[](https://www.paloaltonetworks.com/?ts=markdown)

* CN
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com/)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * CHINA (简体中文)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown)

* [资源](https://www.paloaltonetworks.cn/resources?ts=markdown)

* [获得支持](https://support.paloaltonetworks.com/support)

* [遭遇攻击？](https://start.paloaltonetworks.com/contact-unit42.html)
  ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [](https://www.paloaltonetworks.com/?ts=markdown)

* 产品  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 产品  
  [人工智能驱动的网络安全平台](https://www.paloaltonetworks.cn/network-security?ts=markdown)
  
  * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown)
  
  * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown)
  
  * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown)
  
  * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown)
  
  * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown)
  
  * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown)
  
  * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown)
  
  * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown)
  
  * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown)
  
  * [医疗物联网安全](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown)
  
  * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)
  
  * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown)
  
  * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown)
  
  * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown)
  
  * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown)
  
  * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown)
  
  * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown)
  
  * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown)
  
  * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown)
  
  * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown)
  
  * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown)
  
  * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown)
  
  * [企业 DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown)
  
  * [Prisma 浏览器](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown)
  
  * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown)
  
  * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)  
    [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown)
  
  * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)
  
  * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)
  
  * [应用安全](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown)
  
  * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown)
  
  * [云运行时安全](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown)
  
  * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown)
  
  * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown)
  
  * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown)
  
  * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown)
  
  * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown)
  
  * [Cortex AgentiX](https://www.paloaltonetworks.cn/cortex/agentix?ts=markdown)
  
  * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown)
  
  * [Cortex 风险暴露管理](https://www.paloaltonetworks.cn/cortex/exposure-management?ts=markdown)
  
  * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown)
  
  * [Cortex 高级电子邮件安全](https://www.paloaltonetworks.cn/cortex/advanced-email-security?ts=markdown)
  
  * [Unit 42 托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown)  
    [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg)  
    身份安全](https://www.paloaltonetworks.cn/identity-security?ts=markdown)

* 解决方案  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 解决方案  
  AI 安全
  
  * [安全的人工智能生态系统](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown)
  * [安全使用 GenAI](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown)  
    网络安全
  * [云网络安全](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown)
  * [数据中心安全](https://www.paloaltonetworks.cn/network-security/data-center?ts=markdown)
  * [DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown)
  * [入侵检测和防御](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown)
  * [IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown)
  * [5G 安全](https://www.paloaltonetworks.cn/network-security/5g-security?ts=markdown)
  * [确保所有应用、用户和位置的安全](https://www.paloaltonetworks.cn/sase/secure-users-data-apps-devices?ts=markdown)
  * [确保分支机构转型的安全](https://www.paloaltonetworks.cn/sase/secure-branch-transformation?ts=markdown)
  * [确保任何设备上的工作安全](https://www.paloaltonetworks.cn/sase/secure-work-on-any-device?ts=markdown)
  * [VPN 替代](https://www.paloaltonetworks.cn/sase/vpn-replacement-for-secure-remote-access?ts=markdown)
  * [Web 和网络钓鱼安全](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown)  
    云安全
  * [应用安全态势管理 (ASPM)](https://www.paloaltonetworks.cn/cortex/cloud/application-security-posture-management?ts=markdown)
  * [软件供应链安全](https://www.paloaltonetworks.cn/cortex/cloud/software-supply-chain-security?ts=markdown)
  * [代码安全](https://www.paloaltonetworks.cn/cortex/cloud/code-security?ts=markdown)
  * [云安全态势管理 (CSPM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-security-posture-management?ts=markdown)
  * [云基础架构权限管理 (CIEM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown)
  * [数据安全态势管理 (DSPM)](https://www.paloaltonetworks.cn/cortex/cloud/data-security-posture-management?ts=markdown)
  * [AI 安全态势管理 (AI-SPM)](https://www.paloaltonetworks.cn/cortex/cloud/ai-security-posture-management?ts=markdown)
  * [云检测与响应 (CDR)](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown)
  * [云工作负载保护 (CWP)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-workload-protection?ts=markdown)
  * [Web 应用及 API 安全 (WAAS)](https://www.paloaltonetworks.cn/cortex/cloud/web-app-api-security?ts=markdown)  
    安全运营
  * [云检测和响应](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown)
  * [网络安全自动化](https://www.paloaltonetworks.cn/cortex/network-security-automation?ts=markdown)
  * [事件案例管理](https://www.paloaltonetworks.cn/cortex/incident-case-management?ts=markdown)
  * [SOC 自动化](https://www.paloaltonetworks.cn/cortex/security-operations-automation?ts=markdown)
  * [威胁情报管理](https://www.paloaltonetworks.cn/cortex/threat-intel-management?ts=markdown)
  * [托管的检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown)
  * [攻击面管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/attack-surface-management?ts=markdown)
  * [合规性管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/compliance-management?ts=markdown)
  * [互联网运营管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/internet-operations-management?ts=markdown)  
    端点安全
  * [端点防护](https://www.paloaltonetworks.cn/cortex/endpoint-protection?ts=markdown)
  * [扩展的检测和响应](https://www.paloaltonetworks.cn/cortex/detection-and-response?ts=markdown)
  * [勒索软件防护](https://www.paloaltonetworks.cn/cortex/ransomware-protection?ts=markdown)
  * [数字取证](https://www.paloaltonetworks.cn/cortex/digital-forensics?ts=markdown)  
    [行业](https://www.paloaltonetworks.cn/industry?ts=markdown)
  * [公共部门](https://www.paloaltonetworks.com/industry/public-sector)
  * [金融服务](https://www.paloaltonetworks.com/industry/financial-services)
  * [制造](https://www.paloaltonetworks.com/industry/manufacturing)
  * [医疗保健](https://www.paloaltonetworks.com/industry/healthcare)
  * [中小型企业解决方案](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio)  
    [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberark/Seamless_IDs_small.jpg)  
    身份安全](https://www.paloaltonetworks.cn/identity-security?ts=markdown)

