[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Security Operations](https://www.paloaltonetworks.com/cyberpedia/security-operations?ts=markdown) 3. [Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security?ts=markdown) 4. [What Is Endpoint Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security?ts=markdown) Table of Contents * What Is Endpoint Security? EPP, EDR, and XDR Explained * [Key Data: Fronts of Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#key?ts=markdown) * [Why Endpoint Security Is Mandatory](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#why?ts=markdown) * [How Does Endpoint Security Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#how?ts=markdown) * [Types of Endpoint Security: A Multi-Layered Approach](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#types?ts=markdown) * [Traditional Antivirus vs. Modern Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#vs?ts=markdown) * [Implementing Zero Trust for Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#security?ts=markdown) * [Other Key Components](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#components?ts=markdown) * [Selecting the Optimal Endpoint Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#solution?ts=markdown) * [Strategic Endpoint Security: Challenges and Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#strategic?ts=markdown) * [Endpoint Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#faqs?ts=markdown) * [What Is Endpoint Detection?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection?ts=markdown) * [The Importance of Endpoint Detection](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#important?ts=markdown) * [What are Endpoints?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#what?ts=markdown) * [What Types of Attacks Does Endpoint Detection Thwart?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#types?ts=markdown) * [Key Components of Endpoint Detection](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#key?ts=markdown) * [How Endpoint Detection and EDR are Different](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#how?ts=markdown) * [Endpoint Detection Use Cases](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#usecases?ts=markdown) * [Endpoint Detection Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#practices?ts=markdown) * [Cloud-Based Endpoint Detection](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#cloud?ts=markdown) * [Endpoint Detection FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection#faqs?ts=markdown) * [What Is Endpoint Security Software?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software?ts=markdown) * [Why Endpoint Security Software Is Important](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#why?ts=markdown) * [Benefits of Endpoint Security Software](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#benefits?ts=markdown) * [Endpoint Security vs. Antivirus](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#vs?ts=markdown) * [How Endpoint Security Software Works](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#how?ts=markdown) * [Endpoint Protection Platforms (EPPs)](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#epps?ts=markdown) * [Advanced Endpoint Protection Technologies](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#advanced?ts=markdown) * [Selecting the Right Endpoint Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#selecting?ts=markdown) * [Endpoint Security Software FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-software#faq?ts=markdown) * [What Is an Endpoint? Understand Devices, Risks \& Security](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint?ts=markdown) * [The Endpoint: The Foundation of Today's Attack Surface](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint#endpoint?ts=markdown) * [Endpoint vs. Network Security: A Critical Architectural Distinction](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint#vs?ts=markdown) * [The Modern Endpoint Defense Stack: EPP, EDR, and XDR](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint#modern?ts=markdown) * [Strategic Best Practices for Endpoint Resilience](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint#best?ts=markdown) * [Endpoint Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint#faqs?ts=markdown) * [What Is the Difference Between Advanced Endpoint Security and Antivirus (AV)?](https://www.paloaltonetworks.com/cyberpedia/advanced-endpoint-security-vs-antivirus?ts=markdown) * [Advanced Endpoint Security vs Antivirus: An Overview](https://www.paloaltonetworks.com/cyberpedia/advanced-endpoint-security-vs-antivirus#vs?ts=markdown) * [Key Differences in Functionality](https://www.paloaltonetworks.com/cyberpedia/advanced-endpoint-security-vs-antivirus#differences?ts=markdown) * [Key Factors for Selecting Endpoint Protection or Antivirus](https://www.paloaltonetworks.com/cyberpedia/advanced-endpoint-security-vs-antivirus#key-factors?ts=markdown) * [Advanced Endpoint Security vs Antivirus FAQs](https://www.paloaltonetworks.com/cyberpedia/advanced-endpoint-security-vs-antivirus#faqs?ts=markdown) * [What is Endpoint Security Awareness Training?](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training?ts=markdown) * [Understanding Security