[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown) 3. [Threat Detection \& Prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba?ts=markdown) 4. [What Is Penetration Testing?](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing?ts=markdown) Table of Contents * [What is UEBA (User and Entity Behavior Analytics)?](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba?ts=markdown) * [How UEBA works](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#how?ts=markdown) * [Benefits of Implementing UEBA](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#benefits?ts=markdown) * [Examples of UEBA](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#examples?ts=markdown) * [Common Use Cases for UEBA](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#common?ts=markdown) * [Challenges and Considerations in UEBA Deployment](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#challenges?ts=markdown) * [Diverse Threats Addressed by UEBA](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#diverse?ts=markdown) * [Integrating UEBA and XDR](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#integrate?ts=markdown) * [UEBA vs NTA](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#nta?ts=markdown) * [UEBA vs SIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#siem?ts=markdown) * [UEBA vs IAM](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#iam?ts=markdown) * [Future Trends and Developments in UEBA](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#future?ts=markdown) * [Choosing the Right UEBA Solution](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#choose?ts=markdown) * [UEBA FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba#faqs?ts=markdown) * [What Is Threat Prevention? \[Definition, Explanation, + How-tos\]](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention?ts=markdown) * [Why is threat prevention important?](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention#why-is-threat-prevention-important?ts=markdown) * [How does threat prevention work?](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention#how-does-threat-prevention-work?ts=markdown) * [What are the differences between threat prevention, detection, and protection?](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention#what-are-the-differences-between-threat-prevention-detection-and-protection?ts=markdown) * [What are the different types of threat prevention?](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention#what-are-the-different-types-of-threat-prevention?ts=markdown) * [Top 5 threat prevention tips, tricks, and best practices](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention#top-5-threat-prevention-tips-tricks-and-best-practices?ts=markdown) * [Why threat prevention is harder than it sounds (yet more achievable than it used to be)](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention#why-threat-prevention-is-harder-that-it-sounds?ts=markdown) * [Threat prevention FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention#threat-prevention-faqs?ts=markdown) * What Is Penetration Testing? * [Why Is Security Penetration Testing Important?](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#why?ts=markdown) * [Pen Testing's Role in Compliance](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#pen?ts=markdown) * [Pen Testing Approaches to Assessments](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#testing?ts=markdown) * [What Is Teaming in Pen Testing?](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#what?ts=markdown) * [Types of Pen Testing](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#types?ts=markdown) * [7 Stages of the Penetration Testing Process](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#stages?ts=markdown) * [Pen Testing Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#tools?ts=markdown) * [Penetration Testing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#faqs?ts=markdown) * [3 Challenges to Identifying Evasive Threats](https://www.paloaltonetworks.com/cyberpedia/3-challenges-to-identifying-evasive-threats?ts=markdown) * [](https://www.paloaltonetworks.com/cyberpedia/3-challenges-to-identifying-evasive-threats#threats?ts=markdown) * [](https://www.paloaltonetworks.com/cyberpedia/3-challenges-to-identifying-evasive-threats#traditional?ts=markdown) * [](https://www.paloaltonetworks.com/cyberpedia/3-challenges-to-identifying-evasive-threats#helps?ts=markdown) * [](https://www.paloaltonetworks.com/cyberpedia/3-challenges-to-identifying-evasive-threats#protect?ts=markdown) * [What is a Port Scan?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan?ts=markdown) * [How a Port Scan Works](https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan#how?ts=markdown) * [Types of Port Scans](https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan#types?ts=markdown) * [Port Scanning Results](https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan#port?ts=markdown) * [How Bad Actors Use Port Scanning as an Attack Method](https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan#method?ts=markdown) * [Port Scan FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan#faqs?ts=markdown) # What Is Penetration Testing? 