[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-security-solution?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.paloaltonetworks.com/deploybravely?ts=markdown) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Identity Security](https://www.paloaltonetworks.com/cyberpedia/identity-security?ts=markdown) 3. [Privileged Access Management](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management?ts=markdown) 4. [PAM](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management?ts=markdown) Table of Contents * What Is Privileged Access Management (PAM)? * [Privileged Access Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#privileged?ts=markdown) * [Why PAM Is Critical Today](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#why?ts=markdown) * [How PAM Works](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#how?ts=markdown) * [Core Pillars of Modern PAM Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#core?ts=markdown) * [Examples of Privileged Access](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#examples?ts=markdown) * [PAM Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#pam?ts=markdown) * [Common PAM Challenges and How to Solve Them](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#common?ts=markdown) * [Use Cases \& Real-World Scenarios](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#scenarios?ts=markdown) * [Emerging Trends: Where PAM Is Going](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#emerging?ts=markdown) * [Privileged Access Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#faqs?ts=markdown) * [What Is Just-In-Time Access?](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown) * [Just-in-Time Access Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#explained?ts=markdown) * [Key Data: Threats and Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#key?ts=markdown) * [Types of Just-in-Time Access](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#types?ts=markdown) * [How Just-in-Time Access Works (Conceptual Flow)](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#how?ts=markdown) * [Key Components and Capabilities](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#components?ts=markdown) * [Key Steps to Implementing Just-in-Time Access](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#steps?ts=markdown) * [Common Risks and Implementation Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#risks?ts=markdown) * [Just-in-Time Access in a Zero Trust and Modern Security Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#architecture?ts=markdown) * [Just-in-Time Access FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit#architecture?ts=markdown) * [What Is Defense-in-Depth?: A Layered Cybersecurity Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth?ts=markdown) * [Defense-in-Depth Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#explained?ts=markdown) * [Key Data: Threats \& Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#key?ts=markdown) * [The Core Architectural Components of Defense-in-Depth](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#core?ts=markdown) * [Defense-in-Depth in the Modern Cloud and Identity Landscape](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#landscape?ts=markdown) * [Disrupting the Attack Lifecycle: Defense-in-Depth and Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#disrupting?ts=markdown) * [Defense-in-Depth versus Zero Trust Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#architecture?ts=markdown) * [Best Practices for Implementing a Layered Security Model](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#best?ts=markdown) * [Defense-in-Depth FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-defense-in-depth#faqs?ts=markdown) * [Zero Standing Privileges: Protecting Enterprise Access Control](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges?ts=markdown) * [Zero Standing Privileges Explained](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#zero?ts=markdown) * [ZSP and Other Access Models](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#vs?ts=markdown) * [The Critical Risk of Standing Privileges](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#privileges?ts=markdown) * [Key Benefits of Adopting ZSP](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#key?ts=markdown) * [A Practical Roadmap for ZSP Implementation](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#practical?ts=markdown) * [Zero Standing Privileges FAQs](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges#faqs?ts=markdown) * [What Is Least Privilege Access?](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown) * [Least Privilege Access, Defined](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#definition?ts=markdown) * [Benefits of Least Privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#benefits?ts=markdown) * [Example of Least Privilege Access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#example?ts=markdown) * [Least Privilege vs. Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#vs?ts=markdown) * [Managing Least Privilege Access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#manage?ts=markdown) * [Least Privilege Access FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#faqs?ts=markdown) # What Is Privileged Access Management (PAM)? 