[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-security-solution?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.paloaltonetworks.com/deploybravely?ts=markdown) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Identity Security](https://www.paloaltonetworks.com/cyberpedia/identity-security?ts=markdown) 3. [Identity Governance and Administration](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga?ts=markdown) 4. [IGA](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga?ts=markdown) Table of Contents * [What Is Modern IGA? Identity Governance Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga?ts=markdown) * [Modern IGA Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#explained?ts=markdown) * [The Evolution of Identity Governance: From Legacy to Modern](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#evolution?ts=markdown) * [Core Mechanisms: How Modern IGA Functions](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#core?ts=markdown) * [Key Benefits for the Modern Security Stack](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#key?ts=markdown) * [Addressing the Non-Human Identity (NHI) Challenge](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#challenge?ts=markdown) * [Modern IGA Challenges and Practical Solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#solutions?ts=markdown) * [Modern IGA FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga#faqs?ts=markdown) * What Is Identity Governance and Administration? * [Identity Governance and Administration (IGA) Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#identity?ts=markdown) * [Core Pillars of Identity Governance and Administration](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#core?ts=markdown) * [Why IGA Is Critical for Modern Enterprises](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#why?ts=markdown) * [Business-Level Outcomes of IGA](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#business?ts=markdown) * [Implementation Steps for an IGA Program](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#implementation?ts=markdown) * [IGA and the Zero Trust Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#model?ts=markdown) * [Operational Challenges and Attack Containment Behavior](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#operaitonal?ts=markdown) * [Identity Governance and Administration (IGA) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#faqs?ts=markdown) * [What Is Identity Lifecycle Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management?ts=markdown) * [Identity Lifecycle Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#explained?ts=markdown) * [The Four Pillars of Identity Lifecycle Management](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#pillars?ts=markdown) * [Strategic Benefits: Why ILM Is a Cybersecurity Necessity](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#benefits?ts=markdown) * [Real-World Use Cases for Identity Lifecycle Management](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#use-cases?ts=markdown) * [Disrupting Attackers](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#disrupting-attackers?ts=markdown) * [Modernizing ILM: Just-in-Time Access and Non-Standing](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#modernizing-ilm?ts=markdown) * [Privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#privilege?ts=markdown) * [Critical Challenges and Solutions in Modern ILM Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#challenges?ts=markdown) * [ILM vs. IAM](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#ilm-vs-iam?ts=markdown) * [Identity Lifecycle Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management#faqs?ts=markdown) * [What Is NIST SP 800-207? zero trust Architecture Framework](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207?ts=markdown) * [What Does NIST SP 800-207 Compliance Mean?](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#what?ts=markdown) * [Why NIST SP 800-207 Matters Today](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#why?ts=markdown) * [NIST Zero Trust Tenets](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#nist?ts=markdown) * [Zero Trust Architecture Components](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#components?ts=markdown) * [What Signals Inform A Trust Decision?](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#decision?ts=markdown) * [How Trust Decisions Typically Work](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#how?ts=markdown) * [Common Zero Trust Deployment Models](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#models?ts=markdown) * [Benefits And Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#benefits?ts=markdown) * [Practical Implementation Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#practical?ts=markdown) * [NIST SP 800-207 FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207#faqs?ts=markdown) # What Is Identity Governance and Administration (IGA)? 