[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Cloud Security](https://www.paloaltonetworks.com/cyberpedia/cloud-security?ts=markdown) 3. [CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform?ts=markdown) 4. [What Is Layer 7?](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7?ts=markdown) Table of Contents * [What Is a Cloud Workload Protection Platform (CWPP)?](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform?ts=markdown) * [The Importance of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#importance?ts=markdown) * [Key Features of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#features?ts=markdown) * [Benefits of a CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#benefits?ts=markdown) * [Cloud Workload Protection Vs. Application Security](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#security?ts=markdown) * [CWPPs and the Cloud-Native Application Protection Platform](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#protection?ts=markdown) * [CWPP Considerations for Security Leaders](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#leaders?ts=markdown) * [Cloud Workload Protection Platform FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform#faqs?ts=markdown) * [What Is a Workload?](https://www.paloaltonetworks.com/cyberpedia/what-is-workload?ts=markdown) * [Workloads Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#workloads?ts=markdown) * [Cloud Workload Characteristics](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#cloud?ts=markdown) * [Cloud or On-Premises?](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#phases?ts=markdown) * [Workload Management](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#manage?ts=markdown) * [Workload Automation](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#automation?ts=markdown) * [Cloud Workload Protection](https://www.paloaltonetworks.com/cyberpedia/what-is-workload#protection?ts=markdown) * [What Is API Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security?ts=markdown) * [API Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#api?ts=markdown) * [Definition of an API](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#definition?ts=markdown) * [Why API Security Is Important](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#why?ts=markdown) * [Traditional Approach to Web Application Security](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#traditional?ts=markdown) * [Anatomy of an API Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#anatomy?ts=markdown) * [API Security Risks](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#risks?ts=markdown) * [API Security for SOAP, REST and GraphQL](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#graphql?ts=markdown) * [API Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#best?ts=markdown) * [Cortex Cloud's API Security Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#prisma?ts=markdown) * [API Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-security#faqs?ts=markdown) * [Agentless vs Agent-Based Security](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security?ts=markdown) * [Agentless Security](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security#agentless?ts=markdown) * [Is Agentless or Agent-Based Security Better?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security#better?ts=markdown) * [FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-the-difference-between-agent-based-and-agentless-security#faqs?ts=markdown) * [What is the Difference Between Web Application Firewall (WAF) and Next-Generation Firewall (NGFW)?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws?ts=markdown) * [What Is a Web Application Firewall (WAF)?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#what?ts=markdown) * [What Is an NGFW?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#ngfw?ts=markdown) * [The Similarities and Differences Between WAFs and NGFWs](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#the?ts=markdown) * [When to Use WAFs vs. NGFWs](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#when?ts=markdown) * [How Do WAFs and NGFWs Complement Each Other?](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#how?ts=markdown) * [What Customers Should Consider When Searching for a Web Application Security Solution](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#solution?ts=markdown) * [WAF vs NGFW FAQs](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws#faqs?ts=markdown) * What Is Layer 7? * [Layer 7 Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#what?ts=markdown) * [Understanding the OSI Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#osi?ts=markdown) * [How Does Data Flow Through the OSI Model?](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#how?ts=markdown) * [The Role of Layer 7](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#role?ts=markdown) * [Layer 7 Load Balancing](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#load?ts=markdown) * [Layer 7 Security](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#security?ts=markdown) * [OSI Model Vs. the TCP/IP Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#model?ts=markdown) * [Layer 7 and the OSI Model FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#faqs?ts=markdown) * [What Is Web Application and API Protection?](https://www.paloaltonetworks.com/cyberpedia/what-is-web-application-and-api-protection?ts=markdown) * [What Is an API Gateway?](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway?ts=markdown) * [API Gateway Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#explained?ts=markdown) * [API Gateways for Microservices Architectures](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#architectures?ts=markdown) * [What Is the API Gateway Pattern?](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#pattern?ts=markdown) * [Challenges of API Gateways Potential Response Time Increases](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#response?ts=markdown) * [Use Cases and API Gateway Benefits](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#benefits?ts=markdown) * [Service Mesh Vs. API Gateway](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#service?ts=markdown) * [API Gateway Vs. Load Balancer](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#balancer?ts=markdown) * [API Gateways Security and WAFs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#security?ts=markdown) * [API Gateway Solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#solutions?ts=markdown) * [Industry Practices and Standards](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#practices?ts=markdown) * [API Gateway FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-api-gateway#faqs?ts=markdown) # What Is Layer 7? 