3 min. read [Explore Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) Table of Contents * * [Privileged Access Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#privileged?ts=markdown) * [Why PAM Is Critical Today](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#why?ts=markdown) * [How PAM Works](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#how?ts=markdown) * [Core Pillars of Modern PAM Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#core?ts=markdown) * [Examples of Privileged Access](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#examples?ts=markdown) * [PAM Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#pam?ts=markdown) * [Common PAM Challenges and How to Solve Them](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#common?ts=markdown) * [Use Cases \& Real-World Scenarios](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#scenarios?ts=markdown) * [Emerging Trends: Where PAM Is Going](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#emerging?ts=markdown) * [Privileged Access Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#faqs?ts=markdown) 1. Privileged Access Management Explained * * [Privileged Access Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#privileged?ts=markdown) * [Why PAM Is Critical Today](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#why?ts=markdown) * [How PAM Works](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#how?ts=markdown) * [Core Pillars of Modern PAM Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#core?ts=markdown) * [Examples of Privileged Access](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#examples?ts=markdown) * [PAM Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#pam?ts=markdown) * [Common PAM Challenges and How to Solve Them](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#common?ts=markdown) * [Use Cases \& Real-World Scenarios](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#scenarios?ts=markdown) * [Emerging Trends: Where PAM Is Going](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#emerging?ts=markdown) * [Privileged Access Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management#faqs?ts=markdown) Privileged Access Management (PAM) is a cybersecurity framework and set of technologies that secure, monitor, and control privileged access---the elevated permissions that allow an identity to change system settings, access sensitive data, or administer critical infrastructure. PAM protects the "keys to the kingdom" by vaulting credentials, enforcing least privilege, brokering privileged sessions, and recording activity so attackers (or insiders) can't quietly turn one compromised account into a full environment takeover. Key Points * **Risk reduction**: Shrinks the attack surface by minimizing or eliminating standing privileges (always-on admin rights). \* **Zero Trust alignment**: Treats every privileged request as high risk and continuously verifies identity, context, and device posture. \* **Operational visibility**: Session logging and recording create a defensible audit trail for incident response and compliance. \* **Unit 42 insight**: Unit 42 notes that privilege abuse is a common enabler for lateral movement (including cases where excessive privileges are used to move through environments). \* **Speed matters**: In real intrusions, privilege escalation can happen fast---sometimes in under 40 minutes---which is why just-in-time controls are critical. ## Privileged Access Management Explained PAM is the practice of tightly restricting elevated access to only the people, processes, and systems that truly need it---and only for the time and scope required. * IAM answers "who are you?" * PAM answers "what can you do when it really matters?" PAM creates a controlled layer between an identity and the sensitive resources it administers, ensuring privileged credentials aren't exposed, reused, or sitting unprotected on endpoints. ### Who (and What) is "Privileged" Now? "Privileged" no longer means only IT admins. It includes: * **Humans**: IT admins, help desk, DBAs, security engineers, and high-privilege business users (finance, HR, marketing platforms). * **Non-human identities**: service accounts, application accounts, automation scripts, CI/CD pipelines, cloud workloads, API keys, and SSH keys. These identities often bypass traditional controls and are prime targets for [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown), credential theft, and "living-off-the-land" abuse. ## Why PAM Is Critical Today The traditional network perimeter has dissolved, replaced by a complex ecosystem of cloud services, remote workforces, and interconnected APIs. This shift has turned identity into the new perimeter, making privileged accounts the most lucrative targets for modern adversaries. ### Defending Against Credential-Based Attacks Threat actors prioritize privileged credentials because they provide a direct path to [data exfiltration](https://www.paloaltonetworks.com/cyberpedia/data-exfiltration?ts=markdown) and system sabotage. According to the [2025 Unit 42 Global Incident Response Report](https://www.paloaltonetworks.com/resources/research/2025-incident-response-report?ts=markdown), 66% of social engineering attacks specifically target privileged accounts. By securing these credentials in a hardened vault, PAM prevents attackers from using simple phishing or brute-force tactics to gain high-level access. ### Meeting Compliance and Regulatory Mandates Strict regulatory frameworks like [GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown), [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown), and [PCI DSS](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown) require organizations to demonstrate granular control over sensitive data. PAM provides the necessary documentation through automated logging and session reporting. This ensures that every administrative action is traceable to a specific individual, satisfying audit requirements and reducing the risk of heavy non-compliance fines. ### Unit 42 Insight: The Speed of Privilege Escalation Palo Alto Networks [Unit 42 researchers](https://unit42.paloaltonetworks.com/) have observed that threat actors can move from initial access to full