Awareness Training](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#understanding?ts=markdown) * [Endpoint Security Awareness Training Explained](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#endpoint?ts=markdown) * [What Does Endpoint Security Awareness Training Cover?](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#cover?ts=markdown) * [Why Is Security Awareness Training Important?](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#important?ts=markdown) * [How to Build an Effective Endpoint Security Awareness Training Program](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#program?ts=markdown) * [Industry Awareness Training Case Studies and Success Stories](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#industry?ts=markdown) * [The Future of Endpoint Security Awareness Training](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#future?ts=markdown) * [Endpoint Security Awareness Training FAQs](https://www.paloaltonetworks.com/cyberpedia/endpoint-security-awareness-training#faqs?ts=markdown) * [What Is an Endpoint Protection Platform?](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp?ts=markdown) * [Understanding Endpoint Protection Platforms (EPPs)](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#endpoint?ts=markdown) * [The Importance of Endpoint Protection for Enterprises](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#importance?ts=markdown) * [What Cybersecurity Practitioners and CISOs Need to Know About EPPs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#ciso?ts=markdown) * [Traditional vs. Cloud Native EPPs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#traditional?ts=markdown) * [EPP vs EDR: A Comparative Analysis](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#vs?ts=markdown) * [Case Studies: Real-World Applications](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#casestudies?ts=markdown) * [How to Choose the Best EPP](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#choose?ts=markdown) * [Endpoint Protection Platform (EPP) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp#faqs?ts=markdown) * [What are the Types of Endpoint Security?](https://www.paloaltonetworks.com/cyberpedia/types-of-endpoint-security?ts=markdown) * [What is an Endpoint?](https://www.paloaltonetworks.com/cyberpedia/types-of-endpoint-security#endpoint?ts=markdown) * [Why is Endpoint Security Important?](https://www.paloaltonetworks.com/cyberpedia/types-of-endpoint-security#importance?ts=markdown) * [Types of Endpoint Security Solutions](https://www.paloaltonetworks.com/cyberpedia/types-of-endpoint-security#types?ts=markdown) * [Selecting the Optimal Endpoint Security Solutions](https://www.paloaltonetworks.com/cyberpedia/types-of-endpoint-security#solutions?ts=markdown) * [Types of Endpoint Security FAQs](https://www.paloaltonetworks.com/cyberpedia/types-of-endpoint-security#faq?ts=markdown) * [What Is Next-Generation Antivirus (NGAV)](https://www.paloaltonetworks.com/cyberpedia/what-is-next-generation-anti-virus?ts=markdown) * [The Value and Benefits of NGAV](https://www.paloaltonetworks.com/cyberpedia/what-is-next-generation-anti-virus#advanced?ts=markdown) * [AI and Machine Learning in Modern NGAV](https://www.paloaltonetworks.com/cyberpedia/what-is-next-generation-anti-virus#modern?ts=markdown) * [Why Companies Need to Protect Their Sensitive Data](https://www.paloaltonetworks.com/cyberpedia/what-is-next-generation-anti-virus#why?ts=markdown) * [What Is Endpoint Security Antivirus?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus?ts=markdown) * [Endpoint Security Antivirus Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#endpoint?ts=markdown) * [Understanding Endpoints in Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#understanding?ts=markdown) * [Why Endpoint Security Antivirus is Crucial for Modern Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#why?ts=markdown) * [Endpoint Antivirus vs. Endpoint Security: What Is the Difference?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#vs?ts=markdown) * [Key Components of a Comprehensive Endpoint Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#key?ts=markdown) * [How Endpoint Security Antivirus Works](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#how?ts=markdown) * [Implementing and Optimizing Endpoint Security Antivirus](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#implementing?ts=markdown) * [Choosing the Right Endpoint Security Antivirus Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#choosing?ts=markdown) * [Challenges and Future Trends in Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#challanges?ts=markdown) * [Endpoint Security Antivirus FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security-antivirus#faqs?ts=markdown) # What Is Endpoint Security? 