5 min. read Table of Contents * * [Layer 7 Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#what?ts=markdown) * [Understanding the OSI Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#osi?ts=markdown) * [How Does Data Flow Through the OSI Model?](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#how?ts=markdown) * [The Role of Layer 7](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#role?ts=markdown) * [Layer 7 Load Balancing](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#load?ts=markdown) * [Layer 7 Security](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#security?ts=markdown) * [OSI Model Vs. the TCP/IP Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#model?ts=markdown) * [Layer 7 and the OSI Model FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#faqs?ts=markdown) 1. Layer 7 Explained * * [Layer 7 Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#what?ts=markdown) * [Understanding the OSI Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#osi?ts=markdown) * [How Does Data Flow Through the OSI Model?](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#how?ts=markdown) * [The Role of Layer 7](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#role?ts=markdown) * [Layer 7 Load Balancing](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#load?ts=markdown) * [Layer 7 Security](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#security?ts=markdown) * [OSI Model Vs. the TCP/IP Model](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#model?ts=markdown) * [Layer 7 and the OSI Model FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7#faqs?ts=markdown) Layer 7 is the application layer and highest level of the Open Systems Interconnection (OSI) model, a conceptual framework that standardizes the functions of a communication system into seven distinct categories. Layer 7 interfaces with and provides services to application software running on a host device, facilitating end-user and application interaction. Services such as email, file transfer and web browsing all operate at this layer. ## Layer 7 Explained In the realm of network communication, Layer 7, also known as the application layer of the OSI model, holds a pivotal role in network communication. Layer 7 provides the interface between the applications we use and the underlying network over which our data must travel. Enabling interaction between the application and network services, Layer 7 presents an array of services directly to application software running on a host device. ![7-layers](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/7-layers.png "7-layers") Figure 1: Overview of the OSI model and relevance of its seven layers Think of Layer 7 as the control center of the network. Just like the brain controls the human body, Layer 7 is responsible for managing and coordinating communication between different applications. ## Understanding the OSI Model The Open Systems Interconnection model is a conceptual framework used to describe how data is transmitted over a network. Developed by the International Organization for Standardization (ISO) in 1984, it is now widely accepted as a standard model for network communications. The OSI model provides a systematic representation of network communication processes, with the individual layers responsible for specific services that contribute to the overall function of network communication. Each layer communicates with its adjacent layers. Data passes down through the layers on the sender's side, across the network, and back up through the layers on the receiver's end. ### Meet the Layers of the OSI Model **Layer 1 - The Physical Layer**: As the foundational layer of the OSI model, the physical layer is responsible for transmitting raw bitstream data over physical mediums like copper wire, optical fiber or radio waves. It governs aspects like bit rate, signal strength, physical connectors, cable types and network topology. Layer 1 ensures the integrity of binary transmissions across the network. **Layer 2 - The Data Link Layer**: This layer structures raw bits from the physical layer into data frames and manages node-to-node communication through physical addresses (MAC addresses). Layer 2 offers error detection and correction, ensuring reliable data transmission. It also manages access to the physical medium via Carrier Sense Multiple Access with Collision Detection (CSMA/CD) and other techniques. **Layer 3 - The Network Layer**: The network layer provides the means for transferring variable length data sequences (packets) from one node to another within different networks. It handles routing of packets based on logical addressing and manages network congestion and packet sequencing. **Layer 4 - The Transport Layer**: Layer 4 deals with host-to-host communication between the source and destination systems. It provides mechanisms for the reliable or unreliable transmission of data via protocols like TCP and UDP and manages flow control, error checking and segmentation of data packets. **Layer 5 - The Session Layer**: The session layer establishes, manages and terminates connections (sessions) between applications on each end of a communication. **Layer 6 - The Presentation Layer**: The presentation layer translates application format data into a common format and vice versa, providing services such as encryption, decryption and data compression. Layer 6 ensures that data sent from the application layer of one system can be read by the application layer of another system. **Layer 7 - The Application Layer**: The topmost layer of the OSI model, the application layer, serves as the interface for communication between users or processes and the network. It provides application-specific services such as HTTP requests, file transfer and email. ## How Does Data Flow Through the OSI Model? Data flows through the OSI model in a process known as encapsulation and de-encapsulation, which happens when data is sent from a source device to a destination device. ### Encapsulation Process (Data Flow Downwards) The encapsulation process starts at the application layer (Layer 7) on the