* [Blog](https://www2.paloaltonetworks.com/blog)
* [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Infrastructure Entitlement Management](https://www2.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/)
* 6 Common Kubernetes and C...

# 6 Common Kubernetes and Container Attack Techniques and How to Prevent Them

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2F6-common-kubernetes-attacks%2F)  
[](https://twitter.com/share?text=6+Common+Kubernetes+and+Container+Attack+Techniques+and+How+to+Prevent+Them&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2F6-common-kubernetes-attacks%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2F6-common-kubernetes-attacks%2F&title=6+Common+Kubernetes+and+Container+Attack+Techniques+and+How+to+Prevent+Them&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/6-common-kubernetes-attacks/&ts=markdown)  
\[\](mailto:?subject=6 Common Kubernetes and Container Attack Techniques and How to Prevent Them)  
Link copied  
By [Taylor Smith](https://www.paloaltonetworks.com/blog/author/taylor-smith/?ts=markdown "Posts by Taylor Smith")  
Mar 02, 2022  
7 minutes  
[Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown)  
[Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown)  
[Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown)  
[Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown)  
[DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)  
[Containers](https://www.paloaltonetworks.com/blog/tag/containers/?ts=markdown)  
[Kubernetes](https://www.paloaltonetworks.com/blog/tag/kubernetes/?ts=markdown)  
[Vulnerabilities](https://www.paloaltonetworks.com/blog/tag/vulnerabilities/?ts=markdown)

While Log4J or Log4Shell stole a lot of the headlines, there have been a lot of other attacks on [Kubernetes](https://www.paloaltonetworks.com/cyberpedia/what-is-kubernetes) and containerized environments recently. Our threat research team, Unit 42, has been hard at work [identifying new vulnerabilities, attack vectors and active malware.](https://unit42.paloaltonetworks.com/atoms/) When aggregating these various attacks, there are a few common techniques bad actors use to gain access to a system, exploit resources, or abuse resources and spread.

Let's look at a few common patterns and discuss how you can protect against them.

## Abusing Public Facing Vulnerabilities and Kubernetes Components

### Technique

The most common technique for bad actors to get in through the front door is exploiting vulnerable components. What's new is recent attacks [targeting Kubernetes components](https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/) like public kubelets. Attackers scan the internet for any public facing vulnerabilities and unsecure components to exploit. From there, it's trivial to perform an exploit and get into a system.

### Protection

Vulnerability management tools will identify all known vulnerabilities in base images and packages and provide upgrade recommendations. When vulnerabilities can't be patched or there is no patch available, providing [virtual patching](https://www.paloaltonetworks.com/blog/2021/04/april-2021-release-prisma-cloud/#web-app-and-api-security) and other runtime protection can be useful compensating controls.

For Kubernetes components, this is another reason to consider managed Kubernetes offerings, rather than rolling your own. All the major cloud providers' managed Kubernetes offerings lock down the kubelet component by default and are not susceptible to this exploit. For those self-managing Kubernetes clusters, tools like Prisma Cloud can identify unsecure components to secure using our Kubernetes audits. Integrations with Open Policy Agent (OPA) can also prevent spinning up privileged containers and other violations of secure Kubernetes practices.
![Blocked attempt to create an unsanctioned namespace](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/02/graphical-user-interface-application-description-3.png)
Blocked attempt to create an unsanctioned namespace

## Scraping and Abusing Credentials

### Technique

Many of the attacks spotted by Unit 42 don't stop once they're in. Malware like [Hildegard](https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/) and [Black-T](https://unit42.paloaltonetworks.com/black-t-cryptojacking-variant/) immediately begin searching for credentials, such as cloud access keys, access tokens, SSH keys, Kubernetes service tokens, etc. TeamTNT currently searches for 16 different credentials using pattern matching techniques. These keys can be used for [lateral movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement) (discussed later), privilege escalation, spinning up a privileged container or spinning up VMs and containers with cryptominers.

### Protection

The best way to protect against these kinds of exploits is to make it as difficult as possible to gain access to credentials and to lock down credentials as much as possible. Tools like Prisma Cloud can search [container](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container) images, infrastructure as code, and cloud resources for clear text secrets so they can be revoked and replaced as soon as possible. Using our [CIEM capabilities](https://www.paloaltonetworks.com/prisma/cloud/cloud-identity-security) allow you to identify overprivileged cloud credentials and move to a least privileged model.

These malware variants are also scraping memory, so it's not possible to completely protect against them once they are inside. In that case, the best protection is making sure they don't get access in the first place. Also, using Prisma Cloud in combination with secrets managers like Vault lets you only inject secrets when absolutely necessary, limiting the number of times a secret shows up in memory.
![Identifying overprivileged accounts and credentials](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/02/graphical-user-interface-application-description-4.png)
Identifying overprivileged accounts and credentials

## Installing or Spinning Up Cryptominers

### Technique

While the popularity of cryptojacking has declined somewhat, Unit 42 still found evidence of cryptojacking at [17% of organizations](https://unit42.paloaltonetworks.com/highlights-cloud-threat-report-1h-2021/). Crypojacking is the process of either spinning up a cryptominer in an infected container or virtual machine (VM) or spinning up a dedicated container or VM with cryptomining software. Another form of cryptojacking is a supply chain poisoning attack where public container images, such as [ones stored in Docker Hub](https://unit42.paloaltonetworks.com/malicious-cryptojacking-images/), contain cryptomining software. These images are disguised as something useful, such as a popular benign image, and often do function as intended, just with a side process that mines cryptocurrency for bad actors.