3 min. read [Explore Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) Table of Contents * * [Identity Governance and Administration (IGA) Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#identity?ts=markdown) * [Core Pillars of Identity Governance and Administration](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#core?ts=markdown) * [Why IGA Is Critical for Modern Enterprises](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#why?ts=markdown) * [Business-Level Outcomes of IGA](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#business?ts=markdown) * [Implementation Steps for an IGA Program](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#implementation?ts=markdown) * [IGA and the Zero Trust Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#model?ts=markdown) * [Operational Challenges and Attack Containment Behavior](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#operaitonal?ts=markdown) * [Identity Governance and Administration (IGA) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#faqs?ts=markdown) 1. Identity Governance and Administration (IGA) Explained * * [Identity Governance and Administration (IGA) Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#identity?ts=markdown) * [Core Pillars of Identity Governance and Administration](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#core?ts=markdown) * [Why IGA Is Critical for Modern Enterprises](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#why?ts=markdown) * [Business-Level Outcomes of IGA](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#business?ts=markdown) * [Implementation Steps for an IGA Program](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#implementation?ts=markdown) * [IGA and the Zero Trust Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#model?ts=markdown) * [Operational Challenges and Attack Containment Behavior](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#operaitonal?ts=markdown) * [Identity Governance and Administration (IGA) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga#faqs?ts=markdown) Identity Governance and Administration (IGA) solutions efficiently manage digital identities and access rights across diverse systems and are used by corporate information security, risk management, compliance teams, and IT organizations. IGA solutions help businesses strengthen security, simplify operations, streamline onboarding, and improve compliance with government regulations, industry standards, or corporate policies. IGA capabilities are just one part of a unified Identity Security platform and work in tandem with Identity and Access Management (IAM) and Privileged Access Management (PAM) services. Key Points * **Policy Enforcement**: Automates rules to grant, manage, and revoke access rights systematically across all organizational systems. \* **Access Certification**: Periodically reviews and validates existing user access to ensure compliance with internal controls and regulations. \* **Auditing and Reporting**: Generates defensible logs and reports required to meet mandates (e.g., SOX, GDPR, HIPAA). \* **Lifecycle Management**: Governs identities from initial creation through role changes to secure de-provisioning. \* **Risk Mitigation**: Actively reduces excess entitlements and limits the attack surface for lateral movement threats. ## Identity Governance and Administration (IGA) Explained IGA is the definitive process for managing digital identity lifecycles and enforcing organizational access policies at scale. IGA solutions fuse the two primary identity functions: Governance and Administration. Governance focuses on the auditing, policy, and risk side of identity management. It determines who should have access based on business needs and risk tolerance. Administration focuses on the mechanical, day-to-day tasks of granting and revoking access to IT systems. By unifying these functions, IGA moves beyond simple [access management](https://www.paloaltonetworks.com/cyberpedia/access-management?ts=markdown). It transforms [identity security](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-security?ts=markdown) from a manual, reactive process into a centralized, automated, and proactive business function. This holistic approach is critical for mitigating [insider threats](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown), preventing [lateral movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown) by attackers, and maintaining a verifiable audit trail. ### The Challenge Managing digital identities and access privileges is a significant challenge for many organizations. In today's world, a diverse collection of users (including employees, contractors, temporary workers and vendors) have access to a wide array of applications and systems scattered across on-premises and cloud-based infrastructure. Many IT and security organizations continue to rely on manual processes to onboard users and manage their evolving access rights throughout the user lifecycle --- a resource-intensive, error-prone, and time-consuming proposition: * It can take days or even weeks for new hires to gain access to the applications and services they need to perform their