* 服务  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 服务  
  [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown)
  
  * [评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown)
  
  * [AI 安全评估](https://www.paloaltonetworks.cn/unit42/assess/ai-security-assessment?ts=markdown)
  
  * [攻击面评估](https://www.paloaltonetworks.cn/unit42/assess/attack-surface-assessment?ts=markdown)
  
  * [防泄露准备工作审核](https://www.paloaltonetworks.cn/unit42/assess/breach-readiness-review?ts=markdown)
  
  * [BEC 准备情况评估](https://www.paloaltonetworks.com/bec-readiness-assessment)
  
  * [云安全评估](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment)
  
  * [入侵评估](https://www.paloaltonetworks.cn/unit42/assess/compromise-assessment?ts=markdown)
  
  * [网络风险评估](https://www.paloaltonetworks.cn/unit42/assess/cyber-risk-assessment?ts=markdown)
  
  * [并购网络尽职调查](https://www.paloaltonetworks.cn/unit42/assess/mergers-acquisitions-cyber-due-dilligence?ts=markdown)
  
  * [渗透测试](https://www.paloaltonetworks.cn/unit42/assess/penetration-testing?ts=markdown)
  
  * [紫队演习](https://www.paloaltonetworks.cn/unit42/assess/purple-teaming?ts=markdown)
  
  * [勒索软件就绪评估](https://www.paloaltonetworks.cn/unit42/assess/ransomware-readiness-assessment?ts=markdown)
  
  * [SOC 评估](https://www.paloaltonetworks.com/unit42/assess/soc-assessment)
  
  * [供应链风险评估](https://www.paloaltonetworks.cn/unit42/assess/supply-chain-risk-assessment?ts=markdown)
  
  * [桌面演习](https://www.paloaltonetworks.cn/unit42/assess/tabletop-exercise?ts=markdown)
  
  * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown)
  
  * [响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown)
  
  * [云事故响应](https://www.paloaltonetworks.cn/unit42/respond/cloud-incident-response?ts=markdown)
  
  * [数字取证](https://www.paloaltonetworks.cn/unit42/respond/digital-forensics?ts=markdown)
  
  * [事件响应](https://www.paloaltonetworks.cn/unit42/respond/incident-response?ts=markdown)
  
  * [托管检测与响应](https://www.paloaltonetworks.cn/unit42/respond/managed-detection-response?ts=markdown)
  
  * [托管威胁追踪](https://www.paloaltonetworks.cn/unit42/respond/managed-threat-hunting?ts=markdown)
  
  * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown)
  
  * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown)
  
  * [转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown)
  
  * [事故响应计划制定与审核](https://www.paloaltonetworks.cn/unit42/transform/incident-response-plan-development-review?ts=markdown)
  
  * [安全计划设计](https://www.paloaltonetworks.cn/unit42/transform/security-program-design?ts=markdown)
  
  * [虚拟 CISO](https://www.paloaltonetworks.cn/unit42/transform/vciso?ts=markdown)
  
  * [零信任咨询](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory)  
    [全球客户服务](https://www.paloaltonetworks.cn/services?ts=markdown)
  
  * [教育与培训](https://www.paloaltonetworks.com/services/education)
  
  * [专业服务](https://www.paloaltonetworks.com/services/consulting)
  
  * [成功工具](https://www.paloaltonetworks.com/services/customer-success-tools)
  
  * [支持服务](https://www.paloaltonetworks.com/services/solution-assurance)
  
  * [客户成功](https://www.paloaltonetworks.com/services/customer-success)  
    [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg)  
    Unit 42 顾问人员
    为满足企业的需求而定制，您可以选择将顾问人员工时数分配给我们的任意产品，包括主动网络风险管理服务。了解如何一键呼叫世界一流的 Unit 42 事故响应团队。
    了解更多](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown)

* 合作伙伴  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 合作伙伴  
  NextWave 合作伙伴
  
  * [NextWave 合作伙伴社区](https://www.paloaltonetworks.com/partners)
  * [云服务提供商](https://www.paloaltonetworks.com/partners/nextwave-for-csp)
  * [全球系统集成商](https://www.paloaltonetworks.com/partners/nextwave-for-gsi)
  * [技术合作伙伴](https://www.paloaltonetworks.com/partners/technology-partners)
  * [服务提供商](https://www.paloaltonetworks.com/partners/service-providers)
  * [解决方案提供商](https://www.paloaltonetworks.com/partners/nextwave-solution-providers)
  * [托管安全服务提供商](https://www.paloaltonetworks.com/partners/managed-security-service-providers)  
    采取行动
  * [门户网站登录](https://www.paloaltonetworks.com/partners/nextwave-partner-portal)
  * [管理的服务计划](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program)
  * [成为合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner)
  * [请求访问](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess)
  * [查找合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator)  
    [CYBERFORCE
    CYBERFORCE 代表了因其安全专业知识而值得信赖的前 1% 的合作伙伴工程师。
    了解更多](https://www.paloaltonetworks.com/cyberforce)

* 公司  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 公司  
  Palo Alto Networks
  
  * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown)
  * [管理团队](https://www.paloaltonetworks.com/about-us/management)
  * [投资者关系](https://investors.paloaltonetworks.com/)
  * [地点](https://www.paloaltonetworks.com/about-us/locations)
  * [道德与合规性](https://www.paloaltonetworks.com/company/ethics-and-compliance)
  * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility)
  * [军人和退伍军人](https://jobs.paloaltonetworks.com/military)  
    [为什么选择 Palo Alto Networks？](https://www.paloaltonetworks.cn/why-paloaltonetworks?ts=markdown)
  * [Precision AI 安全](https://www.paloaltonetworks.cn/precision-ai-security?ts=markdown)
  * [我们的平台方法](https://www.paloaltonetworks.cn/why-paloaltonetworks/platformization?ts=markdown)
  * [加速网络安全转型](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio)
  * [获得的奖项与表彰](https://www.paloaltonetworks.com/about-us/awards)
  * [客户案例](https://www.paloaltonetworks.cn/customers?ts=markdown)
  * [全球认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance)
  * [全方位信任计划](https://www.paloaltonetworks.com/resources/whitepapers/trust-360)  
    职业生涯
  * [概述](https://jobs.paloaltonetworks.com/)
  * [文化与福利](https://jobs.paloaltonetworks.com/culture)  
    [《新闻周刊》评选出的最受欢迎的工作场所
    善待员工的企业
    阅读更多](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021)

