* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Security Platform](https://www2.paloaltonetworks.com/blog/category/security-platform/)
* PAN-OS 8.0: Cover Your Sa...

# PAN-OS 8.0: Cover Your SaaS By Securing Your Applications

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2017%2F02%2Fpan-os-8-0-cover-saas-securing-applications%2F)  
[](https://twitter.com/share?text=PAN-OS+8.0%3A+Cover+Your+SaaS+By+Securing+Your+Applications&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2017%2F02%2Fpan-os-8-0-cover-saas-securing-applications%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2017%2F02%2Fpan-os-8-0-cover-saas-securing-applications%2F&title=PAN-OS+8.0%3A+Cover+Your+SaaS+By+Securing+Your+Applications&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2017/02/pan-os-8-0-cover-saas-securing-applications/&ts=markdown)  
\[\](mailto:?subject=PAN-OS 8.0: Cover Your SaaS By Securing Your Applications)  
Link copied  
By [Stephanie Johnson](https://www.paloaltonetworks.com/blog/author/stephanie-johnson/?ts=markdown "Posts by Stephanie Johnson")  
Feb 22, 2017  
3 minutes  
[Security Platform](https://www.paloaltonetworks.com/blog/category/security-platform/?ts=markdown)  
[PAN-OS 8.0](https://www.paloaltonetworks.com/blog/tag/pan-os-8-0/?ts=markdown)  
[SaaS](https://www.paloaltonetworks.com/blog/tag/saas/?ts=markdown)

The adoption of software-as-a-service (SaaS) applications in the enterprise continues to rapidly accelerate, given the collaboration and productivity benefits. However, ungoverned use of SaaS creates new risks for data misuse and information leakage that must be addressed. The fact remains that it's very difficult to gain visibility into and control over SaaS applications with a traditional security implementation composed of layered, "bolted-on" point products.

### [![cover\_saas\_1](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/02/Cover_saas_1.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/02/Cover_saas_1.png)The Overlay Approach Is Insufficient

In a bolt-on approach, enterprises keep adding products, one on top of another, just to get insight into the traffic that has been moved to or deployed in SaaS applications in the cloud. Some of those moves include:

* Placing a proxy in the cloud (e.g., forward proxy or reverse proxy)
* Deploying a device on premises, perhaps a log forwarder, to gain some basic, limited visibility from the existing firewall
* Using a traffic forwarder to redirect traffic to the cloud
* Adding an active directory (AD) connector to understand who users are
* Deploying VPN agents or PAC files onto the endpoints

This process is extremely complicated, insufficient in terms of security, and doesn't scale. If you are an enterprise with several sites, you must repeat this process for each of your individual sites. And even with all components in place, there are still plenty of malicious tools available to criminals that are specifically designed to bypass proxy-based models, such as Tor or UltraSurf.

### [![cover\_saas\_2](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/02/Cover_SaaS_2.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2017/02/Cover_SaaS_2.png)It's Time to Get Serious About Securing Your SaaS

At Palo Alto Networks we're addressing the SaaS security dilemma from an entirely new perspective -- the platform perspective, to provide an integrated, comprehensive approach to SaaS security. Here's how:

1. Our Next-Generation Firewall (NGFW) already provides visibility and control of all applications within the network perimeter. Insights gained from the combination of App-ID, User-ID and Content-ID technologies enables security for content and data going into SaaS applications from the enterprise network.

2. GlobalProtect network security for endpoints extends the visibility, control and protection of next-generation network security to the mobile workforce by connecting a user's device to the closest NGFW, virtualized form factors included, so that full network security can be performed, regardless of physical location. This enables organizations to apply consistent security policy.

3. Aperture, our SaaS security service -- essentially a SaaS application itself -- connects directly to sanctioned SaaS applications via APIs to provide granular visibility and control within the applications to prevent data exposure and threat risks.

4. WildFire, our cloud-based threat analysis service, prevents new insertion points for malware and threats by identifying known and unknown malware across the network, the cloud and the endpoints.

Learn more by visiting our resources page, [Securely Enabling SaaS Adoption](https://www.paloaltonetworks.com/products/innovations/saas-visibility-and-control). You'll find a host of SaaS security--focused materials, ranging from informational videos and in-depth demos to detailed spec sheets and user guides.

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Security Platform](https://www.paloaltonetworks.com/blog/category/security-platform/?ts=markdown)

[#### Announcing PAN-OS 8.0 -- Our Biggest Launch Yet!](https://www2.paloaltonetworks.com/blog/2017/02/announcing-pan-os-8-0-biggest-launch-yet/)

### [Security Platform](https://www.paloaltonetworks.com/blog/category/security-platform/?ts=markdown)

[#### Achieve More With Panorama 8.0](https://www2.paloaltonetworks.com/blog/2017/08/achieve-panorama-8-0/)

### [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown), [Security Platform](https://www.paloaltonetworks.com/blog/category/security-platform/?ts=markdown)

[#### Stamp out Credential Abuse with Okta and Palo Alto Networks](https://www2.paloaltonetworks.com/blog/2017/06/stamp-credential-abuse-okta-palo-alto-networks/)

### [News of the Week](https://www.paloaltonetworks.com/blog/category/news-of-the-week/?ts=markdown)

[#### Palo Alto Networks News of the Week -- March 18, 2017](https://www2.paloaltonetworks.com/blog/2017/03/palo-alto-networks-news-week-march-18-2017/)

### [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Security Platform](https://www.paloaltonetworks.com/blog/category/security-platform/?ts=markdown)

[#### PAN-OS 8.0: Announcing New and Expanded Partner Integrations](https://www2.paloaltonetworks.com/blog/2017/03/pan-os-8-0-announcing-new-expanded-partner-integrations/)

### [Security Platform](https://www.paloaltonetworks.com/blog/category/security-platform/?ts=markdown)

[#### PAN-OS 8.0: New Hardware Enables Powerful Security Performance Without Compromise](https://www2.paloaltonetworks.com/blog/2017/03/pan-os-8-0-new-hardware-enables-powerful-security-performance-without-compromise/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language