jobs. * Threat actors can exploit over-permissioned or orphaned accounts to steal confidential data and orchestrate attacks. * Data breaches and cybersecurity incidents can damage a company's reputation, disrupt business, and result in costly regulatory fines and legal settlements. IGA solutions are designed to help businesses improve oversight, eliminate human latency and error, and mitigate risk by automating routine digital identity and access rights management functions. Real-world example: Instead of IT manually fulfilling "give access to X" tickets for days, a user requests access in a portal, the request routes to the data owner, SoD policies are checked automatically, and access is granted immediately after approval---with a clean audit trail. ### IGA vs. IAM vs. PAM: The Identity Security Ecosystem IGA is a specialized, strategic component that complements the functions of [Identity and Access Management (IAM)](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown) and Privileged Access Management (PAM) within a comprehensive identity security strategy. The relationship between the three is often misunderstood. IGA provides the policy layer for all identities and entitlements, while IAM and PAM execute those policies for their respective identity groups. These three disciplines work in concert to protect the modern enterprise: * **IGA** focuses on the oversight, policy, and compliance aspects for all identities (eg, IGA ensures only the right roles keep Salesforce access over time (and removes it when roles change). * **IAM** focuses on authentication and basic access for all users (eg, IAM handles login (SSO/MFA) for Salesforce). * **PAM** focuses on high-risk, [non-human](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown), and privileged access (eg, PAM governs elevated access *(e.g., temporary admin to production systems) and records sessions)*. **Comparison of the Identity Security Ecosystem Disciplines** | **Feature** | **Identity Governance and Administration (IGA)** | **Identity and Access Management (IAM)** | **Privileged Access Management (PAM)** | |-----------------------|------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | **Primary Goal** | Policy enforcement, audit, risk mitigation, and compliance reporting. | Authentication, authorization, and basic access control (SSO, MFA). | Securing, monitoring, and governing elevated/sensitive access for human and [machine identities](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity?ts=markdown). | | **Key Focus** | Governance: Who should have access and why. | Access: Can this user authenticate and reach the resource? | Control: Protecting and managing high-risk entitlements. | | **Core Components** | Access Certification, Policy Enforcement, Segregation of Duties (SoD), Auditing, Provisioning. | [Single Sign-On (SSO)](https://www.paloaltonetworks.com/cyberpedia/what-is-single-sign-on-sso?ts=markdown), Multi-Factor Authentication (MFA), and User Directory. | Session Monitoring, [Just-in-Time (JIT) Access](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown), Secrets Management, Credential Vaulting. | | **Typical User Base** | All identities (employees, contractors, partners, machines). | All identities. | Human administrators, developers, DevOps tools, machine identities, and critical processes. | **Table 1**: Differences Between IGA, IAM, and PAM ## Core Pillars of Identity Governance and Administration Effective IGA solutions are built on automated capabilities that manage access rights throughout the identity lifecycle and across diverse IT systems. These capabilities must be integrated with HR systems, cloud directories, and IT service management tools to eliminate manual intervention, which is a common source of risk and latency. Identity governance and administration (IGA) is built on a few core pillars that keep access both usable and controlled. Together, these pillars define how an organization grants access, reviews it over time, enforces policy, and proves compliance---without turning every request into a slow, manual bottleneck. ### Identity Lifecycle Management [Identity Lifecycle Management (ILM)](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management?ts=markdown) automates the end-to-end lifecycle of a digital identity, ensuring appropriate controls are applied from creation through retirement. This pillar focuses on three crucial stages: 1. **Onboarding (Joiner)**: Automatically provisions initial access rights and accounts required by a user's job role or defined policies, significantly reducing time-to-productivity for new employees. 