domain administrator status in under 40 minutes. This speed is often achieved using "living-off-the-land" techniques that exploit legitimate system tools. PAM halts this rapid escalation by requiring just-in-time approval and [multi-factor authentication](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication?ts=markdown) for any attempt to elevate permissions. ### The Shift to Zero Standing Privileges (ZSP) Legacy PAM relied on "vaulting" static passwords. Modern security requirements have shifted toward [zero standing privileges](https://www.paloaltonetworks.com/cyberpedia/zero-standing-privileges?ts=markdown), where no identity has permanent administrative rights. Instead, access is granted dynamically through [Just-in-Time (JIT)](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown) elevation and revoked immediately upon task completion. ## How PAM Works PAM functions as a centralized gateway that manages the entire lifecycle of a privileged session. It replaces insecure practices, such as storing passwords in spreadsheets or shared files, with a programmatic and highly audited workflow. ### Discovery and Inventory of Privileged Assets The first phase of a PAM program involves scanning the environment to identify every account with elevated rights. This includes local admin accounts, domain admins, and "shadow" accounts created for temporary projects but never deleted. Establishing a complete inventory is the only way to ensure no "backdoors" remain open for attackers. ### The Secure Vaulting Mechanism Once discovered, privileged credentials are stored in a secure, encrypted vault. Instead of users knowing the actual password, the PAM system provides a temporary token or "injects" the credential directly into the session. This prevents the password from ever residing in the memory of a potentially compromised workstation. ### Session Monitoring and Recording Every time a user accesses a critical system through a PAM gateway, the session is recorded and monitored in real time. This creates a forensic audit trail that can be used to investigate incidents or verify that administrators are following established protocols. Advanced systems can even use [behavioral analytics](https://www.paloaltonetworks.com/cyberpedia/what-is-user-entity-behavior-analytics-ueba?ts=markdown) to automatically terminate a session if suspicious activity is detected. ## Core Pillars of Modern PAM Strategy A mature PAM strategy goes beyond simple password management. It integrates deep security principles aligned with a [zero trust](https://www.paloaltonetworks.com/cyberpedia/what-is-zero-trust-network-access-2-0?ts=markdown) philosophy. ### The Principle of Least Privilege (PoLP) The [principle of least privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege?ts=markdown) (PoLP) ensures that users are granted the minimum level of access required to perform their job. If a technician only needs to restart a service, they should not have the authority to delete the entire database. PAM enforces this by segmenting permissions based on specific roles and tasks. ### Just-in-Time (JIT) Access JIT access eliminates "standing privileges"---access rights that remain active at all times. Instead, privileges are granted only when a specific task is requested and expire immediately upon completion. This significantly narrows the window of opportunity for an attacker to exploit a valid account. ### Privileged Identity Management for Machine Identities Non-human identities, such as those used by [DSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown) tools or automated [CI/CD pipelines](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown), often hold vast permissions. Modern PAM strategies include [secrets management](https://www.paloaltonetworks.com/cyberpedia/secrets-management?ts=markdown) to secure the API keys and SSH keys used by these machines, preventing them from being hard-coded in plain-text scripts. ### Strategic PAM Implementation Framework The table below synthesizes essential PAM controls with strategic implementation steps to help organizations achieve greater resilience against credential-based threats. | **Control Category** | **Critical Security Objective** | **Implementation Best Practices** | |------------------------------------|----------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | **Network \& Core Infrastructure** | Eliminate irreversible network takeover attacks. | **Isolate access**: Secure Tier 0 and Tier 1 assets (e.g., Domain Controllers) via hardened jump servers. Enforce MFA: Mandate multi-factor authentication for every administrative login without exception. | | **Infrastructure Accounts** | Control and secure foundational system accounts. | **Centralize vaulting**: Move all well-known administrative accounts into a digital vault. Automate rotation: Configure passwords to rotate automatically after every use to prevent credential reuse. | | **Endpoint Security** | Limit lateral movement across the enterprise. | **Remove local admins**: Strip administrative rights from standard IT Windows workstations. **Stop credential theft**: Use endpoint protections to prevent harvesting of clear-text passwords from memory. | | **Application \& COTS Security** | Protect credentials for third-party applications. | **Eliminate hardcoding**: Remove plain-text credentials from configuration files. **Vault app identities**: Use programmatic interfaces to fetch secrets for commercial off-the-shelf (COTS) applications. | | **Unix/Linux Environment** | Manage and secure \*NIX SSH keys. | **Key rotation**: Vault all SSH key-pairs on production servers. **Routine management**: Treat SSH keys with the same lifecycle rigor as traditional passwords, rotating them on a set schedule. | | **DevOps \& Cloud Secrets** | Defend secrets in automated pipelines and the cloud. | **Secure CI/CD**: Vault secrets used by tools like Ansible, Jenkins, and Docker. **Dynamic secrets**: Enable tools to retrieve credentials on the fly, ensuring they are ephemeral and automatically managed. | | **SaaS \& Business Users** | Secure SaaS admins and high-privilege business users. | **Identity isolation**: Isolate all access to shared business IDs (e.g., social media or finance portals). Conditional access: Apply strict MFA and device-health checks before granting access to SaaS dashboards. | | **Governance \& Validation** | Verify defense effectiveness against real-world attacks. | **Red Team exercises**: Invest in periodic simulations to test the strength of PAM controls. **Continuous auditing**: Use session logs to identify "shadow admins" and refine access control policies. | ## Examples of Privileged Access ### Human Privileged Access * **Super user account**: A powerful account used by IT system administrators that can be used to make configurations to a system or application, add or remove users or delete data. * **Domain administrative account**: An account providing privileged administrative access across all workstations and servers within a network domain. These accounts are typically few in number, but they provide the most extensive and robust access across the network. The phrase "Keys to the IT Kingdom" is often used to refer to the privileged nature of certain administrator accounts and systems. * **Local administrative account**: This account is located on an endpoint or workstation and uses a username and password. It helps people access and modify their local machines or devices. * **Secure socket shell (SSH) key**: SSH keys are heavily used as access control protocols that provide direct root access to critical systems. Root is the username or account that, by default, has access to all commands and files on a Linux or other Unix-like operating system. * **Emergency account**: This account grants users administrative access to secure systems in the event of an emergency. It is sometimes referred to as a firecall or break-glass account. * **Privileged business user**: Is someone who works outside of IT, but has access to sensitive systems. This could include someone who needs access to finance, human resources (HR) or marketing systems. ### Non-Human Privileged Access * **Application account**: A privileged account that's specific to the application software and is typically used to administer, configure or manage access to the application software. * **Service account**: An account that an application or service uses to interact with the operating system. Services use these accounts to access and make changes to the operating system or the configuration * **SSH key**: (As outlined above). SSH keys are also used by automated processes. * **Secret** : Used by development and operations (DevOps) teams often as a catch-all term that refers to SSH keys, application programming interface (API) keys, and other credentials used by [DevOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devops?ts=markdown) teams to provide privileged access. ## PAM Best Practices Effective PAM implementation requires a phased approach that prioritizes high-risk assets first. | **Best Practice** | **Implementation Action** | **Strategic Benefit** | |--------------------------|----------------------------------------------------------|-------------------------------------------------| | **Inventory Identities** | Map all human, service, and machine accounts. | Eliminates "shadow" privileged accounts. | | **Enforce MFA** | Require multifactor authentication for all vault access. | Blocks 99% of automated credential attacks. | | **Session Isolation** | Use a jump server to isolate administrative sessions. | Prevents malware from jumping to Tier 0 assets. | | **Rotate Secrets** | Automate password and SSH key rotation. | Limits the lifespan of stolen credentials. | | **Scope Privileges** | Use attribute-based access control (ABAC). | Ensures access is context-aware and time-bound. | ## Common PAM Challenges and How to Solve Them Despite its benefits, PAM implementation can face hurdles ranging from technical complexity to user resistance. Addressing these proactively is key to a successful deployment. ### Overcoming Admin Friction with Seamless Workflows Administrators often view PAM as a hindrance to their speed. To solve this, organizations should prioritize solutions that offer a positive user experience, such as single sign-on (SSO) integration and automated approval workflows. When security tools are easy to use, "workarounds" that bypass security are less likely to occur. ### Solving the "Shadow Admin" Problem Users often grant themselves or colleagues temporary high-level access for troubleshooting and then forget to revoke it. Automated discovery and regular[access control](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) reviews are essential for identifying and cleaning up unauthorized permissions. ### Integrating PAM with Zero Trust Architecture PAM should not exist in a silo. It must integrate with broader security ecosystems, including [secure remote access](https://www.paloaltonetworks.com/cyberpedia/secure-remote-access-understand-how-to-protect-remote-employees?ts=markdown) platforms and SIEM tools. This ensures that identity signals are correlated across the entire network, allowing for faster detection of compromised credentials. ## Use Cases \& Real-World Scenarios According to [Unit 42 research](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown), threat actors favor previously compromised credentials purchased from initial access brokers. PAM is the primary defense against this tactic. * **Securing