5 min. read [Explore Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) [Get the ESS Buyer's Guide](https://start.paloaltonetworks.com/essential-endpoint-security-buyers-guide) Table of Contents * * [Key Data: Fronts of Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#key?ts=markdown) * [Why Endpoint Security Is Mandatory](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#why?ts=markdown) * [How Does Endpoint Security Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#how?ts=markdown) * [Types of Endpoint Security: A Multi-Layered Approach](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#types?ts=markdown) * [Traditional Antivirus vs. Modern Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#vs?ts=markdown) * [Implementing Zero Trust for Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#security?ts=markdown) * [Other Key Components](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#components?ts=markdown) * [Selecting the Optimal Endpoint Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#solution?ts=markdown) * [Strategic Endpoint Security: Challenges and Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#strategic?ts=markdown) * [Endpoint Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#faqs?ts=markdown) 1. Key Data: Fronts of Attacks * * [Key Data: Fronts of Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#key?ts=markdown) * [Why Endpoint Security Is Mandatory](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#why?ts=markdown) * [How Does Endpoint Security Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#how?ts=markdown) * [Types of Endpoint Security: A Multi-Layered Approach](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#types?ts=markdown) * [Traditional Antivirus vs. Modern Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#vs?ts=markdown) * [Implementing Zero Trust for Endpoint Security](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#security?ts=markdown) * [Other Key Components](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#components?ts=markdown) * [Selecting the Optimal Endpoint Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#solution?ts=markdown) * [Strategic Endpoint Security: Challenges and Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#strategic?ts=markdown) * [Endpoint Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security#faqs?ts=markdown) Endpoint security is a cybersecurity approach to protecting end-user devices---such as laptops, servers, and mobile devices---from cyberthreats and malicious activity. As remote work and cloud adoption expand the digital attack surface, endpoints have become the primary entry point for threat actors. A modern Endpoint Protection Platform (EPP) moves beyond traditional antivirus by integrating AI-powered analytics and continuous monitoring to stop attacks before damage occurs. This defense is crucial: **[Unit 42 data](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) shows that [endpoints](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint?ts=markdown) are the main target in 72% of incidents, often serving as the launchpad for multi-front attacks that exploit both**. Key Points * **Endpoints are primary targets** and entry points for 72% of cyber attacks. \* **Modern protection relies on AI and behavioral analytics** (NGAV) rather than static signatures. \* **A full-spectrum defense** combines prevention (EPP), detection/response (EDR), and integrated visibility (XDR). \* **Zero Trust** is enforced at the endpoint, continuously verifying device posture and limiting lateral movement. \* **Unified visibility and management** are essential for securing remote workers and hybrid cloud environments. ### Unit 42 Case Study: How a Medical Center Stopped Ransomware ![Enloe Medical Center Utilized Cortex XDR to Detect, Respond, and Minimize the Impact of Ransomware Events. After a Ransomware Attack left Enloe Medical Center’s security operations exposed, Unit 42 and Cortex XDR was adopted to stop sophisticated attacks.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/video/thumbnail-how-medical-center-stopped-ransomware.jpg) close ## Key Data: Fronts of Attacks A single compromised device without comprehensive protection can serve as a launchpad for [ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown), [data exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown), and privilege escalation. ​​This risk is underscored by the attack front data below, which indicates where threat actors concentrate their operations. **Key Data: Fronts of Attacks** | **Fronts of Attacks** | **Percentage of Cases (Unit 42 2024)** | |-----------------------|----------------------------------------| | Endpoints | 72% | | Human | 65% | | Identity | 63% | | Network | 58% | | Email | 28% | | Cloud | 27% | | Application | 21% | | SecOps | 14% | | Database | 1% | ## Why Endpoint Security Is Mandatory For CISOs and IT leaders, a comprehensive endpoint strategy is a mandatory control that directly manages organizational risk and maintains operational resilience: * **Stops Multi-Front Incidents** : Over [70% of incidents tracked by Unit 42](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) span three or more fronts (endpoints, cloud, identity). Modern Extended Detection and Response (XDR) is required to gain the unified visibility needed to stop these chained attacks. * **Defeats Evolving Threats** : Modern protection relies on AI to combat polymorphic, fileless, and [zero-day attacks](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention?ts=markdown) that bypass static, signature-only solutions. * **Ensures Compliance** : Strong endpoint controls, especially regarding data access and logging, are foundational for meeting key data protection