configuration, identity, and data, moving away from a perimeter-only focus. This involves layering controls, including Cloud Workload Protection (CWP), continuous validation of IAM policies, and robust encryption for cloud data. ### Is defense-in-depth the same as zero trust? No. Defense-in-depth is a holistic strategy of layered controls. Zero Trust is a prescriptive security model and principle that mandates strict verification for every access request and can be applied to strengthen the identity and network layers of a Defense-in-Depth strategy. ### How many layers are required for a proper Defense-in-Depth strategy? There is no fixed number of required layers. The effectiveness of Defense-in-Depth is determined by the quality and independence of the controls, not by the number of controls. Security architects should focus on covering the critical domains: Data, Application, Identity, Network, and Endpoint, ensuring redundancy in each. ### Why is credential protection a core element of modern Defense-in-Depth? Credential theft and misuse are central to most successful breaches, enabling privilege escalation and lateral movement. By treating identity as a critical defense layer, strong controls like MFA and PoLP can block an attacker's progress even after they bypass a perimeter firewall or exploit a web application vulnerability. Related Content [2025 Unit 42 Global Incident Response Report See why a layered approach is mandatory in the current threat landscape.](https://www.paloaltonetworks.com/resources/research/2024-incident-response-report?ts=markdown) [What Is Zero Trust Architecture? Key Elements and Use Cases Transition from a general "layered" mindset to a specific Zero Trust framework.](https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture?ts=markdown) [Discover the Network Security Platform Simplify operations, consistently enforce security policies and protect against advanced threats with one unified platform.](https://www.paloaltonetworks.com/network-security?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Defense-in-Depth%3F%3A%20A%20Layered%20Cybersecurity%20Strategy&body=Learn%20what%20defense-in-depth%20is%2C%20its%20core%20layers%2C%20and%20how%20this%20strategy%20aligns%20with%20modern%20Zero%20Trust%20principles%20for%20robust%20threat%20containment.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management?ts=markdown) What Is Privileged Access Management (PAM)? [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown) What Is Just-In-Time Access? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language