* [Blog](https://www2.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate) * Cortex Xpanse # Palo Alto Networks ## Cortex Xpanse [![2023 年版 Unit 42 アタックサーフェス脅威レポート: ASM の必要性が鮮明に](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2023/09/Pen-Pointing-1.jpg)](https://www2.paloaltonetworks.com/blog/2023/10/attack-surface-threat-report-highlights-need-for-asm/?lang=ja) [2023 年版 Unit 42 アタックサーフェス脅威レポート: ASM の必要性が鮮明に \---------------------------------------------](https://www2.paloaltonetworks.com/blog/2023/10/attack-surface-threat-report-highlights-need-for-asm/?lang=ja) 2023 Unit 42 Attack Surface Threat Report では、アタック サーフェス管理 (ASM: 攻撃対象領域の管理) に関する、とくに高リスクなセキュリティ調査結果が明らかになりました。また本レポートは、クラウド環境の動的な性質に加え、脅威アクターが新たな脆弱性をエクスプロイトするそのスピードも浮き彫りにしました。同レポートでは、サイバー犯罪者らが、新たな脆弱性の公開から数時間以内にその脆弱性を悪用していることが判明しています。端的にいえば、組織は「脅威アクターの自動化に対抗できる速度や規模でアタック サーフェスを管理するのは困難」と感じています。... [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-ja/?lang=ja&ts=markdown) [視点](https://www.paloaltonetworks.com/blog/category/%e8%a6%96%e7%82%b9/?lang=ja&ts=markdown) Oct 26, 2023 By [Matt Kraning](https://www.paloaltonetworks.com/blog/author/matt-kraning/?lang=ja&ts=markdown "Posts by Matt Kraning") ## Palo Alto Networks *** ** * ** *** [Announcements](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) *** ** * ** *** [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown) *** ** * ** *** [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) *** ** * ** *** [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) *** ** * ** *** [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) *** ** * ** *** [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) *** ** * ** *** ![インターネットに公開している Ivanti ソフトウェアのパッチ適用をお忘れなく](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2023/07/Man-working-5.jpg) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-ja/?lang=ja&ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must/?lang=ja&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-ja/?lang=ja&ts=markdown) ## [インターネットに公開している Ivanti ソフトウェアのパッチ適用をお忘れなく](https://www2.paloaltonetworks.com/blog/security-operations/dont-let-your-ivanti-exposures-go-unpatched/?lang=ja) 2023年7月24日、Ivanti Endpoint Manager Mobile (EPMM、旧称MobileIron Core)の脆弱性「CVE-2023-35078」が公表されました。これは、承認を受けていないユー... Aug 07, 2023 By [Giuliana Sturma](https://www.paloaltonetworks.com/blog/author/giuliana-sturma/?lang=ja&ts=markdown "Posts by Giuliana Sturma") ![ASMの必要性とその先のケア](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2021/06/CXOs_Guide_to_Managing_Your_Attack_Surface.png) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-jp/?lang=ja&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-ja/?lang=ja&ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud-2/?lang=ja&ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise-2/?lang=ja&ts=markdown), [Secure the Future](https://www.paloaltonetworks.com/blog/category/secure-the-future-2/?lang=ja&ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention/?lang=ja&ts=markdown) ## [ASMの必要性とその先のケア](https://www2.paloaltonetworks.com/blog/2023/06/why-we-need-asm-and-what-should-be-considered/?lang=ja) この話をするとき、よく話題にのぼるのがペネトレーション テスト(PENテスト)との比較です。ただし、ペネトレーションテストとASMには、大きく分けて2つの観点から後述する明確な違いがあります。この話をするとき、よく話題に... Jun 14, 2023 By [Daisuke Terauchi](https://www.paloaltonetworks.com/blog/author/daisuke-terauchi/?lang=ja&ts=markdown "Posts by Daisuke Terauchi") ![政府情報システムにおけるセキュリティ・バイ・デザインガイドラインで言及されたアタックサーフェス(攻撃対象領域)の管理](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2023/01/iStock-1131299321-edit.jpg) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-jp/?lang=ja&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-ja/?lang=ja&ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise-2/?lang=ja&ts=markdown) ## [政府情報システムにおけるセキュリティ・バイ・デザインガイドラインで言及されたアタックサーフェス(攻撃対象領域)の管理](https://www2.paloaltonetworks.com/blog/2023/01/attack-surface-government-guidelines/?lang=ja) 昨年6月末に発行された4つのセキュリティ関連ガイドライン「政府情報システムにおけるセキュリティ・バイ・デザインガイドライン」「政府情報システムにおける脆弱性診断導入ガイドライン」「... Jan 26, 2023 By [Daina Furukawa](https://www.paloaltonetworks.com/blog/author/daina-furukawa/?lang=ja&ts=markdown "Posts by Daina Furukawa") ![2022年 攻撃対象領域管理(ASM)脅威レポート](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2022/04/NetSec-Adhoc-Updated-Blog-Image-Resize-BU003307.png) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-ja/?lang=ja&ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must/?lang=ja&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-ja/?lang=ja&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-ja/?lang=ja&ts=markdown) ## [2022年 攻撃対象領域管理(ASM)脅威レポート](https://www2.paloaltonetworks.com/blog/2022/07/2022-asm-threat-report/?lang=ja) 経験豊富なセキュリティ専門家は知っています。