[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/ai-security?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Next-Gen Trust Security](https://www.paloaltonetworks.com/network-security/next-gen-trust-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-security-solution?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection and Response (CDR)](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection and Response (CDR)](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg) Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.paloaltonetworks.com/deploybravely?ts=markdown) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Identity Security](https://www.paloaltonetworks.com/cyberpedia/identity-security?ts=markdown) 3. [Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown) 4. [TLS Decryption](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption?ts=markdown) Table of Contents * [Machine Identity Security: The Definitive Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis?ts=markdown) * [Machine Identity Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#machine?ts=markdown) * [Four Pillars of Machine Identity Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#four?ts=markdown) * [Machine Identity in the Attacker Workflow: Unit 42 Observations](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#observations?ts=markdown) * [Cloud Security Implications and Identity Sprawl](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#cloud?ts=markdown) * [Implementing a Machine Identity Security Program](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#program?ts=markdown) * [Machine Identity Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity-security-mis#faqs?ts=markdown) * [What Is Workload Identity? Securing Non-Human Identities](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity?ts=markdown) * [Workload Identity Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#workload?ts=markdown) * [The Core Components of Workload Identity Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#core?ts=markdown) * [Workload Identity in the Zero Trust Framework](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#framework?ts=markdown) * [Disrupting the Attack Lifecycle with Workload Identity](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#disrupting?ts=markdown) * [Workload Identity and the AI Agent Security Challenge](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#challenge?ts=markdown) * [Workload Identity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-workload-identity#faqs?ts=markdown) * [What Is a Non-Human Identity (NHI)? Machine Identity Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown) * [Non-Human Identity Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#explained?ts=markdown) * [The Critical Distinction: Standing vs. Non-Standing Privileges](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#privileges?ts=markdown) * [Lateral Movement and Attacker Workflow](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#lateral?ts=markdown) * [Non-Human Identity and Zero Trust Alignment](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#alignment?ts=markdown) * [CIEM, IAM, and PAM Relationships in NHI Security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#security?ts=markdown) * [Strategic Management and Testing of NHIs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#strategic?ts=markdown) * [Non-Human Identity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity#faqs?ts=markdown) * What Is a TLS Decryption? Methods, Risks \& Best Practices * [TLS Decryption Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#explain?ts=markdown) * [How TLS Decryption Works](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#how?ts=markdown) * [Methods of Decryption: Passive vs. Active](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#methods?ts=markdown) * [The Role of TLS Decryption in Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#role?ts=markdown) * [Technical Challenges: TLS 1.3 and Performance](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#challenges?ts=markdown) * [Operational Best Practices and Privacy](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#operational?ts=markdown) * [TLS Decryption FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#faqs?ts=markdown) * [What Is a TLS/SSL Port? Port 443 and HTTPS Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port?ts=markdown) * [TLS/SSL Ports Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#explained?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#examples?ts=markdown) * [Secure vs. Unsecured Port Comparison](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#vs?ts=markdown) * [TLS/SSL Port FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port#faqs?ts=markdown) * [What Is a Self-Signed Certificate? Risks, Uses \& Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate?ts=markdown) * [Self-Signed Certificates Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#explained?