At Palo Alto Networks, we believe that security is important for our customers’ trust

Our Security Program

The Information Security function at Palo Alto Networks is headed by the Chief Information Security Officer (CISO). The Information Security Team is responsible for establishing corporate security policies and standards that govern Palo Alto Networks and its services.

Security Architecture

The Security Architecture Team establishes the overall design and architectural requirements for security technology and control implementation.

Security Engineering

The Security Engineering Team implements solutions, designs maintenance processes and maintains security technologies consumed by the Information Security organization.

Security Operations

The Security Operations Team operates security management tools, conducts threat analysis, security monitoring, and security event and incident management.

Governance, Risk & Compliance (GRC)

The GRC Team establishes policies, provides security governance, evaluates risk and monitors compliance with the security program and policy.

Security framework & security measures

Our security program consists of a risk-based approach that includes administrative, technical and physical safeguards reasonably designed to protect the confidentiality, integrity and availability of customer data. Palo Alto Network's information security program is aligned to ISO 27001/2, and includes key controls from HIPAA, PCI and SOC2.

View our Information Security Measures >


Security certifications

ISO 27001

ISO 27001 certification demonstrates to customers that Palo Alto Networks has been independently assessed to have appropriate processes in place to help ensure the security and reliability of sensitive customer data. Our processes are designed to:

  • Ensure data integrity is maintained and can only be modified by authorized users.
  • Assess the risks and proactively mitigating the impact of a breach.
  • Align management processes with corporate risk strategies and customer requirements.

Learn more

Download a ISO 27001 report

Download a XSOAR (Demisto) report


As part of our commitment to data security and privacy, we maintain SOC 2 certification for products across the platform. This third-party validation supports the foundation of trust between Palo Alto Networks and our customers.

Learn more


Palo Alto Networks is pursuing FedRAMP Moderate authorization for its WildFire service. Designed to meet the needs of federal agencies, WildFire is hosted from two data centers within the U.S. and provides additional levels of security assurance beyond our standard WildFire malware analysis service. View the authorization status on the FedRAMP Marketplace.

Learn more