5 min. read Table of Contents * * [Why Is Security Penetration Testing Important?](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#why?ts=markdown) * [Pen Testing's Role in Compliance](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#pen?ts=markdown) * [Pen Testing Approaches to Assessments](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#testing?ts=markdown) * [What Is Teaming in Pen Testing?](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#what?ts=markdown) * [Types of Pen Testing](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#types?ts=markdown) * [7 Stages of the Penetration Testing Process](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#stages?ts=markdown) * [Pen Testing Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#tools?ts=markdown) * [Penetration Testing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#faqs?ts=markdown) 1. Why Is Security Penetration Testing Important? * * [Why Is Security Penetration Testing Important?](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#why?ts=markdown) * [Pen Testing's Role in Compliance](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#pen?ts=markdown) * [Pen Testing Approaches to Assessments](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#testing?ts=markdown) * [What Is Teaming in Pen Testing?](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#what?ts=markdown) * [Types of Pen Testing](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#types?ts=markdown) * [7 Stages of the Penetration Testing Process](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#stages?ts=markdown) * [Pen Testing Tools](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#tools?ts=markdown) * [Penetration Testing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing#faqs?ts=markdown) Penetration testing, or pen testing, is a simulated cyberattack on a system, network, or application to identify vulnerabilities that could be exploited by malicious actors. It involves ethical hackers who use various tools and techniques to probe security defenses, assess potential weaknesses, and provide recommendations for improving security. The goal of penetration testing is to strengthen the overall security posture by addressing identified flaws before they can be exploited in real-world attacks. ## Why Is Security Penetration Testing Important? Penetration testing is vital because it helps organizations proactively identify and address security vulnerabilities before malicious actors can exploit them. Key reasons include: 1. **Risk Identification** : Reveals weaknesses in systems, networks, and applications that could lead to data breaches or [cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack?ts=markdown). 2. **Improved Security**: Provides actionable insights to strengthen defenses and enhance overall security posture. 3. **Compliance Requirements**: Helps meet regulatory standards (e.g., GDPR, PCI DSS) by demonstrating proactive security measures. 4. **Threat Simulation**: Mimics real-world attack scenarios to assess the effectiveness of existing security controls. 5. **Cost Savings**: Prevents costly breaches by fixing vulnerabilities early, avoiding financial and reputational damage. 6. **Incident Readiness**: Prepares organizations to respond to threats by identifying gaps in incident detection and response mechanisms. 7. **Trust Building** : Instills confidence in customers, partners, and stakeholders by showing a commitment to robust [cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-cyber-security?ts=markdown) practices. ## Pen Testing's Role in Compliance Pen testing is widely used to meet [data security](https://www.paloaltonetworks.com/cyberpedia/what-is-data-security?ts=markdown) and privacy requirements. Organizations subject to regulations, such as [PCI DSS](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown), [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown), and [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), use penetration testing to prove compliance. By integrating penetration testing into compliance efforts, organizations can reduce risk, maintain trust, and avoid costly penalties or [breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown). Here's how: * **Meeting regulatory requirements**: Many standards, such as PCI DSS, HIPAA, GDPR, and ISO 27001, mandate regular penetration testing as part of their compliance frameworks. * **Demonstrating due diligence**: Penetration testing shows regulators, clients, and stakeholders that the organization is taking proactive steps to secure sensitive data. * **Ensuring data protection**: Helps ensure that security measures comply with data privacy laws and prevent unauthorized access to sensitive information. * **Auditing readiness**: Generates detailed reports that can be used as evidence of compliance during security audits or regulatory reviews. * **Assuring third party**: Assures customers and partners that the organization is adhering to industry best practices for cybersecurity. Industry frameworks are often used to guide penetration testing, such as [OWASP (Open Web Application Security Project)](https://owasp.org/www-project-application-security-verification-standard/), which guides securing web applications, and JUnit, which is used to test Java source code. ## Pen Testing Approaches to Assessments Penetration testing uses both internal and external approaches to assess an organization's security. * **Internal testing** : The tester works with access similar to that of an internal user, mimicking a malicious insider or an attacker who has stolen valid credentials, such as through [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) or brute-force attacks. * **External testing**: Simulates real-world attacks from outside the organization to identify vulnerabilities in exposed systems. There are also three main methods for conducting pen tests: white box, black box, and gray box testing. These tests can be done openly with the team's knowledge or secretly (double-blind) to replicate an unexpected attack. ### White-Box Penetration Testing White box or internal penetration testing involves giving testers information about the network and system, including network maps and credentials. This type of pen test can be conducted the most quickly and helps identify insider-related security risks and vulnerabilities. ### Black-Box