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#examples?ts=markdown) * [How It Works](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#how?ts=markdown) * [Self-Signed Certificate Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#best?ts=markdown) * [Risks \& Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#challenges?ts=markdown) * [Unit 42 Intelligence: Attack Patterns](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#patterns?ts=markdown) * [Self-Signed Certificates FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-self-signed-certificate#faqs?ts=markdown) * [What Is TLS Certificate Renewal? Process, Risks \& Automation](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal?ts=markdown) * [TLS Certificate Renewal: The Shift from Maintenance to Mission-Critical](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#certificate?ts=markdown) * [Why the 47-Day Mandate Redefines Renewal Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#mandate?ts=markdown) * [The Technical Lifecycle of a TLS Renewal](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#technical?ts=markdown) * [Critical Risks: The High Cost of Renewal Failure](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#critical?ts=markdown) * [Best Practices for Enterprise-Scale Renewal](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#best?ts=markdown) * [Overcoming Common Renewal Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#common?ts=markdown) * [TLS Certificate Renewal FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-renewal#faqs?ts=markdown) * [What Is PKI? Public Key Infrastructure \& Authentication Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-pki?ts=markdown) * [Key Data: Threats and Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#key?ts=markdown) * [Why PKI Matters for Modern Organizations](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#why?ts=markdown) * [How PKI Works: The Asymmetric Model](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#how?ts=markdown) * [Key Components of a PKI Framework](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#key?ts=markdown) * [Common Risks and Implementation Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#common?ts=markdown) * [PKI Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#best?ts=markdown) * [PKI in a Zero Trust Architecture](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#architecture?ts=markdown) * [Public Key Infrastructure (PKI) FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-pki#faqs?ts=markdown) * [What Is the TLS Handshake? Process, Steps, and Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake?ts=markdown) * [The Strategic Importance of the TLS Handshake](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#importance?ts=markdown) * [How the TLS Handshake Works: Step-by-Step](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#how?ts=markdown) * [TLS 1.2 vs. TLS 1.3: Evolution of Speed and Security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#vs?ts=markdown) * [The Role of Cipher Suites and Digital Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#role?ts=markdown) * [Identifying and Resolving TLS Handshake Failures](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#failures?ts=markdown) * [Advanced Security: TLS Fingerprinting and Threat Detection](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#advanced?ts=markdown) * [TLS Handshake Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#best?ts=markdown) * [TLS Handshake FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake#faqs?ts=markdown) * [What Is the TLS Certificate Lifecycle? Implementation Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle?ts=markdown) * [TLS Certificate Lifecycle Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#tls?ts=markdown) * [The 6 Core Stages of the TLS Certificate Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#core?ts=markdown) * [Why TLS Certificate Lifecycle Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#why?ts=markdown) * [Key Causes of Certificate Failure](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#key?ts=markdown) * [Validation Checks: CRL and OCSP](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#validation?ts=markdown) * [How Automation Improves TLS Certificate Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#how?ts=markdown) * [TLS Certificate Lifecycle and Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#tls?ts=markdown) * [TLS Certificate Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-certificate-lifecycle#faqs?ts=markdown) * [What Is Certificate Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management?ts=markdown) * [Certificate Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#certificate?ts=markdown) * [Core Capabilities of Certificate Management](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#core?ts=markdown) * [Common Challenges: The "Red Flag" Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#challenges?ts=markdown) * [How Certificate Management Supports Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#how?ts=markdown) * [Implementation Roadmap: Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#implementation?ts=markdown) * [Certificate Management vs. TLS Certificate Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#certificate?ts=markdown) * [Certificate Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-management#faqs?ts=markdown) * [What Is Cert-Manager? Kubernetes Certificate Management Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager?ts=markdown) * [cert-manager Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#explained?ts=markdown) * [Core Components: Issuers and Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#core?ts=markdown) * [1. Issuers and ClusterIssuers](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#issuers?ts=markdown) * [2. Certificates](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#certificates?ts=markdown) * [How cert-manager Automates Machine Identity](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#how?ts=markdown) * [Common Compatible Cloud Platforms](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#common?ts=markdown) * [Zero Trust and Kubernetes Security Alignment](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#alignment?ts=markdown) * [Integrating cert-manager into DevSecOps Workflows](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#workflows?ts=markdown) * [Benefits for DevSecOps Teams](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#benefits?ts=markdown) * [cert-manager FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cert-manager#faqs?ts=markdown) * [TLS/SSL Offloading: Definition \& Decision Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading?ts=markdown) * [TLS/SSL Offloading Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#offloading?ts=markdown) * [SSL Termination vs. SSL Bridging](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#vs?ts=markdown) * [Key Differences in Workflow](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#key?ts=markdown) * [Unit 42 Perspective: Risks of Uninspected Traffic](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#unit42?ts=markdown) * [Benefits for Security and Infrastructure Teams](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#benefits?ts=markdown) * [CISO Decision Checklist: SSL Termination vs. SSL Bridging for Compliance](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#ciso?ts=markdown) * [Detailed CISO Decision Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#checklist?ts=markdown) * [Summary Recommendation for CISOs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#summary?ts=markdown) * [TLS/SSL Offloading FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-ssl-offloading#faqs?ts=markdown) * [What Is an X.509 Certificate? Definition, Standards, and Role](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate?ts=markdown) * [X.509 Certificates Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#page-anchor?ts=markdown) * [The Anatomy Of An X.509 Certificate](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#anatomy?ts=markdown) * [Important X.509 v3 Extensions](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#page-anchor?ts=markdown) * [The X.509 Trust Hierarchy And Chain](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#hierarchy?ts=markdown) * [Machine Identity And Management Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#identity?ts=markdown) * [Risks Of Poor Certificate Management](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#risks?ts=markdown) * [Zero Trust And X.509 Alignment](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#alignment?ts=markdown) * [How Does X.509 Support Zero Trust?](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#support?ts=markdown) * [X.509 Certificate FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-x509-certificate#page-anchor?ts=markdown) * [What Is Certificate Validation? Guide to Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation?ts=markdown) * [Certificate Validation Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#validation?ts=markdown) * [The Role of Certificate Authorities and the Chain of Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#role?ts=markdown) * [The Hierarchy of Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#trust?ts=markdown) * [The Sequence of the Validation Process](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#process?ts=markdown) * [Types of Certificate Validation Levels](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#levels?ts=markdown) * [Unit 42 Insights: The Risk of Identity Exposure](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#insight?ts=markdown) * [Threat Behavior Observations](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#behavior?ts=markdown) * [Troubleshooting Common Validation Failures](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#troubleshoot?ts=markdown) * [Certificate Validation FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-validation#certificate?ts=markdown) * [What Is Certificate Pinning? Benefits, Risks \& Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning?ts=markdown) * [Certificate Pinning Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#certificate?ts=markdown) * [How Certificate Pinning Works](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#how?ts=markdown) * [Listiche: Key Stages of a Pinning Failure](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#key?ts=markdown) * [Types of Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#types?ts=markdown) * [Listiche: Static vs. Dynamic Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#static?ts=markdown) * [Why Pinning Is Essential for Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#why?ts=markdown) * [Certificate Pinning vs. Standard SSL/TLS](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#certificate?ts=markdown) * [Benefits of Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#benefits?ts=markdown) * [Risks and Limitations of Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#risks?ts=markdown) * [When to Use Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#when?ts=markdown) * [When to Avoid Certificate Pinning](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#when?ts=markdown) * [Certificate Pinning Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#certificate?ts=markdown) * [Certificate Pinning and Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#identity?ts=markdown) * [FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-certificate-pinning#faqs?ts=markdown) * [What is Cloud Workload Security? Protection \& Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security?ts=markdown) * [Cloud Workload Security Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#cloud?ts=markdown) * [Why Cloud Workload Security Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#why?ts=markdown) * [Key Components of a Cloud Workload Security Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#key?ts=markdown) * [Use Cases \& Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#use-cases?ts=markdown) * [Cloud Workload Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#practices?ts=markdown) * [Benefits of Strong Cloud Workload