source device. User data is converted into a format suitable for transmission and passed down to the presentation layer (Layer 6) for translation, compression or encryption. At the session layer (Layer 5), a session is established and maintained for the duration of the data transfer. The transport layer (Layer 4) receives this data, divides it into manageable segments, and adds a TCP or UDP header, which includes port numbers. The network layer (Layer 3) then adds an IP header containing source and destination IP addresses, converting the segment into a packet. The data link layer (Layer 2) encapsulates this packet in a frame, adding MAC addresses in its header and a Frame Check Sequence (FCS) in its trailer. Lastly, the physical layer (Layer 1) converts these frames into binary data (bits) for transmission over the physical medium. ### De-Encapsulation Process (Data Flow Upwards) Once data reaches the destination device, it ascends the OSI layers in a reverse process. At the physical layer, the received bits are converted back into frames. The data link layer checks the FCS for errors, removes the MAC addresses and passes the packet to the network layer. The network layer removes the IP addresses from the packet, turning it back into a segment, which is passed to the transport layer. The transport layer verifies the correct sequencing of data, acknowledges packet receipt and removes the TCP or UDP header. Now in its original form, the data is passed through the session and presentation layers, where the session is closed, and any translations or encryptions performed earlier are reversed. Finally, at the application layer, the original user data is delivered to the receiving application in a format it can use. ## The Role of Layer 7 Layer 7 facilitates communication between software applications and lower-level network services. This layer is not concerned with the underlying details of the network but focuses on providing methods for software applications to use network services. Layer 7 essentially serves as a network interpreter that translates the user's or application's data into a standard protocol that other layers of the OSI model can understand. Various protocols, each serving specific purposes, enable the application layer to facilitate end-to-end communication between communication partners. For instance: * File Transfer Access and Management (FTAM) protocol allows users to access and manage files in a remote system. * Simple Network Management Protocol (SNMP) enables network administrators to manage, monitor and configure network devices. * Common Management Information Protocol (CMIP) defines network management information. * HTTP (Hypertext Transfer Protocol) enables communication between clients and servers on the web. ## Layer 7 Load Balancing Load balancers distribute network traffic across multiple servers to optimize resource use, minimize response times and avoid overloading any single server. At Layer 7, load balancing introduces an extra dimension to the distribution of network traffic. Unlike Layer 4 load balancers that base their decisions on IP address and TCP or UDP port information, Layer 7 load balancers inspect the content of the user's message to make routing decisions. Layer 7 load balancers analyze the 'payload' of the network packet, considering elements such as HTTP headers, cookies or data within the application message to make sophisticated load balancing decisions. They can, for instance, route traffic to different servers based on the requested URL or on the type of content requested, such as images, scripts or text. ## Layer 7 Security Whether an organization opts for on-premises, cloud-based, or a hybrid approach, securing the application layer is paramount to protect sensitive data and maintain service availability. And as the layer that interfaces directly with the user and their data, Layer 7 lures bad actors determined to access user credentials and personal identifiable information. Common types of attacks at this layer include application layer attacks and Layer 7 distributed denial of service (DDoS) attacks. Application-layer attacks attempt to exploit vulnerabilities within the application, such as poorly validated inputs or insecure configuration settings. Layer 7 DDoS attacks aim to overwhelm a server, service or network with more requests than it can handle. Unlike traditional [DDoS attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack) that flood networks with massive volumes of traffic, layer 7 DDoS attacks often begin slowly, mimicking normal user behavior, which makes them harder to detect. In [cloud-native environments](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-native), tools like Kubernetes provide built-in mechanisms for network security at Layer 7. These mechanisms, though, often need additional security measures, such as [web application firewalls (WAFs)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-web-application-firewall), intrusion detection systems, and robust security policies. WAFs, in particular, play a vital Layer 7 security role, as they operate at the application layer and can understand and make decisions based on the content of the data packet. WAFs can filter out malicious traffic based on rules defined for HTTP/HTTPS, allowing more granular control over network traffic than traditional network-layer firewalls. ![Layer 7 security via the web application firewall](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/webapplication-and-api-security.png "Layer 7 security via the web application firewall") Figure 2: Layer 7 security via the web application firewall ## OSI Model Vs. the TCP/IP Model Like the OSI model, the Transmission Control Protocol/Internet Protocol (TCP/IP) model describes how network protocols interact and work together to provide network services. The two models differ, however, in structure, abstraction levels, and historical usage. ![OSI Model Vs. the TCP/IP Model](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/osi-vs-tci-ip.png "OSI Model Vs. the TCP/IP Model") Figure 3: OSI Model Vs. the TCP/IP Model ### Structure and Abstraction Levels The OSI model has seven layers, each layer providing a set of specific services and operating independently while interacting with the layers immediately above and below. The design, as intended, created a universal standard for all types of network communication. The TCP/IP model is more focused on the realities of network communication and dismisses the modular separation of functionality, as seen in its four-layer structure. 