[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) *** ** * ** *** ![asset thumbnail](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/thumbnails/cortex-xsiam-e-book.png) Book Oct 28, 2025 # Cortex XSIAM ## The AI-Driven SecOps Platform That Goes Beyond Reactive Security Cortex XSIAM English [Preview PDF](https://www.paloaltonetworks.com/resources/ebooks/cortex-xsiam.viewer.html?ts=markdown) Download [Preview PDF](https://www.paloaltonetworks.com/resources/ebooks/cortex-xsiam.viewer.html?ts=markdown) Download ## The AI-Driven Security Operations Platform for the Modern SOC ### A Look into the Past in Order to Move Forward In the last few years, the needs of the security operations center (SOC) have changed, but the designs of the SIEM and SOC have not. The security information and event management (SIEM) category has served security operations for years with significant manual overhead and slow incremental improvement in security outcomes. Most other key pieces of the security architecture have been modernized: The endpoint moved from antivirus (AV) to endpoint detection and response (EDR) to extended detection and response (XDR); the network moved from a "hard shell" perimeter to Zero Trust and SASE; runtime moved from the data center to the cloud. In contrast, the SOC still operates on a SIEM model designed 20 years ago. ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon-grey.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon-grey.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon-grey.svg)](mailto:?subject=Cortex%20XSIAM&body=With%20XSIAM%2C%20automate%20data%20integration%2C%20analysis%2C%20and%20response%20actions%2C%20enabling%20analysts%20to%20focus%20on%20the%20incidents%20that%20matter.%20at%20https%3A//www.paloaltonetworks.com/resources/ebooks/cortex-xsiam) ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-soc.png) \*\*\*Figure 1:\**It's time for the SOC to evolve past legacy SIEMs* To that end, the SIEM market has been slow to evolve, with limited incentive for vendors to invest in significant changes to their products and solutions. There are several reasons for this technological inertia, including: * **Legacy technology:** Many SIEMs were developed over a decade ago and are often based on outdated architectures, limiting their ability to adapt to new security challenges. * **Complexity:** SIEMs are often complex to implement and manage, including the need for continuous tuning to prevent issues such as false positives or missing critical security events. As a result, vendors may be reluctant to make significant changes that could disrupt their customers' operations. * **Lack of innovation:** The SIEM market is relatively mature, and there may be limited incentive for vendors to invest in innovations. * **Integration challenges:** SIEM solutions often integrate with other security tools, such as EDR systems, intrusion detection systems (IDS), and network traffic analysis (NTA) tools. Changing the underlying technology of a SIEM solution could potentially break these integrations, making it difficult for customers to manage their security operations. * **Customization requirements:** Many organizations have customized their SIEM solutions to meet their specific needs. Making significant changes to the underlying technology could require customers to reconfigure their systems, which can be time-consuming and costly. * **Regulatory compliance:** Many organizations use SIEM solutions to meet regulatory compliance requirements so changes to a SIEM could potentially impact its ability to meet these requirements. "Security analytics platforms have over a decade of experience in data aggregation they apply to these challenges but have yet to provide IR capabilities that are sufficient at enterprise scale, forcing enterprises to prioritize alternate solutions." \-- Allie Mellen, Senior Analyst, Forrester ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-investigation.png) \*\*\*Figure 2:\**Siloed tools slow down investigation and response* #### Radically Reimagined Cybersecurity Cybersecurity has an urgent threat remediation problem. With the rapid proliferation of applications, workloads, microservices, and users, our collective digital attack surface has expanded faster than we can protect it. A byproduct of this reality is detection and prevention tools end up generating potentially thousands of alerts every day---far exceeding the volume that security teams are staffed to effectively handle. These alerts come from many disconnected sources, leaving security analysts to piece the puzzle together. Analyzing a potential threat generally requires many steps, including: 1. Reviewing available log data to start piecing together what may have occurred. 2. Manually comparing data against threat intelligence sources to determine if indicators are known to be malicious. 3. Finding information gaps and searching for available data that may indicate additional steps in an attack. 4. Checking if new information links to alerts are being handled by other team members to coordinate efforts. 5. Evaluating whether the alert needs to be escalated, discarded, or quickly remediated and closed out. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-dates.png) These steps take a lot of time and multiple tools to complete in a traditional SOC---and that's just triage. The net result is that analysts only have time to address the highest-priority alerts they come across each day. Meanwhile, a disconcerting number of lower-priority alerts aren't addressed at all. Historical incident investigations show that a collection of lower-priority alerts are actually part of a single attack, not realized by legacy threat detection platforms. Further, security analysts responsible for alert triage are often left with insufficient context to determine the real risk that an attack presents to the organization. Thus, the alert is escalated to a higher-level group for further validation, requiring even more time, labor, and resources---creating inefficiencies at all levels. With that in mind, cyber adversaries are banking on our inability to act quickly, yet most organizations are still taking hours, or even days or months, to identify and remediate threats. At the heart of our weakness lies our inability to fully leverage massive scales of data for our defense. SIEM solutions were built to facilitate alert and log management but have relied heavily on human-driven detection and remediation with bolt-on analytics and process automation only here and there. Combating today's threats requires us to radically reimagine how we run cybersecurity in our organizations using AI. The modern SOC must be built on a new architecture designed to meet the evolving needs of modern IT environments. This architecture should be flexible, scalable, adaptable, and able to integrate with a wide range of security tools and technologies. Overall, the design should consider providing: * Broad and automated data integration, analysis, and triage * Unified workflows that enable analysts to be productive * Embedded intelligence and automated response that can block attacks with minimal analyst assistance Unlike legacy security operations, the modern SOC leads with data science over massive datasets rather than human judgment and rules designed to catch yesterday's threats. #### Under the Hood of XSIAM Palo Alto Networks has been working hard to address the above limitations from current security solutions. As such, our industry needs to continually innovate to stay ahead of the security curve. Cortex XSIAM, or extended security intelligence and automation management, is a pivot toward an AI-driven architecture, built from the ground up. It's an inflection point in how we think about cybersecurity and lean into AI in areas where machines are simply built to perform better than us. It's the sum of a vision to create the autonomous security platform of the future, driving dramatically better security with near-real-time detection and response. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-first-customer.png) ***Figure 3:** At Palo Alto Networks, we're our first customer* XSIAM unifies best-in-class functions, including EDR, XDR, SOAR, CDR, ASM, UEBA, TIP, and SIEM. Built on a security-specific data model and updated continuously with Palo Alto Networks threat intelligence gathered globally across tens of thousands of customers, XSIAM uses an ML-led design to integrate massive amounts of security data. It then aggregates alerts into incidents for automated analysis and triage, and to respond to most incidents automatically, enabling analysts to focus on the few threats that require human intervention. XSIAM is already proven in production, powering Palo Alto Networks own SOC and turning over one trillion monthly events into a handful of analyst incidents daily. #### A New Paradigm to Power the Modern SOC Cortex XSIAM harnesses the power of machine intelligence and automation to radically improve security outcomes and transform the SecOps model. XSIAM puts the SOC in full control of enterprise security---endpoint to cloud---centralizing data and security functions to outpace threats, accelerate response, and dramatically streamline analyst and SOC team activities. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-highlights.png) ***Figure 4:** Cortex XSIAM highlights: a single platform does it all* Today's hybrid enterprise generates many times the security data of a few years ago. Yet the typical SOC still operates on data silos, limited cloud visibility, aging SIEM technology, and manual, human-driven processes that invite attackers to exploit their advantage. Incremental analyst headcount cannot stem the tide, and additional tooling only worsens today's complex SOC architecture and engineering maintenance burdens. The modern SOC must turn to an intelligent, machine-driven model that can block attacks from endpoint to cloud, at scale, with minimal analyst involvement and SOC engineering overhead. Cortex XSIAM is designed to address the needs of the modern SOC by harnessing the power of machine intelligence and automation to dramatically improve security outcomes and transform the manual SecOps model. This model enables the SOC to be proactive instead of reactive by delivering on the promise of machine-triaged data so the analysts can focus on unusual behavior and anomalies. XSIAM is uniquely designed to be the center of SOC activity, replacing SIEM and specialty products by unifying broad functionality into a holistic, task-oriented SecOps platform. Purpose-built with threat detection and response at its core, XSIAM centralizes, automates, and scales security operations that can fully protect the hybrid enterprise. *The human-first approach to SecOps has long since hit a wall. The modern SOC must turn to an intelligent, machine-led, human-empowered security system that delivers dramatically better protection at unprecedented scale and efficiency.