* 更多内容  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 更多内容  
  资源
  
  * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans)
  * [Unit 42 威胁研究博客](https://unit42.paloaltonetworks.com/)
  * [社区](https://www.paloaltonetworks.com/communities)
  * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown)
  * [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown)
  * [技术内幕](https://techinsider.paloaltonetworks.com/)
  * [知识库](https://knowledgebase.paloaltonetworks.com/)
  * [Palo Alto Networks 频道](https://tv.paloaltonetworks.com/)
  * [领导者的视角](https://www.paloaltonetworks.com/perspectives/)
  * [《网络视角》杂志](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine)
  * [区域云位置](https://www.paloaltonetworks.cn/products/regional-cloud-locations?ts=markdown)
  * [技术文档](https://docs.paloaltonetworks.com/)
  * [安全态势评估](https://www.paloaltonetworks.cn/security-posture-assessment?ts=markdown)
  * [威胁载体播客](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)  
    联系
  * [在线社区](https://live.paloaltonetworks.com/)
  * [活动资讯](https://events.paloaltonetworks.com/)
  * [高管简报中心](https://www.paloaltonetworks.com/about-us/executive-briefing-program)
  * [演示](https://www.paloaltonetworks.cn/demos?ts=markdown)
  * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown)  
    [博客
    了解行业趋势和全球最大网络安全公司的最新创新
    了解更多](https://www.paloaltonetworks.com/blog/?lang=zh-hans)

* CN  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com/)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * CHINA (简体中文)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown)

* [资源](https://www.paloaltonetworks.cn/resources?ts=markdown)

* [获得支持](https://support.paloaltonetworks.com/support)

* [遭遇攻击？](https://start.paloaltonetworks.com/contact-unit42.html)

* [立即开始](https://www.paloaltonetworks.cn/get-started?ts=markdown)  
  搜索  
  Close search modal
  [](https://www.paloaltonetworks.com/?ts=markdown)

1. [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown)
2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown)
3. [Ivanti VPN 漏洞：您需要了解的信息](https://www.paloaltonetworks.cn/cyberpedia/ivanti-VPN-vulnerability-what-you-need-to-know?ts=markdown)  
   目录

* [Ivanti 安全措施和建议](#recommendation)
* [Unit 42 事故应对案例](#ir-cases)
* [针对企业安全专业人员的 10 个有关 Ivanti 漏洞的常见问题和解答](#faqs)

# Ivanti VPN 漏洞：您需要了解的信息

目录

* [Ivanti 安全措施和建议](#recommendation)
* [Unit 42 事故应对案例](#ir-cases)
* [针对企业安全专业人员的 10 个有关 Ivanti 漏洞的常见问题和解答](#faqs)

1. Ivanti 安全措施和建议

* [1. Ivanti 安全措施和建议](#recommendation)
* [2. Unit 42 事故应对案例](#ir-cases)
* [3. 针对企业安全专业人员的 10 个有关 Ivanti 漏洞的常见问题和解答](#faqs)

中国国家支持的黑客瞄准了最近公布的 Ivanti VPN 产品、Ivanti Connect Secure（前身为 Pulse Secure）和 Ivanti Policy Secure 网关中的漏洞。这些漏洞被报告为 CVE-2023-46805、CVE-2024-21887、CVE-2024-21888 和 CVE-2024-21893。

如果同时使用，这些漏洞可能会导致未经授权的身份验证绕过和远程命令执行。Ivanti 已针对其产品中最常用的版本发布了这些漏洞的修补程序，但该公司尚未发布其产品所有易受攻击版本的修补程序。这导致权限升级和服务器端请求伪造的风险增加，使那些尚未能够应用补丁的用户面临更大的风险。

## Ivanti 安全措施和建议

Unit 42^®^ 建议，一旦发现这些漏洞，应立即打上补丁，并在打补丁前主动重置系统，以确保环境的完整性。针对新发现的漏洞，我们赞同 CISA 提出的断开受攻击解决方案的网络连接的建议，并强调认真应用现有或即将推出的补丁程序的重要性。

在 Threat Vector 播客的最新环节中，Unit 42 网络安全专家、副总裁兼全球运营主管 Sam Rubin 和负责任情报管理的高级经理 Ingrid Parker 深入探讨了在 Ivanti 的 Connect Secure 和 Policy Security 产品中发现的关键漏洞。他们探讨了漏洞的潜在影响、减轻影响的紧迫性以及防御策略。  
![矢量播客](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/ivanti-vpn/threat-vectior-ivanti_3_3798x1279-min.jpg)  
![white triangle](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/video-play-white.svg)