1. Network interface (equivalent to the physical and data link layers of the OSI model) 2. Internet (equivalent to the network layer) 3. Transport 4. Application (combining the session, presentation and application layers of the OSI model) ### Historical Usage Despite its comprehensive design, the OSI model was never widely adopted for practical networking implementations. Its use has remained conceptual, serving as a tool to understand and describe network protocol interaction and operation. In contrast, the TCP/IP Model was created and implemented as the foundation of the modern internet. TCP and IP, are the backbone protocols of the internet. The model was designed to solve practical networking problems and achieve effective wide-area communication, rather than to conform to a layered reference model. ## Layer 7 and the OSI Model FAQs {#faqs} ### What is bitstream data? Bitstream data refers to a sequence of bits that represent the raw, binary format of information in a continuous flow. In computing and digital communications, this can include text, images, audio, video and more. It's the fundamental unit of data transmission and storage. Each bit (binary digit) in the bitstream can hold a value of either 0 or 1. ### What is the Frame Check Sequence (FCS)? The Frame Check Sequence is a type of error-detection method used in networking to ensure data integrity. It's a mathematical calculation appended to the end of a frame of data during transmission. Upon receiving the frame, the recipient device recomputes the FCS and compares it to the received value. If they match, the frame is considered error-free. ### What is Local link control (LLC)? LLC is a part of the data link layer in the OSI model. It provides an interface for network layer protocols and the MAC sublayer, allowing various network protocols to operate over different types of networks. LLC manages error and flow control and may offer services like connection-oriented or connectionless data transmission. ### What is Subnetwork Access Protocol (SNAP)? SNAP is used in data communications to extend the IEEE 802.2 LLC by providing a mechanism to identify the network layer protocol in use. This allows a variety of network protocols to be encapsulated in an LLC data unit and transmitted over the network. ### What are a token ring and token passing? Token Ring is a type of LAN technology where devices are arranged in a logical ring topology and communication occurs by passing a token. The token is a special bit pattern that circulates around the ring. A device holding the token has the right to transmit, and after transmission, the token is passed to the next device in sequence. This token passing mechanism ensures orderly access to the network, reducing collisions. ### Can Layer 7 function independently of other layers? Layer 7 cannot function independently of the other OSI layers. As the top layer, it relies on the services of the layers below it for successful communication. It uses the session layer (Layer 5) for managing sessions between applications, and lower layers for reliable data transmission. ### What are the benefits of Layer 7 load balancing over lower layer load balancing? Layer 7 load balancing offers several benefits over lower layer load balancing. It can provide more granular control over traffic distribution by considering the content of network traffic. It also offers the flexibility to manipulate traffic, for instance, by modifying HTTP headers or performing SSL offloading. While it involves more processing overhead than lower layer load balancing, it's well suited to complex, modern applications, particularly in cloud environments. ### How does Layer 7 handle different application protocols? Layer 7 supports a range of protocols, each tailored to specific types of network communication. For instance, HTTP is used for web browsing, SMTP for email, and FTP for file transfers. Layer 7 ensures the correct protocol is used for each application's network communication needs. ### What is a web application firewall (WAF)? A web application firewall (WAF) is a security solution that filters and monitors HTTP/HTTPS traffic between a web application and the internet. Their ability to detect and respond to malicious requests before web applications and web servers accept the requests provides protection from attacks at the application layer (Layer 7), including SQL injection, cross-site scripting (XSS) and DDoS attacks. Related Content [Web Application Firewall (WAF) vs. Next-Generation Firewall (NGFW) Both WAFs and NGFWs work on application-layer protocols and employ rules and policy engines to filter incoming traffic.](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws?ts=markdown) [What Is Web Application and API Protection? APIs, used heavily in cloud-native development, can be easily modified, sparing developers from having to make every API from scratch. But ensuring web application and API protecti...](https://www.paloaltonetworks.com/cyberpedia/what-is-web-application-and-api-protection?ts=markdown) [Prisma Cloud Introduces Out-of-Band Web App and API Security Web application vulnerabilities and unsecured APIs can lead to multimillion dollar security incidents, but there's a solution that doesn't impact application performance.](https://www.paloaltonetworks.com/blog/2022/06/prisma-cloud-introduces-oob-waas/) [Creating A Secure 5G Service Based Architecture In this blog post, we look at Web Application and API Security (WAAS) to repel service-based interface (SBI) abuse.](https://www.paloaltonetworks.com/blog/prisma-cloud/seo-5g-sba-api/) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Layer%207%3F&body=Understand%20Layer%207%20in%20the%20OSI%20model%20and%20its%20significance%20in%20network%20security%20to%20optimize%20your%20cybersecurity%20approach%20and%20ensure%20comprehensive%20safety.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-layer-7) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/difference-between-wafs-and-ngfws?ts=markdown) What is the Difference Between Web Application Firewall (WAF) and Next-Generation Firewall (NGFW)? [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-web-application-and-api-protection?ts=markdown) What Is Web Application and API Protection? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language