Security](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#practices?ts=markdown) * [Cloud Workload Security FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-workload-security#faqs?ts=markdown) * [What Is ACME Protocol?](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol?ts=markdown) * [ACME Protocol Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#dora?ts=markdown) * [How The ACME Protocol Works](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#how?ts=markdown) * [ACME Across The Machine Identity Lifecycle](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#across?ts=markdown) * [ACME Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#challenges?ts=markdown) * [Why ACME Matters For Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#why?ts=markdown) * [Implementation Patterns](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#implementation?ts=markdown) * [Real World Evidence](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#world?ts=markdown) * [Where ACME Secrets Leak In Real Life](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#where?ts=markdown) * [ACME Protocol FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-acme-protocol#faq?ts=markdown) * [What is SPIFFE? Universal Workload Identity Framework Guide](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe?ts=markdown) * [SPIFFE Explained: Solving the Workload Identity Problem](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#explained?ts=markdown) * [Core Components of the SPIFFE Standard](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#core?ts=markdown) * [The SPIFFE Workload API](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#workload?ts=markdown) * [Why Traditional Secret Management Fails in Cloud-Native Environments](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#why?ts=markdown) * [The Problem of "Secret Zero"](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#problem?ts=markdown) * [Vulnerabilities of Static Credentials and Long-Lived Tokens](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#tokens?ts=markdown) * [IP-Based Security vs. Identity-Based Security](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#vs?ts=markdown) * [How SPIFFE Implementation Works: The Attestation Process](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#how?ts=markdown) * [The Role of SPIRE as the Reference Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#role?ts=markdown) * [Critical Use Cases for Enterprise Security](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#critical?ts=markdown) * [SPIFFE FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-spiffe#faqs?ts=markdown) * [What Is an SSL Stripping Attack?](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack?ts=markdown) * [Why SSL Stripping Belongs in Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#why?ts=markdown) * [SSL Stripping Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#sslstripping?ts=markdown) * [How SSL Stripping Works](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#how?ts=markdown) * [Where SSL Stripping Happens](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#where?ts=markdown) * [Signs of SSL Stripping](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#where?ts=markdown) * [Identity-Focused Impact](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#identity?ts=markdown) * [Machine Identity Security Impact](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#machine?ts=markdown) * [How to Prevent SSL Stripping](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#howto?ts=markdown) * [SSL Stripping Prevention Checklist](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#checklist?ts=markdown) * [SSL Stripping FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ssl-stripping-attack#faqs?ts=markdown) * [What Is a Machine Identity?](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity?ts=markdown) * [How Do Machine Identities Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#how?ts=markdown) * [Machine Identity Management (MIM) vs. Human IAM](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#vs?ts=markdown) * [Architecture Components and Identity Types](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#types?ts=markdown) * [Secrets Management vs. Machine Identity Management](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#secrets?ts=markdown) * [Lateral Movement and Attacker Workflow](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#workflow?ts=markdown) * [Cloud Security Implications and CIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#ciem?ts=markdown) * [Implementation Steps for Machine Identity Security](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#implementation?ts=markdown) * [Machine Identity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-machine-identity#faqs?ts=markdown) # What Is TLS Decryption? 3 min. read [Explore Identity Security](https://www.paloaltonetworks.com/identity-security?ts=markdown) Table of Contents * * [TLS Decryption Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#explain?ts=markdown) * [How TLS Decryption Works](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#how?ts=markdown) * [Methods of Decryption: Passive vs. Active](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#methods?ts=markdown) * [The Role of TLS Decryption in Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#role?ts=markdown) * [Technical Challenges: TLS 1.3 and Performance](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#challenges?ts=markdown) * [Operational Best Practices and Privacy](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#operational?ts=markdown) * [TLS Decryption FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#faqs?ts=markdown) 1. TLS Decryption Explained * * [TLS