regulations, including [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown) and [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown). * **Guarantees Continuity**: By minimizing incident scope, impact, and downtime, high-efficacy endpoint security protects against massive financial losses and reputational damage. ![A four-step graphic illustrating the Endpoint Security process: 1. Threat Detection (identifying a threat via analysis/tools); 2. Threat Response (quarantining the endpoint and blocking malicious activity); 3. Centralized Alert (notifying the security team and activating automated policies); and 4. Remediation and Protection (analyzing, removing the threat, restoring the system, and preventing future unauthorized access via encryption).](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-endpoint-security/endpoint-security-process.png "Endpoint Security Lifecycle at a Glance") **Figure 1**: Endpoint Security Lifecycle at a Glance ## How Does Endpoint Security Work? Endpoint security extends protection beyond the network perimeter to every device that connects to the organization's systems. ![Central management console connected to endpoint devices, showing continuous monitoring and protection.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-endpoint-security/centralized-management-console.webp "A centralized management console is installed on a network server or in the cloud, and client software is installed on each endpoint device.") **Figure 2**: A centralized management console is installed on a network server or in the cloud, and client software is installed on each endpoint device. ### ​​Unified Platform and Centralized Protection Modern endpoint security solutions operate on a client--server model designed to streamline management and protection across an organization's network. A centralized management console, typically hosted on a network server or in the cloud, serves as the command center. From this console, administrators can monitor, manage, and enforce security policies for every connected endpoint device, including laptops, mobile devices, and servers. Each endpoint runs a lightweight client agent that communicates with the console, sharing telemetry data and receiving updates or threat intelligence in real time. This centralized approach enables unified visibility, faster response times, and consistent security coverage across the enterprise. ### Advanced Detection and Automated Response Modern endpoint protection platforms integrate advanced detection and automated response capabilities to counter increasingly sophisticated attacks. These systems perform the following functions continuously: * Monitor endpoint behavior * Analyze data for anomalies * Automatically respond to suspicious activity, often before human intervention is needed. By combining machine learning, behavioral analytics, and threat intelligence, endpoint solutions can detect and neutralize fileless malware, ransomware, and zero-day exploits that might otherwise evade conventional defenses. This proactive, adaptive defense strategy transforms endpoint security from a reactive safeguard into an intelligent, predictive protection layer for the entire organization. ## Types of Endpoint Security: A Multi-Layered Approach A multi-layered endpoint defense relies on several complementary technologies that work together to detect, prevent, and respond to cyberthreats. Below are the most common [types of endpoint security](https://www.paloaltonetworks.com/cyberpedia/types-of-endpoint-security?ts=markdown) used by enterprises today. **Comparison of Endpoint Security Types** | **Type** | **Primary Function** | **Detection / Protection Method** | **Example Technologies or Tools** | |------------------------------------------------------------------------|--------------------------------------------------------------------|-------------------------------------------------------------------------|-------------------------------------------------------------------------------| | **Endpoint Protection Platform (EPP)** | Baseline defense against common threats like malware and phishing | Signature-based scanning, firewall, encryption, and policy enforcement | Palo Alto Networks Cortex XDR | | **Endpoint Detection and Response (EDR)** | Continuous monitoring, detection, and response to active threats | Behavioral analytics, telemetry collection, and real time investigation | Palo Alto Networks Cortex XDR (EDR capabilities) | | **Extended Detection and Response (XDR)** | Correlates and automates responses across multiple security layers | Unified data from endpoints, network, cloud, and identity systems | Palo Alto Networks Cortex XDR; XSIAM (AI-Driven SOC Platform) | | **Next-Generation Antivirus (NGAV)** | Blocks advanced and unknown malware using AI and behavior analysis | Machine learning, heuristic analysis, behavioral modeling | Palo Alto Networks Cortex XDR (NGAV engine) | | **Device Control \& Data Loss Prevention (DLP)** | Prevents data leaks and unauthorized device use | Endpoint monitoring, data classification, and policy-based restrictions | Enterprise DLP integrated with Cortex XDR and Prisma Access | | **Patch Management \& Vulnerability Assessment** | Reduces exposure by fixing known