* #### How It Works XSIAM is the central operations platform for the modern SOC, providing the best-in-class capabilities of EDR, XDR, SOAR, attack surface management (ASM), threat intelligence management (TIM), UEBA, SIEM, and more. But XSIAM is not a collection of disparate tools. Instead, XSIAM weaves together functions and intelligence in a task-oriented user experience and a rich incident management flow that minimizes activities and context switching to power rapid and accurate attack response. XSIAM is revolutionary in the way it operates, using intelligent automation to break from the analyst-driven model of today's security products. From data onboarding to incident management, XSIAM helps minimize the tasks of analysts and all SOC personnel so they can focus on valuable activities that the system cannot perform. #### SOC Controls for Cloud and the Hybrid Enterprise Today, most SOC teams operate on limited and siloed data, including woefully inadequate visibility to fluid cloud and internet-facing resources that are already involved in over one-third of breach cases. Cloud security products provide essential protections but are typically operated independently and outside the SOC. Yet the SOC team must be able to centrally monitor complete end-to-end security and conduct investigations of the many incidents involving cloud assets. XSIAM builds an intelligent data foundation across all enterprise security sources, from endpoints to specialized cloud feeds from providers, dynamic workloads, and cloud security products. The system continually collects deep telemetry alerts and events from these sources, automatically prepares and enriches the data, and uniquely stitches it into security intelligence tuned to support rich machine learning analytics specialized for both specific sources and kill chain-wide behavioral detection. #### Rearchitecting the SOC SIEM's aging database architecture, management complexity, and limited evolution have forced innovation to come from surrounding specialized tools. The result is a SOC architecture that is a complex and brittle maze of data pipelines, product integrations, and constant management headaches. XSIAM consolidates multiple tools and scales, centralizes, and automates data collection to streamline SOC infrastructure and significantly reduce engineering and operations costs. #### Snapshot: Augment Analysts with ML-Driven Intelligence A key component in a modern SOC transformation is to ensure that security teams are using machine learning to its full potential to augment and complement humans in security. Advanced analytics and AI can significantly reduce the time teams spend processing massive amounts of data in the enterprise to develop critical security insights. As a subset of AI, machine learning uses training data from a client environment to enable machines to learn and improve their knowledge about the environment and performance on a task. By automatically detecting anomalous patterns across multiple data sources and automatically providing alerts with context, machine learning today can deliver on its promise of speeding investigations and removing blind spots in the enterprise. This works by training ML models with quality security-relevant data, using them to detect patterns among and across the data, and testing and refining the processes. ML techniques can gather, integrate, and analyze data and interrogate the data to reduce the amount of time and knowledge needed for a human to perform these tasks. This also minimizes the challenge for a SOC team trying to find threat context and evidence across multiple security layers embedded in data. Supervised ML techniques can be used to read the digital markers from devices, such as desktop computers, mail servers, or file servers, and then learn the behavior of different types of devices and detect anomalous behavior. The promise of machine learning is having the ability to determine causal inferences around what is happening in an environment and letting the software direct next steps instead of relying on human interaction. For instance, flagging bad actions based purely on behavior and interactions within the joined datasets so it can then propagate a decision to the rest of the network with explicit instructions such as instructing an agent to contain it or a firewall not to communicate with it. Machine learning in XSIAM can provide: * Behavioral analysis: XSIAM uses AI and ML algorithms to analyze the behavior of endpoints and detect anomalies that may indicate the presence of a threat. * Threat intelligence: The platform applies ML algorithms to analyze large volumes of threat intelligence data and identify patterns and trends that may indicate an emerging threat. * Automated response: XSIAM uses AI-powered automation to respond to threats in real time, without the need for human intervention. * Predictive analytics: The platform leverages ML algorithms to analyze historical data and predict potential threats, helping organizations proactively protect against future attacks. * Continuous learning: XSIAM's ML algorithms continuously learn from new data and adjust their models, improving the platform's accuracy and effectiveness over time. ### Built for Threat Detection and Response The heart of XSIAM is threat detection and response, and XSIAM is unique in its automation of the incident management flow. XSIAM analytics provide technique-based intelligence, allowing alerts to be grouped to incidents, fully enriched with relevant context. Embedded automation and inline playbooks apply analytic results for intelligent execution---fully processing and closing alerts or incidents whenever possible. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-incident-management.jpg) \*\*\*Figure 5:\**Analyst incident management view* The analyst incident management view provides a full summary of actions automatically taken, the results, and suggested actions that remain. When further investigation and response activities are required, the analyst is presented with a drill-down incident timeline and broad XSIAM intelligence from all analytics and functions. Remediation and response actions can leverage inline playbooks, and for managed endpoints, XSIAM provides one-click remediation action options along with powerful Live Terminal access and forensics tools. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-incident-management-attck.jpg) \*\*\*Figure 6:\**Gain deeper context around incidents with MITRE ATT\&CK mapping, associated alerts, playbook status, alert sources, and artifacts* ### Cortex XSIAM's Unique Benefits Cortex XSIAM is a true SOC platform and a game-changer for the traditional, multitool, human-driven SOC operating model. Overwhelmingly, organizations using a legacy SOC model all have similar pain about their existing security architecture and management. Cortex XSIAM was built by security practitioners who have lived through these pains. Its development was influenced by Palo Alto Networks clients seeking a way to solve their security outcome challenges. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-centralize.png) ***Figure 7:** Centralize, automate, and scale operations to protect your organization* | Key Features Summary || |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | **Data Onboarding** The cloud architecture makes onboarding, monitoring, and reporting simple with hundreds of prebuilt data packs, standard connector types, and simple, automated steps for configuration. | **Threat Intelligence Management** Manage Palo Alto Networks and third-party threat intelligence feeds and automatically map them to alerts and incidents. | | **Intelligent Data Foundation** Continually collect deep telemetry, alerts and events from any source,­ automatically enrich and map it to a unified data model, and stitch events into intelligence tuned for machine learning analytics. | **Endpoint Protection and Intelligence** Consolidate SIEM and EPP/EDR spend into a unified and integrated ­ solution, with a complete endpoint agent and cloud analytics backend to provide­ endpoint threat prevention, automated response, and in-depth telemetry­ useful for any threat investigation. | | **Threat Detection Analytics** Apply specialized analytics and behavior-based detections across all collected data with technique-based analytics. | **Attack Surface Visibility and Action** Gain a holistic view of your asset inventory, including internal endpoints and vulnerability alerting for discovered internet-facing assets, with embedded ASM capabilities. | | **Automated Investigation and Response** Autoexecute many tasks and provide your analysts the intelligence and­ guidance necessary to complete actions that require human actions with­ automated functions and intelligent inline playbooks. | **User and Entity Behavior Analytics** Use machine learning and behavioral analysis to profile users, machines, and entities to identify and alert on behavior that may indicate a compromised account or malicious insider. | | **Playbooks and Orchestration** Create and orchestrate playbooks for use with a robust SOAR (security­ orchestration, automation, and response) module and marketplace. | **Network and Cloud Analytics** Detect and alert on anomalies in network and cloud data, such as firewall events, cloud service provider logs, and cloud security product alerts with specialty analytics. | | **Cortex Exposure Management** Cut vulnerability noise by up to 99% with AI-driven prioritization and automated remediation spanning enterprise and cloud. | **Cortex Email Security** Extend industry-leading AI-driven detection and response to stop the most advanced email-based threats. | | **Management, Reporting, and Compliance** Centralized management functions simplify operations. Powerful graphical reporting capabilities support reporting for compliance, data ingestion, incident trends, SOC performance metrics, and more. | ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-imagination.png) ### Bridging Proactive and Reactive Security with XSIAM 3.0 The latest evolution of Cortex XSIAM takes a revolutionary step forward by unifying reactive incident response with proactive security posture management. XSIAM 3.0 expands its capabilities to address two of the most critical risk areas impacting enterprises today: #### Cortex Exposure Management Cut vulnerability noise by up to 99% with AI-driven prioritization and automated remediation spanning enterprise and cloud. This disruptive approach to vulnerability management focuses on the vulnerabilities with active weaponized exploits and no compensating controls, allowing you to prioritize the critical 0.01% of threats that matter. With Cortex Exposure Management, you can: * Reduce vulnerability noise across enterprise and cloud by 99% by prioritizing vulnerabilities with weaponized exploits and no compensating controls * Accelerate remediation with industry-leading automation through AI-powered plain language summaries and native playbook automation * Close the loop to prevent future attacks by seamlessly creating new protections for critical risks directly in Palo Alto