[通过您喜爱的播客播放器订阅和收听](https://thecyberwire.com/podcasts/threat-vector)

## Unit 42 事故应对案例

CVE-2023-46805 和 CVE-2024-21887 Ivanti 漏洞的利用活动分为三波。

第一波至少从 2023 年 12 月的第二周持续到 2024 年 1 月 10 日，Volexity 就此发表了第一篇博文。此次活动中的攻击具有针对性，并采用了多种自定义网络外壳和横向移动。Unit 42 应对了可能与这一波运动相对应的威胁活动。

与 Volexity 的博文中讨论的活动类似，我们观察到威胁参与者进行了以下活动：

* 外泄前使用 7-Zip 将 NTDS.dit 等文件存档
* 使用 Windows 任务管理器 (Taskmgr.exe) 创建 LSASS 进程的内存转储
* 通过远程桌面协议（RDP）横向移动
* 删除日志

第二波浪潮始于 Volexity 于 2024 年 1 月 10 日发表第一篇博文之后。这一浪潮的特点是从有针对性的攻击转变为更多威胁参与者的大规模利用。

Unit 42 对很可能与这一波运动相对应的威胁活动案件做出了回应。这些案件中的威胁活动是一致的。

威胁参与者转储了包含网络内各种用户和账户的模式、设置、名称和凭据的配置数据，但没有像第一波事件那样进行任何横向移动。

Unit 42 认为，这一活动背后的威胁参与者可能已将重点转移到更广泛的利用上，以便在各组织开始打补丁和应用缓解指导之前将影响最大化。

第三波浪潮早在 2024 年 1 月 16 日就已开始，当时概念验证（PoC）漏洞已公开可用。这些漏洞的发布导致一系列具有不同动机和复杂程度的行为者进行大规模利用，包括广泛部署加密货币挖矿机和各种远程监控和管理（RMM）软件的犯罪实体。

Unit 42 已对威胁活动做出响应，这些活动很可能与这一波段相对应，来自使用公开 PoC 漏洞的威胁参与者。我们目前正在支持客户调查这些事件。

### 全面的伊万纳提辩护策略

这些漏洞的发现凸显了警惕安全措施和快速反应能力的必要性。这凸显了广泛使用的虚拟专用网络（VPN）技术中存在的关键安全漏洞，而这些漏洞正被老练的威胁参与者所利用。这些漏洞允许未经授权的访问和控制，给组织网络带来重大风险。

以下策略对于保持强大的安全态势，应对不断变化的网络威胁，确保敏感信息和关键基础设施得到保护至关重要：

* 清点您的资产：为所有网络设备、系统和软件编制目录。
* 选择正确的工具：利用最适合 IT 环境复杂性和大规模的漏洞扫描工具。
* 扫描漏洞：定期运行扫描，找出系统中的安全漏洞。
* 分析结果：仔细查看扫描结果，根据其严重性和潜在影响确定漏洞的优先级。
* 补救和修补：打上必要的补丁或变通方法，以减少已发现的漏洞。
* 重复并回顾：监控并重新评估您的安全态势，以适应新的威胁。

请务必查看我们先进的 Ivanti 新兴威胁报告：  
![Unit 42 新威胁报告](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/emerging-threat-report-thumbnail.png "Unit 42 新威胁报告") *[Unit 42 新威胁报告：多个 Ivanti 漏洞](https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2023-46805-cve-2024-21887/)*

### 采用全面的网络安全策略

采取重要措施保护网络免受潜在的网络威胁至关重要。一些保护网络安全的方法包括隐藏应用程序和 VPN，使其不被公共互联网看到，从而避免受到攻击。您还应该彻底检查所有入站和出站流量，以消除恶意软件和零时差漏洞等威胁。

在整个网络中应用最小权限原则是另一个重要步骤。这可确保用户只能访问其角色所需的资源。您还应通过使用强大的多因素身份验证来有效验证用户身份，从而加强访问控制。

还建议将用户直接连接到应用程序，而不是更广泛的网络。这样可以最大限度地减少安全事故可能造成的损失。利用持续监控对于识别和减轻内部或外部受损参与者造成的威胁也至关重要。