vulnerabilities | Automated patch deployment, vulnerability scanning | Cortex Xpanse (Attack Surface Management)+ Prisma Cloud (Workload Protection) | | **Mobile Device Management (MDM) / Unified Endpoint Management (UEM)** | Manages and secures mobile, remote, and BYOD endpoints | Policy enforcement, remote wipe, app, and identity management | Palo Alto Networks GlobalProtect (VPN \& ZTNA) + Strata Cloud Manager | ### Endpoint Protection Platforms (EPPs) [EPP solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint-protection-platform-epp?ts=markdown) provide a baseline defense against known threats such as malware, phishing, and ransomware. They typically include antivirus, firewall, and encryption capabilities --- all managed through a centralized console. EPP acts as the first line of defense, blocking threats before they can compromise devices. Core EPP features typically include: * [Next-generation antivirus (NGAV)](https://www.paloaltonetworks.com/cyberpedia/what-is-next-generation-anti-virus?ts=markdown) * [Host-based firewalls](https://www.paloaltonetworks.com/cyberpedia/what-is-a-host-based-firewall?ts=markdown) and intrusion prevention * Device and application control * Disk encryption and [data loss prevention (DLP)](https://www.paloaltonetworks.com/cyberpedia/what-is-data-loss-prevention-dlp?ts=markdown) * Patch management and vulnerability scanning * Centralized policy management ### Endpoint Detection and Response (EDR) [EDR](https://www.paloaltonetworks.com/cyberpedia/what-is-edr-management?ts=markdown) goes beyond prevention by providing continuous monitoring and threat-hunting capabilities. It records and analyzes endpoint activity to detect anomalies, suspicious behaviors, or lateral movement attempts. When a threat is detected, EDR enables rapid isolation, investigation, and remediation (automated isolation and containment of infected [endpoints](https://www.paloaltonetworks.com/cyberpedia/what-is-an-endpoint?ts=markdown)) --- often in real time. EDR shifts organizations from reactive cleanup to proactive detection and response. ### Extended Detection and Response (XDR) [XDR](https://www.paloaltonetworks.com/cyberpedia/what-is-extended-detection-response-XDR?ts=markdown) extends the EDR concept by integrating data from multiple security layers --- including network, email, cloud, and identity systems. This cross-domain visibility improves threat correlation and enables automated, coordinated responses across the environment. XDR helps security teams reduce alert fatigue and uncover advanced threats that span beyond endpoints. ### Next-Generation Antivirus (NGAV) [NGAV](https://www.paloaltonetworks.com/cyberpedia/what-is-next-generation-anti-virus?ts=markdown) uses machine learning and behavioral analytics to identify never-before-seen threats, rather than relying solely on signature-based detection. It can detect zero-day exploits, fileless malware, and polymorphic attacks, making it more effective than legacy antivirus solutions. NGAV serves as a critical layer of prevention in modern endpoint architectures. ### Device Control and Data Loss Prevention (DLP) These technologies protect against [insider threats](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown) and [data exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown). Device control regulates the use of removable media and peripheral connections, while [DLP](https://www.paloaltonetworks.com/cyberpedia/what-is-data-loss-prevention-dlp?ts=markdown) monitors and restricts the movement of sensitive data. Together, they help ensure data integrity and compliance across distributed devices. ### Patch Management and Vulnerability Assessment These tools ensure endpoints remain secure by identifying and remediating software vulnerabilities before attackers exploit them. Automated patch deployment helps maintain compliance, reduce manual workload, and close security gaps in real time. ### Mobile Device Management (MDM) and Unified Endpoint Management (UEM) MDM and UEM solutions give administrators control over mobile and hybrid endpoints, enforcing policies and securing devices used in BYOD and remote work environments. UEM unifies control of laptops, smartphones, tablets, and IoT devices within a single platform. In combination, these technologies create a defense-in-depth model that protects endpoints across all phases of an attack --- from initial compromise to post-incident recovery. A layered approach ensures that if one control fails, another is ready to detect, block, or remediate the threat. ## Traditional Antivirus vs. Modern Endpoint Security One of the most common points of confusion in cybersecurity is the distinction between [traditional antivirus software and modern endpoint security platforms](https://www.paloaltonetworks.com/cyberpedia/advanced-endpoint-security-vs-antivirus?ts=markdown). While both aim to protect devices from threats, their methods, scope, and sophistication differ significantly. Traditional antivirus software relies primarily on signature-based detection --- it compares files and programs against a database of known malware. While effective at identifying previously cataloged threats, this approach fails to detect new, unknown, or zero-day attacks that lack a signature. The table below shows