the Software Supply Chain**: PAM manages secrets used by DevOps pipelines. This prevents attackers from stealing hardcoded credentials to inject malicious code into software updates. * **Mitigating [Insider Threats](https://www.paloaltonetworks.com/cyberpedia/insider-threat?ts=markdown)**: By enforcing role-based access and monitoring sessions, PAM prevents disgruntled or compromised employees from accessing unauthorized datasets. * [**Ransomware Prevention**](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do?ts=markdown): [Unit 42's 2025 Incident Response Report](https://www.paloaltonetworks.com/resources/research/2025-incident-response-report?ts=markdown) highlights that social engineering often targets help desks to reset administrative passwords. PAM prevents these resets from leading to full network takeover by requiring MFA and approval workflows for all sensitive accounts. ## Emerging Trends: Where PAM Is Going The PAM landscape is evolving to address AI-driven threats and the need for even more frictionless security. ### AI-Driven Behavioral Analytics in PAM [Machine learning](https://www.paloaltonetworks.com/cyberpedia/machine-learning-ml?ts=markdown) models are now being used to establish behavioral baselines for privileged users. If an admin who typically logs in from London suddenly attempts to access a sensitive database from a new location at 3:00 AM, the system can trigger an immediate "step-up" authentication challenge or terminate the session entirely. ### Moving Toward Passwordless Privileged Access The ultimate goal of modern identity security is to eliminate passwords. By using biometrics, hardware security keys, and cryptographic passkeys, organizations can remove the risk of credential theft. Passwordless PAM ensures that even if an attacker intercepts a login attempt, they have no "secret" to steal. ### Convergence of IAM, IGA, and PAM The lines between different identity disciplines are blurring. Organizations are moving toward a unified "Identity Fabric" in which general access, governance, and privileged management are handled by a single, cohesive policy engine. This reduces complexity and provides a holistic view of risk across the entire enterprise. ## Privileged Access Management FAQs ### How does PAM differ from standard Identity and Access Management (IAM)? IAM manages the identity and basic access for all users in an organization, focusing on day-to-day tasks. PAM is a specialized subset of IAM that focuses exclusively on the high-risk, elevated permissions required to manage infrastructure, sensitive data, and administrative configurations. ### Is PAM only necessary for large enterprises? No. Small and medium-sized businesses are often targeted because they lack robust identity controls. Any organization that manages sensitive customer data or critical infrastructure needs a PAM strategy to prevent unauthorized access. ### Can PAM protect against insider threats? Yes. By enforcing the principle of least privilege and recording every session, PAM makes it much more difficult for a malicious insider to abuse their authority without being detected. It also prevents "accidental" damage by limiting what a user can do. ### What is the difference between PAM and PIM? Privileged Identity Management (PIM) is often used interchangeably with PAM, but it specifically focuses on identity management. PAM is a broader term that encompasses the tools, processes, and policies used to secure the actual access those identities have. ### Does PAM work in cloud environments? Modern PAM solutions are cloud-native or hybrid, designed to secure access to AWS, Azure, and Google Cloud consoles as well as the virtual machines and containers running within them. This is often referred to as Cloud Infrastructure Entitlement Management (CIEM). ### How does PAM help with regulatory compliance? Regulations such as PCI DSS, HIPAA, and GDPR require strict controls over who can access sensitive data. PAM provides the logs and session recordings necessary to prove to auditors that only authorized individuals accessed regulated systems. ### What are "Standing Privileges"? Standing privileges are permissions that are always "on." If a user has an admin account they use once a week, but the account is active 24/7, that is a standing privilege. PAM mitigates this risk by enabling the privilege only when it is requested. Related Content [What is Least Privilege Access? **Awareness**: Learn how the principle of least privilege serves as the foundation for any robust PAM strategy.](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown) [Prisma Access Privileged Remote Access **Consideration**: Explore how to secure administrative access to critical infrastructure without a VPN.](https://docs.paloaltonetworks.com/prisma-access/administration/privileged-remote-access) [Unit 42 2025 Incident Response Report **Decision**: See real-world data on how credential theft drives breaches and why PAM is a critical defense.](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) [Identity and Access Management Guide **Awareness**: Understand the broader IAM framework and how PAM fits into your enterprise security architecture.](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20Privileged%20Access%20Management%20%28PAM%29%3F&body=Secure%20your%20%22keys%20to%20the%20kingdom%22%20with%20Privileged%20Access%20Management%20%28PAM%29.%20Learn%20how%20to%20monitor%20and%20control%20elevated%20access%20to%20prevent%20credential-based%20attacks.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-privileged-access-management) Back to Top [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-just-in-time-access-jit?ts=markdown) What Is Just-In-Time Access? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language