ゼロデイ脅威は確かに頭痛の種ですが、本当の問題はいつも、組織内で毎日行われる無数の小さな判断から生じています。不注意によるたった1件の設定ミスから、防御にほころびが生じる可能性... Jul 28, 2022 By [Abhishek Anbazhagan](https://www.paloaltonetworks.com/blog/author/abhishek-anbazhagan/?lang=ja&ts=markdown "Posts by Abhishek Anbazhagan") ![Cortex XpanseでCISA認定の既知の悪用された脆弱性を検出する方法](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2022/03/iStock-949580950.jpg) [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features-ja/?lang=ja&ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise-2/?lang=ja&ts=markdown) ## [Cortex XpanseでCISA認定の既知の悪用された脆弱性を検出する方法](https://www2.paloaltonetworks.com/blog/security-operations/cortex-xpanse-identify-cisa-kev/?lang=ja) 2021年末、米国国土安全保障省サイバーセキュリティ・インフラセキュリティ庁(DHS/CISA)が拘束力のある運用指令22-01 (BOD 22-01)を発令し、攻撃者に悪用されたとCISAが判断した、既知の悪用された脆... Apr 03, 2022 By [Cyrus Revand](https://www.paloaltonetworks.com/blog/author/cyrus-revand/?lang=ja&ts=markdown "Posts by Cyrus Revand") ![パロアルトネットワークスの提供するApache Log4jからの包括的保護](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2021/12/Coding-1.jpg) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-ja/?lang=ja&ts=markdown), [視点](https://www.paloaltonetworks.com/blog/category/%e8%a6%96%e7%82%b9/?lang=ja&ts=markdown) ## [パロアルトネットワークスの提供するApache Log4jからの包括的保護](https://www2.paloaltonetworks.com/blog/2022/01/defense-for-apache-log4j/?lang=ja) 2021年末に開示されたApache Log4jの脆弱性は2つの理由からとくにやっかいな問題となりました。第1の理由はApache Log4jが世界中の企業で広く利用されており、オープンソースソフトウェアや自社開発アプリケーションにバックエ... Jan 04, 2022 By [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?lang=ja&ts=markdown "Posts by Ryan Olson") [](https://www2.paloaltonetworks.com/blog/security-operations/cortex-xpanse-finding-apache-log4j/?lang=ja) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-jp/?lang=ja&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-2/?lang=ja&ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention/?lang=ja&ts=markdown) ## [Cortex Xpanseで自社攻撃対象領域内のApache Log4jを管理する方法](https://www2.paloaltonetworks.com/blog/security-operations/cortex-xpanse-finding-apache-log4j/?lang=ja) 2021年12月9日に緊急度の高いリモートコード実行の脆弱性がが発見されました。 これはApache Log4j 2のロギングライブラリに存在する脆弱性で、通称をLog4Shellといい、インターネッ... Dec 14, 2021 By [Richa Avasthi](https://www.paloaltonetworks.com/blog/author/richa-avasthi/?lang=ja&ts=markdown "Posts by Richa Avasthi"), [Greg Heon](https://www.paloaltonetworks.com/blog/author/greg-heon/?lang=ja&ts=markdown "Posts by Greg Heon") and [Kevan Dunsmore](https://www.paloaltonetworks.com/blog/author/kevan-dunsmore/?lang=ja&ts=markdown "Posts by Kevan Dunsmore") ![5割のアジア太平洋地域の企業がデジタル資産へのサイバー攻撃を経験](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2021/11/Tall-Buildings-1.jpg) [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-ja/?lang=ja&ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise-2/?lang=ja&ts=markdown) ## [5割のアジア太平洋地域の企業がデジタル資産へのサイバー攻撃を経験](https://www2.paloaltonetworks.com/blog/2021/11/half-apac-organizations-experience-cyber-attack-on-digital-assets/?lang=ja) コロナ禍において、世界中でDX(デジタル・トランスフォーメーション)が加速しているほか、多くの従業員がリモートワークによる在宅勤務を実施することになり、セキュリティの保護が十分でないネットワークや個人デバイスでの業務を余... Nov 17, 2021 By [Masaki Tsuyuki](https://www.paloaltonetworks.com/blog/author/masaki-tsuyuki/?lang=ja&ts=markdown "Posts by Masaki Tsuyuki") ![ランサムウェア対策はインシデントの発生前に](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2021/07/Top-Down-Collaboration.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must/?lang=ja&ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise-2/?lang=ja&ts=markdown), [視点](https://www.paloaltonetworks.com/blog/category/%e8%a6%96%e7%82%b9/?lang=ja&ts=markdown) ## [ランサムウェア対策はインシデントの発生前に](https://www2.paloaltonetworks.com/blog/2021/08/protect-against-ransomware/?lang=ja) 最近のREvilランサムウェアギャングによるKaseya VSAへの攻撃では、Kaseyaの多数の顧客も攻撃対象となりました。Kaseyaは自社の顧客にプラットフォームの利用を停止するよう緊急提言を出し、多数の顧客がその求めに応じました。こ... Aug 11, 2021 By [Wendi Whitmore](https://www.paloaltonetworks.com/blog/author/wendi-whitmore/?lang=ja&ts=markdown "Posts by Wendi Whitmore") ![攻撃可能領域管理ソリューションの提供開始にあわせて、バーチャルサミット「Cortex Symphony Japan」を開催](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2021/05/cortex-symphony-21-facebook-shared-1200x630-1.jpg) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-ja/?lang=ja&ts=markdown) ## [攻撃可能領域管理ソリューションの提供開始にあわせて、バーチャルサミット「Cortex Symphony Japan」を開催](https://www2.paloaltonetworks.com/blog/2021/05/cortex-xpanse-japan-symphony/?lang=ja) パロアルトネットワークスは、5月26日(水)、SOCリーダーやアナリスト、SecOpsチームの方々を対象に、セキュリティ運用の効率化を実現するためのテクノロジーやヒントについてご紹... May 23, 2021 By [Masaki Tsuyuki](https://www.paloaltonetworks.com/blog/author/masaki-tsuyuki/?lang=ja&ts=markdown "Posts by Masaki Tsuyuki") Load more blogs ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language