the key differences between traditional antivirus and modern endpoint security in scope, capability, and response maturity: **Comparison of Traditional Antivirus vs. Modern Endpoint Security** |-----------------------|-------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------| | **Feature** | **Traditional Antivirus** | **Modern Endpoint Security** | | **Threat Protection** | Detects and removes known malware based on stored signatures. | Identifies and neutralizes known, unknown, and fileless threats using AI, analytics, and threat intelligence. | | **Coverage** | Protects individual devices only. | Secures the entire network of endpoints, including laptops, servers, and cloud workloads. | | **Workflow** | Reactive: Scans for infections and removes them after compromise. | Proactive: Continuously monitors, detects, and responds to suspicious activity in real time. | Modern endpoint protection software, on the other hand, uses a multi-layered defense model that combines traditional signature detection with behavioral analytics, machine learning, and integrated threat intelligence. This allows it to recognize suspicious patterns, detect fileless malware, and automatically respond to advanced threats in real time. ## Implementing Zero Trust for Endpoint Security [Zero Trust](https://www.paloaltonetworks.com/cyberpedia/extending-zero-trust-to-the-endpoint?ts=markdown) is a foundational security concept that operates on the principle: "never trust, always verify." For endpoints, this means no device, user, or application is inherently trusted, regardless of its location or network segment. Every connection and resource request must be explicitly authorized. ![Zero Trust diagram showing XDR/SOC console connected to endpoint, cloud, network, and email for continuous inspection.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-endpoint-security/integrated-security-platform-with-zero-trust-endpoint-security.webp "Integrated Security Platform with Zero Trust Endpoint Security") **Figure 3**: Integrated Security Platform with Zero Trust Endpoint Security [Applying Zero Trust principles to endpoints](https://www.paloaltonetworks.com/cyberpedia/extending-zero-trust-to-the-endpoint?ts=markdown) involves granular access control and continuous verification of device posture, user identity, and application health. This model significantly limits an attacker's ability to [move laterally](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown) across the network, even if they compromise a single endpoint. It strengthens the security boundary around every user and device. **Leading from the Front: Palo Alto Networks XDR/ZTNA 2.0 vs. Legacy EDR** | **Feature** | **Legacy EDR/AV** | **Palo Alto Networks XDR/ZTNA 2.0** | |-------------------|------------------------------------|-------------------------------------------------| | **Scope of Data** | Endpoint Telemetry Only | Endpoint, Network, Cloud, Identity | | **Primary Goal** | Detect and Respond on the Endpoint | Detect, Respond, and **Prevent** Across Domains | | **Response** | Manual or Semi-Automated | Automated Cross-Domain Remediation | | **Access Model** | Perimeter/VPN-Centric | **ZTNA 2.0** (Zero Trust) | | **Intelligence** | Primarily Signature/IOC-Based | Elite **Unit 42** Adversary Intelligence | ## Other Key Components A complete endpoint security strategy combines multiple technologies to prevent, detect, and respond to threats. In addition to EPP, EDR, and XDR, several other essential components reinforce device-level and network-wide protection. * **Firewalls** : [Firewalls](https://www.paloaltonetworks.com/cyberpedia/what-is-a-firewall?ts=markdown) act as a first line of defense by controlling incoming and outgoing network traffic at the device level. They block unauthorized access, enforce security policies, and monitor network activity for suspicious connections. * **Data Loss Prevention (DLP)** : DLP solutions prevent the unauthorized transfer, sharing, or leakage of [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown). They monitor data in motion, at rest, and in use, ensuring compliance with organizational and regulatory data protection standards. * **Application Control**: This feature uses whitelisting and blacklisting to manage which applications can execute on an endpoint. By allowing only trusted applications, it helps reduce the attack surface and prevents malicious or unapproved software from running. * **Vulnerability Management** : [Vulnerability management](https://www.paloaltonetworks.com/cyberpedia/vulnerability-management?ts=markdown) tools identify, assess, and prioritize software weaknesses that attackers could exploit. Regular scanning and patch deployment ensure endpoints remain secure and compliant with security policies. * **Endpoint Encryption**: Encryption protects data at rest by converting it into an unreadable format. If a device is lost or stolen, encryption ensures sensitive information remains inaccessible without proper authentication. ## Selecting the Optimal Endpoint Security Solution Choosing the right endpoint security solution is one of the most critical decisions an organization can make. The ideal platform depends on your organization's size, industry, risk profile, and available resources. Because