为保护敏感数据，在传输和静止时都应进行严格监控和加密。采用欺骗技术和积极主动的威胁追踪，有助于在威胁造成危害之前识别并消除威胁。

在组织内部培养安全意识文化也可以抵御网络钓鱼等常见媒介。通过评估和模拟定期评估安全措施，有助于发现和解决漏洞。

### Palo Alto Networks 零信任方法

为应对这些威胁，Palo Alto Networks 强调零信任架构的重要性，在不将应用程序暴露于直接网络威胁的情况下，为应用程序提供安全、分段的访问。我们的解决方案，包括高级威胁预防和分段策略，旨在 [最大限度地减少攻击面](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/attack-surface-management?ts=markdown)，防止未经授权的访问，并 实时检测和 [应对威胁](https://www.paloaltonetworks.cn/unit42/respond/incident-response?ts=markdown)。

## 针对企业安全专业人员的 10 个有关 Ivanti 漏洞的常见问题和解答

### 什么是 Ivanti 漏洞？

Ivanti 漏洞指的是 Ivanti 在其 Connect Secure 和 Policy Secure 产品中披露的五个高度或关键漏洞（CVE-2023-46805、CVE-2024-21887、CVE-2024-21888、CVE-2024-21893 和 CVE-2024-22024）。这些漏洞既包括身份验证绕过和命令注入漏洞，也包括权限升级和服务器端请求伪造漏洞。

### Ivanti 漏洞如何影响企业安全？

这些漏洞可允许未经授权访问 Ivanti 产品，导致未经授权执行命令、权限升级和访问受限资源。这些漏洞给企业网络带来了巨大风险，可能导致数据泄露或网络服务中断。

### 如果这些漏洞被利用，会有哪些风险？

这些漏洞一旦被利用，攻击者就可以访问受限资源，将权限升级到管理员级别，甚至在设备上执行任意命令。这些被利用的漏洞可能导致数据泄露、网络服务中断以及进一步的网络渗透。

### 如何检测这些漏洞是否会影响我组织的 Ivanti 产品？

Ivanti 提供了一个外部完整性检查工具，您可以运行该工具来检查 Ivanti 产品中是否存在这些漏洞的迹象。该工具已进行更新，增加了解决这些漏洞的功能。

### 如果我组织的 Ivanti 产品受到影响，我应该采取什么措施？

如果您的 Ivanti 产品受到影响，Ivanti 建议您在提供补丁后立即应用。对于尚未提供补丁程序的产品，Ivanti 建议在补丁程序发布之前执行变通方法。

### 如果我怀疑这些漏洞已在我的组织中被利用，我该怎么办？

如果您怀疑这些漏洞已被利用，则应按照 CISA 的建议，断开受影响 Ivanti 产品与网络的连接。您还应启动事件响应流程，调查入侵迹象，并考虑聘请专业的网络安全协助人员。Palo Alto Networks Unit 42 可以提供帮助，请致电我们。

### 如何保护我的组织免受这些和未来漏洞的影响？

定期扫描漏洞、及时打补丁和弹性事件响应计划是保护组织的关键。遵循最低权限访问、多因素身份验证和网络分段等安全最佳实践也至关重要。

### 是否存在与利用这些漏洞相关的特定入侵指标（IOCs）？

具体的 IOC 可能各不相同，包括不寻常的网络流量、意外的系统行为以及未经授权访问或权限升级的证据。Ivanti 或您的 安全解决方案提供商 可能会提供更具体的 IOC。

### 目前对 Ivanti 产品的攻击范围是什么？

截至上次更新，145 个国家/地区的 28,000 多个 Ivanti Connect Secure 和 Policy Secure 实例已被曝光。已观测到 600 多个受损病例。至少从 2023 年 12 月初开始，这些漏洞就被积极利用。