### Protection

Cryptomining processes can be stopped in a few places. When reaching out to command-and-control servers, network monitoring can block traffic to known malicious IPs and domains. Workload protection platforms can block known cryptominers from ever being spun up and trace the events before and after the attempt. If a container or VM attempts to download a file or spin up a container image, security tools can identify the signatures of known cryptomining malware or send it to a [sandbox](https://www.paloaltonetworks.com/cyberpedia/sandboxing) to identify unknown malware. Additionally, these tools can lock down deployments to only known, trusted images and block all other images.
![Attempted cryptominer installation blocked](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/02/graphical-user-interface-application-website-de.png)
Attempted cryptominer installation blocked

## Lateral Movement

### Technique

[Malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware) is rarely satisfied with the first entry point. Using port scanning tools, such as masscan, pnscan and zgrab, and CLI dumps, malware can find the next target to infect and spread to. From there, they can open up access to other containers and VMs using service control software like SSH or API software such as Kubernetes API commands.

### Protection

Blocking lateral movement involves blocking each step of the attempt. Start by limiting the attack surface by using [microsegmentation](https://www.paloaltonetworks.com/prisma/cloud/identity-based-microsegmentation) to limit the services that can talk to each other. Leverage cloud workload protection tools to block known port scanning tools. Kubernetes allows you to predefine service communication, so there is unlikely a need for port scanning from a container. Then block SSH and RDP access to just known users and processes and lock down your Kubernetes and Docker APIs.
![Identity based microsegmentation blocking nefarious lateral movement](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/02/application-description-automatically-generated-w.png)
Identity based microsegmentation blocking nefarious lateral movement

## Fileless Exploits and Cleaning History

### Technique

One of the popular obfuscation techniques is to run memory only malware and to [clear log history](https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/). This makes it hard for volume-based scanning to detect and prevent these attacks. The malware is only included temporarily, sometimes in the `tmp` directory or as a script in memory only, and then wiped clean. This makes forensics without active monitoring nearly impossible.

### Protection

The only protection against [fileless malware](https://www.paloaltonetworks.com/cyberpedia/what-are-fileless-malware-attacks) attacks is active monitoring. Agents can detect and block malicious processes and file modifications at the source. For most Kubernetes environments, preventing shell access is a good practice and effective measure against some attacks and clearing history. Commands like `history -c` can be blocked using custom rules to keep an immutable history of actions in logs.
![Blocking malicious binary modifications](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/02/graphical-user-interface-application-description-5.png)
Blocking malicious binary modifications

## Killing Competing Malware

### Technique

While not new, we've noticed that the malware we're monitoring is killing off competing malware. For example, the [Black-T malware variant](https://unit42.paloaltonetworks.com/black-t-cryptojacking-variant/) greps for other worms and cryptominers and runs the kill command. Disabling other worms frees up more resources for the bad actor to use.

### Protection

The first question is, do you want to stop malware from stopping other malware?

All joking aside, the variants we've seen typically use the `kill` command. You can take the approach of blocking shell commands in containers. Traditionally all commands should come through code updates and the API controllers should update configurations and live code on your behalf, so manual shell access shouldn't be necessary. Another, more fine-grained approach is to disable services from using `kill`.
![Settings to block malicious processes and modifications](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/02/graphical-user-interface-text-application-email.png)
Settings to block malicious processes and modifications

Threat actors are growing in sophistication and Kubernetes is a prime target. However, there are tools out there to block every step of their attacks. This multi-layered approach to blocking attacks is the most effective approach to runtime security in the cloud.

Try Prisma Cloud's Kubernetes security capabilities, such as runtime security, vulnerability management, compliance, image analysis sandbox, and more, by requesting a [free trial here](https://www.paloaltonetworks.com/prisma/request-a-prisma-cloud-trial).

*** ** * ** ***

## Related Blogs

### [Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### Zero Trust for Applications Best Practices: Securing Cloud Workloads](https://www2.paloaltonetworks.com/blog/cloud-security/zero-trust-cloud-workloads/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-security-platform/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### Prisma Cloud at Ignite '21: What to Know](https://www2.paloaltonetworks.com/blog/cloud-security/prisma-cloud-ignite-21/)

### [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### Detecting Kubernetes CVE-2020-8570: Java Client Vulnerability](https://www2.paloaltonetworks.com/blog/cloud-security/kubernetes-cve-2020-8570-java-client-vulnerability/)

### [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown), [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown)

[#### 10 Cloud Security Risks Organizations Should Address](https://www2.paloaltonetworks.com/blog/cloud-security/10-cloud-security-risks/)

### [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### The Role of Zero Trust for Cloud Identities and Infrastructure](https://www2.paloaltonetworks.com/blog/cloud-security/identities-and-infrastructure/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### What Does the Latest Linux Kernel Vulnerability Mean for Kubernetes Users and How Prisma Cloud Protects Against it?](https://www2.paloaltonetworks.com/blog/cloud-security/linux-kernel-vulnerabilities/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language