2. **Transfers (Mover)** : Automatically adjusts access rights when an employee changes roles, applying the [principle of least privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege?ts=markdown) by revoking entitlements no longer required and provisioning those that are. 3. **Offboarding (Leaver)**: Immediately and automatically de-provisions or suspends all accounts and entitlements when an employee leaves the organization, minimizing the critical risk window posed by dormant or orphaned accounts. ### Access Requests and Provisioning IGA administers access requests through a self-service model, ensuring that every requested entitlement is vetted against predefined security policies before automated provisioning occurs. Users can use a self-service portal to request access to specific applications or data. The IGA solution then: * **Checks the request** against Segregation of Duties (SoD) policies to prevent toxic access combinations. * **Routes the request** through intelligent, pre-defined workflows for supervisory or policy approval. * **Automatically provisions access** immediately upon approval, and de-provisions it upon expiration. ### Access Certification and Review Access Certification, also known as access review, is a governance control that regularly validates that a user's current access rights remain appropriate and necessary for their role. This is a non-negotiable requirement for many compliance mandates. IGA automates this process by: * **Scheduling periodic reviews** (e.g., quarterly or annually) for specific high-risk resources. * **Presenting reviewers** (like managers or application owners) with simple-to-use dashboards showing current access. * **Recording all approvals and rejections** in an immutable audit trail for forensic and compliance purposes. ### Entitlement and Policy Enforcement The IGA solution monitors and enforces the entire set of access policies, ensuring that security and business rules are consistently applied across all applications and infrastructure. This involves managing a large number of granular entitlements, the specific rights granted to an identity. IGA's policy engine centrally governs these entitlements, providing a crucial check against permission creep and unauthorized changes. ## Why IGA Is Critical for Modern Enterprises IGA is no longer a luxury but a fundamental necessity for organizations operating in complex hybrid environments where identities are the new perimeter. ### Mitigating Risk and Preventing Data Breaches IGA substantially reduces the [attack surface](https://www.paloaltonetworks.com/cyberpedia/a-cisos-guide-to-attack-surface-management?ts=markdown) by enforcing least privilege and minimizing the presence of unused or excessive access rights. Unmanaged identities and over-permissioned accounts are prime targets for threat actors, as documented extensively by Palo Alto Networks [Unit 42 research](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown). IGA systematically eliminates these vulnerabilities by providing access discovery to map every identity and entitlement, allowing security teams to revoke unnecessary privileges before they are exploited. ### Streamlining Audit and Regulatory Compliance IGA is the single most effective tool for generating the verifiable evidence required by internal and external auditors for major compliance frameworks. The automation of access certification, segregation-of-duties checks, and the generation of detailed, tamper-proof reports drastically reduces the time and cost associated with compliance efforts. Frameworks commonly supported include: * **Financial/IT** : Sarbanes-Oxley (SOX), [NIST](https://www.paloaltonetworks.com/cyberpedia/nist?ts=markdown) Cybersecurity Framework (CSF), [SOC 2](https://www.paloaltonetworks.com/cyberpedia/soc-2?ts=markdown), New York Department of Financial Services ([NYDFS](https://www.dfs.ny.gov/industry_guidance/cybersecurity)). * **Data Privacy** : [General Data Protection Regulation (GDPR)](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), California Consumer Privacy Act (CCPA). * **Healthcare** : [Health Insurance Portability and Accountability Act (HIPAA)](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown). ### Enhancing Operational Efficiency Automating provisioning and access request workflows improves overall organizational agility and eliminates critical IT friction points. Instead of days or weeks of manual ticket processing, IGA allows new employees to gain required access within minutes. This reduces help desk calls, increases the security team's focus on strategic tasks, and improves user satisfaction across the organization. ## Business-Level Outcomes of IGA A well-implemented identity governance and administration (IGA) program delivers measurable business value beyond security. By standardizing how access is granted, reviewed, and documented, IGA turns identity processes into repeatable controls that reduce operational drag and compliance risk. ### Reduced Audit Burden IGA centralizes access records and approvals into a defensible audit trail. Instead of hunting through tickets, spreadsheets, and email chains, teams can quickly show who had access, why they had it, who approved it, and when it changed---shrinking audit prep time and disruption. ### Simplified Access Reviews Access certifications become faster and more accurate because IGA automates review campaigns and presents clean, role-based dashboards to the right decision-makers (managers and application/data owners). This reduces review