Decryption Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#explain?ts=markdown) * [How TLS Decryption Works](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#how?ts=markdown) * [Methods of Decryption: Passive vs. Active](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#methods?ts=markdown) * [The Role of TLS Decryption in Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#role?ts=markdown) * [Technical Challenges: TLS 1.3 and Performance](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#challenges?ts=markdown) * [Operational Best Practices and Privacy](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#operational?ts=markdown) * [TLS Decryption FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption#faqs?ts=markdown) TLS Decryption is the security process of intercepting and unscrambling encrypted data as it travels across a network to inspect it for malicious content. By temporarily "breaking" the encryption envelope, security tools can analyze the plaintext payload for threats like malware, data exfiltration, or command-and-control (C2) communications that would otherwise stay hidden within an encrypted tunnel. Key Points * **Threat Visibility**: Unmasks hidden malware and exploits lurking in encrypted HTTPS traffic. \* **Data Protection**: Prevents sensitive information from being leaked through encrypted channels. \* **Policy Enforcement**: Enables granular control over web applications and user activities. \* **Performance Balancing**: Requires dedicated hardware or optimized software to minimize network latency. \* **Privacy Compliance**: Needs careful configuration to bypass sensitive traffic like healthcare or banking data. ## TLS Decryption Explained In a modern enterprise, over [90% of web traffic is encrypted](https://live.paloaltonetworks.com/t5/community-blogs/ssl-decryption-ai-training-and-data-privacy-separating-fact-from/ba-p/1238069) using [transport layer security (TLS)](https://www.paloaltonetworks.com/cyberpedia/what-is-zero-trust?ts=markdown). While encryption is vital for privacy, it creates a massive blind spot for security teams. Threat actors frequently use this same encryption to bypass legacy firewalls, delivering payloads or stealing data without detection. TLS decryption acts as a "security checkpoint." It allows a security device, such as a [next-generation firewall (NGFW)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-next-generation-firewall-ngfw?ts=markdown), to act as a middleman. The device decrypts the traffic, scans it using threat prevention engines, and, if safe, re-encrypts it before sending it to the final destination. This ensures that the benefits of encryption remain intact for the journey across the public internet while maintaining [network security](https://www.paloaltonetworks.com/cyberpedia/what-is-network-segmentation?ts=markdown) at the perimeter. ![Diagram titled “The Break and Inspect Flow” showing how a firewall intercepts and inspects encrypted traffic between a user and a web server. On the left, an orange user icon sends a “Client Hello” message toward an orange firewall in the center. The firewall then communicates with a blue web server on the right through a “Server Hello” exchange. Curved steel gray traffic lines beneath the icons show the SSL/TLS session being broken, inspected, and re-established, with labels indicating “SSL/TLS Break” and “Inspection and Security Policy Applied.” The illustration emphasizes the firewall’s role in decrypting, inspecting, and securing traffic before it reaches the server.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-tls-decryption.png "Diagram titled “The Break and Inspect Flow” showing how a firewall intercepts and inspects encrypted traffic between a user and a web server. On the left, an orange user icon sends a “Client Hello” message toward an orange firewall in the center. The firewall then communicates with a blue web server on the right through a “Server Hello” exchange. Curved steel gray traffic lines beneath the icons show the SSL/TLS session being broken, inspected, and re-established, with labels indicating “SSL/TLS Break” and “Inspection and Security Policy Applied.” The illustration emphasizes the firewall’s role in decrypting, inspecting, and securing traffic before it reaches the server.") *Figure 1: The "Break and Inspect" Flow* ## How TLS Decryption Works The process generally follows a "Break and Inspect" model. When a user attempts to connect to a secure website, the decryption-capable device intercepts the request. ### The Decryption Workflow 1. **Interception**: The firewall intercepts the client's request to a server. 2. **Proxy Handshake**: The firewall establishes a secure connection with the destination server on behalf of the client. 3. **Certificate Generation**: The firewall generates a new certificate for the destination hostname, signed by the organization's internal Certificate Authority (CA), and presents it to the client. The client trusts this certificate because the internal CA is in its trust store. 4. **Inspection**: The firewall decrypts the incoming traffic from the server, scans for threats, and applies security policies. 