not all solutions offer the same depth of protection or scalability, selecting the right one requires a careful assessment of both current needs and future growth. To simplify this process, organizations can use the following framework when evaluating potential solutions: ### Industry \& Compliance Every industry faces unique regulatory and threat landscapes. For example, healthcare organizations must comply with [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown), while financial institutions must comply with [PCI DSS](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown) or SOX. The right endpoint security platform should include built-in compliance reporting, audit-readiness, and policy-enforcement capabilities that align with your sector's specific standards. ### Data Sensitivity The type and value of the data your organization handles directly impact the level of security required. Highly confidential or regulated data, such as customer [PII](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown), intellectual property, or trade secrets, demands solutions with advanced data loss prevention (DLP), encryption, and zero-trust access controls to protect information both in transit and at rest. ### Budget \& Resources Endpoint security should deliver strong protection without overextending internal resources. Evaluate the total cost of ownership (TCO), including licensing, deployment, maintenance, and staffing. A cloud-delivered or managed solution can reduce operational overhead and provide enterprise-grade defense without requiring large in-house teams. ### Layered Defense No single technology can protect against every threat. A comprehensive strategy typically combines multiple security layers --- for instance, EPP for prevention and EDR for detection and response --- to deliver defense-in-depth. The most mature organizations extend this approach through XDR or SIEM integrations, achieving unified visibility and faster incident response across all endpoints and environments. When these factors are evaluated together, they guide decision-makers toward a solution that balances security efficacy, compliance, cost, and scalability --- ensuring the chosen endpoint protection strategy fits the organization's risk profile and operational capacity. ## Strategic Endpoint Security: Challenges and Best Practices Implementing and managing endpoint security presents significant challenges across both large enterprises and small-to-midsize businesses (SMBs). Security leaders must navigate complexity, operational overhead, and a rapidly expanding attack surface to maintain a strong security posture. A strategic approach is required to overcome these hurdles. ### Key Security Challenges for Enterprise and SMBs * **Alert Fatigue and False Positives**: Security analysts are constantly overwhelmed by a high volume of low-fidelity alerts, making it easy to miss genuine, critical threats. This leads to burnout and reduced efficiency. * **Asset Sprawl and Shadow IT** : The proliferation of personal and company-owned devices, combined with unauthorized software ([Shadow IT](https://www.paloaltonetworks.com/cyberpedia/shadow-it?ts=markdown)), creates massive visibility gaps. CISOs cannot protect what they cannot see. * **Talent Gap and Operational Overhead**: SMBs often lack the specialized staff required to effectively manage complex EDR/XDR platforms or perform continuous threat hunting. This leaves expensive, advanced tools underutilized. * **BYOD and Remote Workforce Risk**: Devices connecting from outside the corporate network are not protected by traditional perimeter defenses. Enforcing consistent security policies on these devices remains a significant hurdle. ### Essential Endpoint Security Best Practices Checklist Security teams can maximize their endpoint protection effectiveness by focusing on these key, actionable strategies: * **Consolidate Tools**: Adopt a unified EDR or XDR platform to reduce complexity and improve threat correlation across the environment. * **Enable Automated Response**: Configure the security platform to automatically isolate compromised endpoints and terminate malicious processes without requiring manual intervention. * **Prioritize Patch Management**: Maintain a rigorous patching schedule for operating systems and third-party applications to eliminate known vulnerabilities before they are exploited. * **Implement [Least Privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown)**: Restrict user and process permissions to the minimum level necessary for their function, significantly limiting the damage an attacker can inflict. * **Conduct Regular Audits**: Routinely audit endpoint configurations and security policies to ensure compliance and identify overlooked devices or security holes. * **Integrate Threat Intelligence** : Feed up-to-date, relevant [threat intelligence](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) into the endpoint security solution to proactively identify and block emerging campaigns. ## Endpoint Security FAQs ### What's the difference between endpoint security and network security? Endpoint security protects individual devices --- laptops, desktops, servers, and mobile endpoints --- from malware, exploits, and unauthorized access. Network