fatigue, improves accountability, and makes it easier to remove stale access before it becomes risk. ### Faster Role Provisioning By integrating with HR and directory systems, IGA automates joiner/mover/leaver workflows and provisions access based on roles and policy. The result is less ticket backlog, faster time-to-productivity for employees, and fewer "temporary" entitlements that quietly become permanent. ### Improving Regulatory Compliance IGA solutions help organizations comply with a variety of government and industry regulations and architectures, including: * Data privacy mandates ([HIPAA](https://www.hhs.gov/hipaa/index.html), [GDPR](https://gdpr-info.eu/), [CCPA](https://oag.ca.gov/privacy/ccpa), [GLBA](https://www.govinfo.gov/content/pkg/PLAW-106publ102/pdf/PLAW-106publ102.pdf)) * Cybersecurity rules ([SOX](https://www.govinfo.gov/content/pkg/COMPS-1883/pdf/COMPS-1883.pdf), [SWIFT CSCF](https://www.swift.com/myswift/customer-security-programme-csp/security-controls), [EU Directive on Network and Information Systems](https://digital-strategy.ec.europa.eu/en/policies/nis2-directive), [NERP CIP](https://www.nerc.com/pa/Stand/Reliability%20Standards/CIP-007-6.pdf), [FISMA](https://www.cisa.gov/topics/cyber-threats-and-advisories/federal-information-security-modernization-act)) * Cybersecurity frameworks ([COBIT IT Governance Framework](https://www.isaca.org/resources/cobit), [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework), [NIST Framework for Improving Critical Infrastructure Cybersecurity](https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf), [NIST SP 800-207 ZTA](https://www.paloaltonetworks.com/cyberpedia/what-is-nist-sp-800-207)) Some IGA solutions include detailed event logs, administrative reports, and dashboards that IT, risk management, and security professionals can use to monitor compliance and provide evidence of compliance to internal auditors or outside attestation firms. ## Implementation Steps for an IGA Program Once you've decided to implement an IGA solution---or maybe replace your legacy IGA with a Modern IGA solution---then the process is fairly straightforward. Steps involved vary somewhat but include the following: * Initiate project management---success criteria, milestones, personnel, meeting cadence, etc. * Identify applications to integrate, primary user directory, and SSO provider information. * Integrate the IGA with your directory and SSO applications. * Integrate applications, mapping accounts to users in the directory, and defining permissions. * Create custom actions, access review configurations, and execute an access review. * Continue with user provisioning setup, configuration, and verification. ## IGA and the Zero Trust Security Model IGA is a prerequisite for achieving a mature [Zero Trust architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture?ts=markdown), serving as the continuous policy-enforcement point for all access. The core principle of Zero Trust is "never trust, always verify." IGA embodies this by continuously governing the trust established for every identity. IGA supports Zero Trust by: 1. **Continuous Verification**: Ensuring the access rights granted to an identity remain valid and minimal over time, regardless of where the identity is connecting from. 2. **[Microsegmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-microsegmentation?ts=markdown) and Least Privilege**: Driving down access to the lowest possible level by applying granular entitlements that are time-bound and purpose-bound. 3. **Contextual Policy**: Integrating with tools like IAM solutions to inform real-time decisions, ensuring access is revoked or elevated based on factors like time, location, device health, and observed user behavior. ## Operational Challenges and Attack Containment Behavior While IGA offers significant security benefits, organizations face operational challenges during implementation and maintenance. If not managed, these difficulties can create security gaps that threat actors exploit. ### Common IGA Challenges #### 1. Data Quality and Integrity Issues * **Inaccurate Source Data**: The IGA platform's effectiveness hinges on clean, accurate data from identity stores and Human Resources (HR) systems. Subpar data quality results in incorrect access grants and improperly provisioned accounts. * **Manual Maintenance Risk**: Over-reliance on manual processes for entitlement and role cleanup increases the risk of human error and significantly slows down the enforcement of security policies. #### 2. Connector Complexity * **Integration with Specialized/Legacy Systems**: Integrating the IGA platform with specialized, homegrown, or legacy systems often requires developing resource-intensive custom connectors. #### 3. Policy and Role Management Overload * **Unmanageable Complexity**: Developing an excessive number of fine-grained policies or roles creates an overly complex system that is difficult to manage, audit, and debug. This complexity can inadvertently degrade system performance or introduce security vulnerabilities. ### IGA's Role