5. **Re-encryption**: Clean traffic is re-encrypted and sent to the client. | Feature | Inbound Decryption | Outbound Decryption (Forward Proxy) | | Primary Use | Protecting internal servers/web apps | Protecting internal users visiting the web | | Control | The organization owns the server certificates | The organization uses a trusted internal CA | | Threat Focus | Exploits against web servers | Malware downloads and data exfiltration | |--------------|-----------------------------------------------|---------------------------------------------| ## Methods of Decryption: Passive vs. Active Organizations must choose between passive and active methods based on their specific visibility and performance requirements. ### 1. Passive Decryption (Mirroring) Passive decryption involves out-of-band inspection. The security tool receives a copy of the traffic, which is sent along with the server's private key (for non-PFS ciphers), allowing it to decrypt and inspect without adding latency to the live flow. ### 2. Active Decryption (Forward Proxy) Active decryption is the standard for modern [identity security](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-security?ts=markdown) and threat prevention. The security device sits inline, meaning it can actively block threats in real-time. ### 3. Endpoint-Based Inspection Instead of a network device, software agents on the user's device perform the inspection. While this offers granular visibility, it can be resource-intensive and difficult to manage across a diverse device fleet. ## The Role of TLS Decryption in Zero Trust TLS decryption can complement [zero trust](https://www.paloaltonetworks.com/cyberpedia/what-is-zero-trust?ts=markdown) architectures by adding content inspection to identity-based controls. You gain visibility into what's happening inside encrypted sessions, which identity alone cannot provide. * **Enforcing Least Privilege**: Decryption enables the firewall to view the specific URLs and applications, supporting more precise web filtering and access policies. * **Preventing Lateral Movement**: Attackers often utilize encrypted channels to move between systems. Decryption helps identify these threat behaviors inside the network. * **Continuous Monitoring**: Decryption can extend inspection to encrypted traffic that would otherwise be invisible to network controls, subject to policy-based bypass for sensitive or regulated traffic. ## Technical Challenges: TLS 1.3 and Performance The transition to TLS 1.3 has introduced complexities. Unlike previous versions, TLS 1.3 encrypts the [handshake process](https://www.paloaltonetworks.com/cyberpedia/what-is-a-tls-handshake?ts=markdown) itself and mandates the use of PFS. Performance Impact Factors * **CPU Overhead**: Decrypting and re-encrypting traffic is mathematically intensive. * **Latency**: Every "break and inspect" step adds milliseconds to the round-trip time. * **Scale**: As encrypted traffic volume grows, hardware must be sized correctly to avoid becoming a bottleneck. ### Solutions to Performance Issues 1. **Hardware Acceleration**: Using dedicated chips (ASICs) to handle cryptographic operations. 2. **Selective Decryption**: Only decrypting high-risk traffic categories while bypassing trusted sites. 3. **Dedicated Decryption Brokers**: Offloading decryption tasks to a specialized device that feeds plaintext to multiple security tools. ## Operational Best Practices and Privacy Implementing TLS decryption requires a balance between security and the legal right to privacy. ### Strategic Implementation Steps * **Define Bypass Lists**: Never decrypt traffic for sensitive categories like Finance, Healthcare, or Government. This maintains compliance with regulations like HIPAA and GDPR. * **Internal CA Distribution**: Ensure the internal CA certificate is pushed to all managed devices to avoid "Untrusted Connection" warnings for users. * **Start Small**: Begin with a subset of users or specific high-risk URL categories (e.g., "Newly Registered Domains") before a full-scale rollout. * **Audit and Monitor**: Regularly review decryption logs to ensure the system isn't breaking critical business applications. ## TLS Decryption FAQs ### Is TLS decryption a Man-in-the-Middle (MITM) attack? Technically yes. TLS decryption uses the same mechanics as a man-in-the-middle attack, but performed by an authorized security gateway. This approach has real tradeoffs: it breaks end-to-end encryption between client and destination, creates a high-value target in the inspection device, and can conflict with certificate pinning. These are security decisions that require deliberate policy, not just deployment. ### Does TLS decryption break privacy? It can if not configured correctly. Best practices involve using "URL Filtering" to exclude personal and sensitive categories (e.g., banking) from the decryption process. ### Why do I need decryption if I have an antivirus? Antivirus software on the endpoint is one layer of defense, but many attacks happen at the network level or target devices (like IoT) that cannot run antivirus. Decryption provides a centralized "net" to catch threats before they reach the device. ### What happens if a certificate is not trusted? If the client does not trust the CA certificate used by the firewall to sign the emulated certificates, the browser will display a high-risk security warning and may block access to the site. ### Can TLS 1.3 be decrypted? Yes, but it requires the security gateway to support the latest protocol standards and participate in the handshake as a proxy. Passive, out-of-band decryption is no longer possible with TLS 1.3. ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Is%20a%20TLS%20Decryption%3F%20Methods%2C%20Risks%20%26%20Best%20Practices&body=Discover%20how%20TLS%20decryption%20provides%20visibility%20into%20encrypted%20traffic%20to%20stop%20hidden%20threats%2C%20while%20navigating%20privacy%20and%20performance%20challenges.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-tls-decryption) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-a-non-human-identity?ts=markdown) What Is a Non-Human Identity (NHI)? Machine Identity Security Explained [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-tsl-ssl-port?ts=markdown) What Is a TLS/SSL Port? Port 443 and HTTPS Explained {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/ai-security?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language