Networks' industry-leading security platforms #### Cortex Email Security Stop advanced phishing attempts and email-based threats with LLM-driven analytics merged with industry-leading detection and response. With email remaining the primary communication tool---projected to reach 5 billion users by 2030---and accounting for a quarter of all security incidents, this capability provides: * Identity attacker behavior detection and advanced phishing protection with LLM-powered analytics that continuously learns from emerging threats * Automatic removal of malicious emails, disabling of compromised accounts, and isolation of affected endpoints in real-time * Correlation of email, identity, endpoint, and cloud data for unparalleled visibility into the full attack path for effective incident response By bringing these capabilities into the same unified data, AI, and automation platform that has successfully protected hundreds of the most demanding SOC environments globally, XSIAM 3.0 transforms security operations from reactive incident response to proactive cyber-defense capable of handling any current and future threat vectors. ### XSIAM Services You Can Count On #### Drive Successful XSIAM Outcomes with Global Customer Services Our industry leading cybersecurity experts help you optimize your deployments by applying technical expertise, professional ­ services, and operational processes to maximize your security investment. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/xsiam/XSIAM-e-book-support.png) ***Figure 8:** Global Customer Services provides a number of support and service options for XSIAM* **XSIAM Deployment Services**enable greater adoption of Cortex XSIAM features and­ accelerates time to value. Key benefits: * Accelerate protection for sophisticated threats across all enforcement points, endpoint policy tuning, correlation creation, security operations best practices, incident management methodologies, and playbook creation. * Reduce deployment risks using best practices with assistance from our experts. * Ensure ongoing effective operations, administration, and management with knowledge transfer to your team. * Achieve dramatically faster, better, and more measurable security outcomes. **SOC Transformation Services** provide a­ framework for organizations to build and­ enhance security operations centers to quickly and efficiently respond to security incidents and easily automate processes. Key benefits: * Develop a custom strategy to operationalize Cortex platforms in your environment. * Establish modular processes and procedures to increase automation opportunities. * Showcase security operations success through robust metrics and reporting frameworks. * Enable analysts to use Cortex XSIAM efficiently. * Build advanced SOC features for threat hunting and intelligence utilizing the Cortex platform. **Premium Customer Success** provides continuous guidance, seamless alignment, and premium technical support. Key benefits: * Access to Customer Success experts who provide strategic guidance throughout the lifetime of your Cortex XSIAM investment. * Provide tailored strategies to ensure you realize an optimal return on investment (ROI). * 24/7 technical phone support helps solve any challenges you come across. * Always-on digital support and knowledge tools. **For more information on these services, contact our Services Sales Team.** **Access the latest XSIAM resources:** Visit the [Visit the XSIAM product page](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) [What is XSIAM?](https://www.paloaltonetworks.com/engage/powering-the-modern-soc) [Request a personal demo of XSIAM](https://www.paloaltonetworks.com/cortex/request-demo?ts=markdown) [See XSIAM in action in a 15-minute video](http://paloaltonetworks.com/engage/powering-the-modern-soc/xsiam-in-action-automation-first-platform) [Real results from real Cortex XSIAM customers](https://www.paloaltonetworks.com/cortex/cortex-xsiam#proven-success?ts=markdown) Create an account Sign In | | Already have an account? Sign in to continue reading. | ----------------------------------------------------- | | ### Sign in here if you are a customer, partner or an employee. | | Sign in with SSO | OR | Continue with Google Continue with LinkedIn | OR | Sign In | | For unlimited access to ebooks and other resources, create an account today. | ---------------------------------------------------------------------------- | | ### Join us to become a Member | | Continue with Google Continue with LinkedIn | OR | Job Level | Job Function/Focus Area | Country | State | Province | mktoOptIn I'd like to speak with a specialist | mktoOptIn Sign me up to receive news, product updates, sales outreach, event information and special offers about Palo Alto Networks and its partners. | | By clicking on "Join us to become a member", you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). | This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. | Join us to become a Member | | Almost Done! | ------------ | | Job Level | Job Function/Focus Area | Country | State | Province | mktoOptIn I'd like to speak with a specialist | subscribe Email me exclusive invites, research, offers, and news | | By clicking on "Create Account", you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). | Create Account | | ### Thank you for registering! | | We have sent a confirmation email to {0}. Please check your email and click on the link to activate your account. | Return to Login close {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language