in Attack Containment In an active breach scenario, IGA data is vital for rapid remediation and attack containment. The ability to visualize all access points and privileges associated with a compromised user is critical. A modern [Security Operations Center (SOC)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-soc?ts=markdown) leverages the identity context from IGA to disrupt attacker operations. For instance, if Unit 42 analysts identify a successful privilege escalation, the IGA audit trail can immediately show what entitlements the threat actor gained and how they acquired them. Integrating IGA with [threat detection and response](https://www.paloaltonetworks.com/cyberpedia/identity-threat-detection-and-response-itdr?ts=markdown) platforms enables automated policy changes. This can include quarantining the identity immediately and revoking all standing and Just-in-Time (JIT) access to contain the breach. The goal is to interrupt the attack lifecycle and quickly prevent further lateral movement. ## Identity Governance and Administration (IGA) FAQs ### What is the difference between Segregation of Duties (SoD) and least privilege? Segregation of Duties (SoD) is a high-level policy principle, while least privilege is a granular technical control enforced by IGA. SoD ensures that no single user can complete a high-risk financial or technical transaction independently (e.g., creating a vendor and paying the vendor). Least privilege ensures that every user, human or machine, has only the minimum permissions necessary to perform their job function, reducing the potential blast radius of a compromised account. IGA enforces both of these concepts simultaneously. ### Does IGA replace my existing Identity and Access Management (IAM) solution? No, IGA does not replace IAM; it extends IAM's strategic value by layering governance, compliance, and auditing capabilities on top of the IAM infrastructure. IAM focuses on the 'how' (authentication and authorization), while IGA focuses on the 'why' (policy, oversight, and validation). They are designed to be integrated components of a unified Identity Security Platform. ### How often should access certifications (reviews) be performed? The frequency of access certifications depends on the resource's risk level and specific regulatory mandates, but they are typically performed quarterly or semi-annually. High-risk applications, like those handling financial data or PII, often require quarterly reviews. SOX compliance may mandate specific periodic reviews. IGA's automated scheduling and tracking features are essential for managing these varied cadences. ### What is a 'toxic access combination' in the context of IGA? A toxic access combination is a pairing of entitlements that creates an unacceptable security or compliance risk, often violating the principle of Segregation of Duties (SoD). For example, a user with the entitlement to approve a critical system change and to push that change to production is a toxic combination. IGA is designed to detect and proactively prevent the provisioning of such combinations. ### How does IGA handle non-human identities, such as service accounts or bots? Modern IGA solutions must extend governance to non-human identities, treating them as full digital identities with defined lifecycles and entitlements. These identities, often managed by a Privileged Access Management (PAM) solution, are critical components of the audit trail. IGA ensures its access is also subject to periodic review and policy enforcement, preventing unauthorized machine-to-machine access. Related Content [Solution Guide: Identity-Based Security for SASE Learn how to architect your identity strategy.](https://www.paloaltonetworks.com/resources/guides/identity-for-sase?ts=markdown) [Tech Brief: Cloud Identity Engine Learn how the Cloud Identity Engine simplifies identity complexity.](https://www.paloaltonetworks.com/resources/datasheets/cloud-identity-engine?ts=markdown) [Whitepaper: The Roadmap to Zero Trust 2.0 See how identity governance serves as a pillar for ZTNA 2.0.](https://www.paloaltonetworks.com/resources/whitepapers/ztna-2-0-the-new-standard-for-securing-access?ts=markdown) [ZTNA 2.0 Solution Page Explore ZTNA 2.0 for safer, VPN-free access with continuous verification.](https://www.paloaltonetworks.com/sase/ztna?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Identity%20Governance%20and%20Administration%3F&body=Learn%20how%20Identity%20Governance%20and%20Administration%20%28IGA%29%20secures%20modern%20enterprises%20by%20automating%20access%2C%20compliance%2C%20and%20user%20lifecycles%20within%20Zero%20Trust%20models.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-identity-governance-and-administration-iga) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-modern-identity-governance-administration-iga?ts=markdown) What Is Modern IGA? Identity Governance Guide [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-lifecycle-management?ts=markdown) What Is Identity Lifecycle Management? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language