Penetration Testing Also known as external penetration testing, black-box testers are given no information about the targets. They are given a target organization and left to exploit security systems. Black-box testing is the most time-consuming approach. However, it is also the most insightful, as it simulates actual attack scenarios that target an asset visible from the Internet, such as a web application, website, email, or domain name server. ### Gray-Box Penetration Testing Taking a blended approach, gray-box testers are given some information (e.g., credentials and IP ranges for network devices) to expedite the process, allowing them to focus on identifying issues such as misconfigurations or unused open ports. Gray-box testers attempt to gain unauthorized access to other parts of the network and [exfiltrate data](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown). ## What Is Teaming in Pen Testing? Teaming is an approach to penetration testing that splits testers into teams. There are three types of teams: * **Red teams** act as the attackers, attempting to breach systems and exploit vulnerabilities * **Blue teams** play the role of defender, trying to identify attackers by monitoring networks for suspicious activity and responding to security alerts * **Purple teams** take a blended approach, working together to find weaknesses and provide recommendations for remediation and security optimization ## Types of Pen Testing Different types of pen tests can be used to focus on a specific area or combined. Several of the most common types of pen tests include the following: * **Web Application Penetration Testing**: Evaluating web applications for security flaws. * **Network Penetration Testing**: Focus on external networks and servers. * **Hardware Penetration Testing**: Evaluating network-connected devices (laptops, mobile phones, tablets, IoT, and OT devices). * **User Penetration Testing**: Testing human factors, like employees and third parties, in security. * **Wireless Penetration Testing**: Identifying risks in wireless networks. * **Cloud Penetration Testing**: Assessing cloud environments, including cloud infrastructure, applications, databases, storage access, user access controls, network configurations, and specific cloud service provider settings ## 7 Stages of the Penetration Testing Process Regardless of which pen test methodology or framework is used, the process usually follows the same overall steps. These stages apply to both internal and external pen tests. ### 1. Planning and Reconnaissance Before starting penetration testing, it's essential to agree on the targets and objectives. Once these have been established, the pen tester or pen testing team creates an attack plan and gathers intelligence. This includes reviewing public documentation, news, [cyberthreat intelligence](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown), and even employees' social media and GitHub accounts. The reconnaissance phase is crucial as it forms the foundation for the entire testing process. Testers may use sophisticated tools to scrape public databases and forums for any [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) that has been accidentally exposed. Additionally, understanding the organization's workflow, network infrastructure, and potential threat vectors offers insights into creating an effective strategy. During this phase, the testers also define the scope of their efforts, ensuring they respect the legal and ethical boundaries set by the organization, which may include limitations on specific techniques or network areas to be tested. ### 2. Target Discovery In this phase, penetration testers meticulously scan the defined targets to gather detailed insights about the security measures currently in place. This involves using various scanning tools and techniques to map out the network architecture and pinpoint entry points that could be potentially leveraged during an attack. The focus during target discovery is also to identify both known and [unknown vulnerabilities](https://www.paloaltonetworks.com/cyberpedia/what-are-unknown-cyberthreats?ts=markdown), which might not be evident at first glance but could provide pathways for exploitation. This stage is not just about cataloging systems, but also requires an in-depth analysis of how these systems interact and any security gaps that may exist between them. By understanding the exact security posture, testers can tailor their subsequent actions to more effectively simulate real-world attack scenarios, laying the foundation for the following stages of exploitation and vulnerability testing. ### 3. Exploitation Pen testers launch attacks to test how security systems respond and identify vulnerabilities. The types of attacks used during this stage include: * **SQL Injection** -- Malicious code is inserted into queries to manipulate databases. * [**Cross-Site Scripting**](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting?ts=markdown) -- involves injecting malicious scripts into content from trusted websites. * [**Denial-of-Service Attack**](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos?ts=markdown) -- Used to overwhelm systems and disrupt services. * [**Social Engineering Attack**](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering?ts=markdown) (e.g., phishing, vishing, and ransomware) -- Executed to understand how the human element of a security protocol could impact overall defense mechanisms. * **Man-in-the-Middle Attack** -- Used to intercept communications between parties to expose potential weaknesses in encryption. ### 4. Access Maintenance and Escalation This stage focuses on testing tactics to maintain unauthorized access and gain additional privileges. Pen testers simulate [advanced persistent threats (APTs)](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt?ts=markdown) and privileged [insider threats](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown). During this stage, the pen tester seeks to evade detection and expand access. ### 5. Cleanup Covering Tracks Following a simulated attack, pen testers eliminate traces of it. Steps taken to cover their tracks include deleting scripts, event logs, and any scripts that were used. ### 6. Analysis and Reporting The final stage requires documenting the findings with a detailed analysis of what was done, the vulnerabilities exploited, and the sensitive systems and data accessed. The resulting report provides insights into the potential impact of an attack and details about vulnerabilities to facilitate remediation. ### 7. Remediation and Re-Testing Based on the pen test report, security teams prioritize remediating vulnerabilities and possibly enhancing security. This often involves: * Patching software * Fixing misconfigured systems * Updating weak passwords * Implementing [access controls](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) * Addressing insecure coding practices * Reviewing [network segmentation](https://www.paloaltonetworks.com/cyberpedia/what-is-network-segmentation?ts=markdown) * Conducting employee security awareness training Once remediation is complete, the systems should be re-tested to confirm that vulnerabilities have been mitigated. The security team can do this or can involve another penetration testing exercise. ## Pen Testing Tools In addition to manual techniques, penetration testing exercises often involve the use of specialized tools. The following are several of the many tools used to facilitate manual pen testing and automate pen testing functions: * **Penetration Testing Code** -- programming scripts or commands used to simulate malicious attacks on a system, network, or application * **Specialized Operating Systems** -- OSs that come preinstalled with pen testing tools (e.g., Nmap, Wireshark, and Metasploit) * **Credential-Cracking Tools** -- programs that use bots or scripts to uncover passwords by breaking encryptions or launching brute-force attacks * [**Port Scanners**](https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan?ts=markdown) -- programs that remotely test devices for open and available ports * [**Vulnerability Scanners**](https://www.paloaltonetworks.com/cyberpedia/vulnerability-scanning?ts=markdown) -- tools that search systems for known vulnerabilities (ironically, the same tools used by security teams) * **Packet Analyzers or Packet Sniffers** -- tools that evaluate network traffic by capturing and inspecting packets ## Penetration Testing FAQs ### When should a pen test be conducted? Pentesting should be done regularly. The frequency depends on several factors, including company size, infrastructure, budget, regulatory requirements, and emerging threats, which will determine the appropriate frequency. It should also be conducted during application and system development, and when changes are made or updates are installed. ### What are the commonly used pen test methodologies and frameworks? * CREST Penetration Testing Methodology * ISSAF (Information System Security Assessment Framework) * Metasploit * MITRE ATT\&CK * National Institute of Standards and Technology (NIST) SP 800-115 * OSSTMM (Open Source Security Testing Methodology Manual) * OWASP (Open Web Application Security Project) * Penetration Testing Execution Standard (PTES) ### What are the three main 3 types of penetration test? The three main types of pen testing are black box, white box, and gray box. ### What are the three 3 key phases involved in penetration testing? The three key phases of penetration testing are reconnaissance, scanning, and exploitation. ### Who performs pentests? While in-house security teams can do a pentest, third-party pentesting is deemed more effective. Third-party pentesting is conducted by an external team or individual with little to no knowledge of the systems being tested, giving them the advantage of fresh eyes. This allows them to see issues that internal teams may have overlooked. Whether third-party or in-house, pentests are best performed by experienced developers and security experts. Related Content [What is an Incident Response Plan (IRP)? Why an IRP is important, and how to build one.](https://www.paloaltonetworks.com/cyberpedia/incident-response-plan?ts=markdown) [A multinational organization enhances defenses by stress testing its cybersecurity program Discover why Unit 42 was entrusted to assess and test defenses](https://www.paloaltonetworks.com/customers/multinational-organization-enhances-defenses-by-stress-testing-its-cybersecurity-program?ts=markdown) [2025 Unit 42 Incident Response Report Discover the latest threat actor tactics and get real world insights and expert recommendations.](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) [IDC 2025 MarketScape Leader for Worldwide IR Services. See why IDC MarketScape recognized us.](http://start.paloaltonetworks.com/idc-incident-response-marketscape-2025) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Penetration%20Testing%3F&body=Explore%20the%20fundamentals%20of%20penetration%20testing.%20Uncover%20how%20ethical%20hackers%20simulate%20attacks%20to%20identify%20vulnerabilities%20and%20enhance%20cybersecurity%20protocols.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-penetration-testing) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-threat-prevention?ts=markdown) What Is Threat Prevention? \[Definition, Explanation, + How-tos\] [Next](https://www.paloaltonetworks.com/cyberpedia/3-challenges-to-identifying-evasive-threats?ts=markdown) 3 Challenges to Identifying Evasive Threats {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language