security focuses on traffic control between devices, safeguarding the pathways where data travels. Together, they form a defense-in-depth strategy, with endpoint agents enforcing local protection and firewalls securing the broader environment. ### How does AI improve modern endpoint security? AI enhances endpoint security by detecting anomalies and previously unknown threats that signature-based tools miss. Machine learning models continuously learn from endpoint telemetry, identifying behavioral deviations that may indicate ransomware, fileless malware, or insider attacks --- and can trigger automated responses in real time through platforms like Cortex XDR or XSIAM. ### Can endpoint security protect against phishing and credential theft? Yes --- modern solutions incorporate anti-phishing and credential protection features. They detect suspicious links, block access to malicious domains, and monitor processes that attempt credential dumping or unauthorized authentication. Integration with email and identity protection tools enhances this defense by correlating endpoint and user behavior signals. ### How does endpoint security support Zero Trust architecture? In a Zero Trust model, every access request is authenticated, authorized, and continuously validated, regardless of device or location. Endpoint security enforces these principles by ensuring each device maintains a verified security posture before connecting to corporate networks or cloud apps. Solutions like GlobalProtect and Cortex XDR help maintain that trust boundary at the device level. ### What should organizations monitor to measure endpoint security effectiveness? Key metrics include: * Detection and response time (MTTD/MTTR) * Number of blocked or contained incidents * Patch compliance rate * Endpoint visibility coverage (% of managed devices) * Reduction in manual investigation workload Tracking these metrics through a centralized SOC or XDR console demonstrates whether endpoint controls are actually improving resilience. ### What are the benefits of using cloud-delivered endpoint security vs traditional antivirus? Cloud-delivered endpoint security provides superior, centralized protection by leveraging AI and behavioral analysis to detect advanced and zero-day threats that traditional signature-based antivirus solutions miss. It offers real-time updates, remote management, and comprehensive response (EDR) for all endpoints, regardless of location. ### What are the best threat hunting tools and techniques for endpoint security monitoring? The most effective tools for endpoint threat hunting are modern Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) solutions, such as [Cortex XDR](https://start.paloaltonetworks.com/2024-forrester-xdr-wave-leader). These platforms continuously collect and analyze a massive volume of telemetry data from endpoints (process execution, file changes, network connections) to enable deep investigation. ### How does ransomware protection work to secure endpoints? Ransomware protection for endpoints works through a multi-layered approach, primarily leveraging Next-Generation Antivirus (NGAV) for prevention and Endpoint Detection and Response (EDR) for behavioral detection, containment, and recovery. ### What is adaptive endpoint protection and how does it work? Adaptive Endpoint Protection is an advanced, proactive security model that uses Artificial Intelligence (AI) and Machine Learning (ML) to continuously learn your organization's normal environment and automatically adjust its security posture and policies in real-time. It moves beyond a static, one-size-fits-all defense to provide customized, dynamic protection for every endpoint. Adaptive Endpoint Protection automatically reduces the attack surface and forces attackers to continuously adapt to a security environment uniquely configured to defeat them. Related content [Cortex XDR AI-driven endpoint security that reduces alerts by 98%, responds automatically, and works out of the box.](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) [2025 Gartner Voice of the Customer for EPP Recognized as a Customers' Choice with the Highest Willingness to Recommend score.](https://start.paloaltonetworks.com/gartner-mq-endpoint) [Glacier Bancorp hardens security without breaking the bank See how they replaced their legacy antivirus solution with Cortex XDR, transforming visibility and protection and decreasing MTTR by 80%.](https://www.paloaltonetworks.com/customers/glacier-bancorp-hardens-security-without-breaking-the-bank?ts=markdown) [XDR for Dummies Learn what XDR is and what it isn't in our easy-to-understand guide.](https://www.paloaltonetworks.com/resources/guides/xdr-for-dummies?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Endpoint%20Security%3F%20EPP%2C%20EDR%2C%20and%20XDR%20Explained&body=Discover%20the%20complete%20guide%20to%20modern%20endpoint%20security%E2%80%94from%20EPP%20and%20EDR%20to%20XDR%2C%20see%20how%20our%20AI-driven%20solutions%20prevent%20and%20respond%20to%20evolving%20cyberthreats.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-endpoint-security) Back to Top [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection?ts=markdown) What Is Endpoint Detection? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language