### Palo Alto Networks 客户是否受到保护，免受这些漏洞的侵害？

是的，Palo Alto Networks 客户可以使用 Cortex Xpanse、具有高级威胁预防功能的新一代防火墙、高级 WildFire、高级 URL 过滤和 DNS 安全以及 Cortex XDR 和 XSIAM 等各种产品和功能实施这些漏洞的缓解措施。
相关内容  
[信息安全治理
要在整个企业范围内始终如一地保护信息，就意味着要有合适的人员将信息安全计划与业务和技术策略结合起来。](https://www.paloaltonetworks.com/blog/prisma-cloud/information-security-governance/)  
[使用数据策略扫描数据泄露或恶意软件
利用预定义的数据配置文件和数据模式检测恶意软件，防止敏感数据无意或恶意泄露防护。](https://docs.prismacloud.io/en/enterprise-edition)  
[5 个机构实现 360° 可见性和合规性
了解组织如何实现云环境的集中可视性，以修复漏洞并消除威胁。](https://www.paloaltonetworks.cn/resources/ebooks/customer-spotlight-visibility-and-compliance?ts=markdown)  
[数据可见性和分类
许多组织对个人身份信息等关键数据类型没有足够的可见性。在面对审计和确定数据优先级时，这就成了一个问题...](https://www.paloaltonetworks.cn/prisma/cloud/cloud-data-security?ts=markdown)  
![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=Ivanti%20VPN%20%E6%BC%8F%E6%B4%9E%EF%BC%9A%E6%82%A8%E9%9C%80%E8%A6%81%E4%BA%86%E8%A7%A3%E7%9A%84%E4%BF%A1%E6%81%AF&body=%E4%BA%86%E8%A7%A3%E6%9C%80%E8%BF%91%E7%9A%84%20Ivanti%20VPN%20%E6%BC%8F%E6%B4%9E%E5%8F%8A%E5%85%B6%E6%BD%9C%E5%9C%A8%E9%A3%8E%E9%99%A9%E3%80%82%E6%8E%A2%E7%B4%A2%E7%BC%93%E8%A7%A3%E7%AD%96%E7%95%A5%E3%80%81%E4%BA%8B%E4%BB%B6%E5%93%8D%E5%BA%94%E6%A1%88%E4%BE%8B%E5%92%8C%E7%BB%BC%E5%90%88%E9%98%B2%E5%BE%A1%E7%AD%96%E7%95%A5%EF%BC%8C%E4%BF%9D%E6%8A%A4%E6%82%A8%E7%9A%84%E7%BD%91%E7%BB%9C%E3%80%82%20at%20https%3A//www.paloaltonetworks.cn/cyberpedia/ivanti-VPN-vulnerability-what-you-need-to-know)  
返回页首  
{#footer}

## 产品和服务

* [实时人工智能驱动的网络安全](https://www.paloaltonetworks.cn/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown)

* [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown)

* [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown)

* [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-iot-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown)

* [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)

* [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown)

* [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown)

* [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown)

* [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown)

* [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown)

* [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)

* [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown)

* [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown)

* [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown)

* [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown)

* [主动评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown)

* [事故响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown)

* [安全策略转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown)

* [发现威胁情报](https://www.paloaltonetworks.cn/unit42/threat-intelligence-partners?ts=markdown)

## 公司

* [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown)
* [人才招聘](https://jobs.paloaltonetworks.com/en/)
* [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown)
* [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility)
* [客户](https://www.paloaltonetworks.cn/customers?ts=markdown)
* [投资者关系](https://investors.paloaltonetworks.com/)
* [位置](https://www.paloaltonetworks.com/about-us/locations)
* [新闻资讯](https://www.paloaltonetworks.cn/company/newsroom?ts=markdown)

## 热门链接

* [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans)
* [社区](https://www.paloaltonetworks.com/communities)
* [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown)
* [网络百科](https://www.paloaltonetworks.com/cyberpedia)
* [事件中心](https://events.paloaltonetworks.com/)
* [管理电子邮件首选项](https://start.paloaltonetworks.com/preference-center)
* [产品清单](https://www.paloaltonetworks.cn/products/products-a-z?ts=markdown)
* [产品认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance)
* [报告漏洞](https://www.paloaltonetworks.com/security-disclosure)
* [网站地图](https://www.paloaltonetworks.cn/sitemap?ts=markdown)
* [技术文档](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [请勿出售或分享我的个人信息](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [隐私](https://www.paloaltonetworks.com/legal-notices/privacy)
* [信任中心](https://www.paloaltonetworks.com/legal-notices/trust-center)
* [使用条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use)
* [文档](https://www.paloaltonetworks.com/legal)

版权所有 © 2026 Palo Alto Networks。保留所有权利

* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)
* CN  
  Select your language