[](https://www.paloaltonetworks.com/?ts=markdown) * CN * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * 产品 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 产品 [人工智能驱动的网络安全平台](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [医疗物联网安全](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [企业 DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma 浏览器](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [应用安全](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [云运行时安全](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.cn/cortex/advanced-email-security?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.cn/cortex/exposure-management?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * 解决方案 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 解决方案 AI 安全 * [安全的人工智能生态系统](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [安全使用 GenAI](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) 网络安全 * [云网络安全](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [数据中心安全](https://www.paloaltonetworks.cn/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [入侵检测和防御](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [5G 安全](https://www.paloaltonetworks.cn/network-security/5g-security?ts=markdown) * [确保所有应用、用户和位置的安全](https://www.paloaltonetworks.cn/sase/secure-users-data-apps-devices?ts=markdown) * [确保分支机构转型的安全](https://www.paloaltonetworks.cn/sase/secure-branch-transformation?ts=markdown) * [确保任何设备上的工作安全](https://www.paloaltonetworks.cn/sase/secure-work-on-any-device?ts=markdown) * [VPN 替代](https://www.paloaltonetworks.cn/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web 和网络钓鱼安全](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) 云安全 * [应用安全态势管理 (ASPM)](https://www.paloaltonetworks.cn/cortex/cloud/application-security-posture-management?ts=markdown) * [软件供应链安全](https://www.paloaltonetworks.cn/cortex/cloud/software-supply-chain-security?ts=markdown) * [代码安全](https://www.paloaltonetworks.cn/cortex/cloud/code-security?ts=markdown) * [云安全态势管理 (CSPM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-security-posture-management?ts=markdown) * [云基础架构权限管理 (CIEM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [数据安全态势管理 (DSPM)](https://www.paloaltonetworks.cn/cortex/cloud/data-security-posture-management?ts=markdown) * [AI 安全态势管理 (AI-SPM)](https://www.paloaltonetworks.cn/cortex/cloud/ai-security-posture-management?ts=markdown) * [云检测与响应 (CDR)](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [云工作负载保护 (CWP)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web 应用及 API 安全 (WAAS)](https://www.paloaltonetworks.cn/cortex/cloud/web-app-api-security?ts=markdown) 安全运营 * [云检测和响应](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [网络安全自动化](https://www.paloaltonetworks.cn/cortex/network-security-automation?ts=markdown) * [事件案例管理](https://www.paloaltonetworks.cn/cortex/incident-case-management?ts=markdown) * [SOC 自动化](https://www.paloaltonetworks.cn/cortex/security-operations-automation?ts=markdown) * [威胁情报管理](https://www.paloaltonetworks.cn/cortex/threat-intel-management?ts=markdown) * [托管的检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [攻击面管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [合规性管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/compliance-management?ts=markdown) * [互联网运营管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/internet-operations-management?ts=markdown) 端点安全 * [端点防护](https://www.paloaltonetworks.cn/cortex/endpoint-protection?ts=markdown) * [扩展的检测和响应](https://www.paloaltonetworks.cn/cortex/detection-and-response?ts=markdown) * [勒索软件防护](https://www.paloaltonetworks.cn/cortex/ransomware-protection?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/cortex/digital-forensics?ts=markdown) [行业](https://www.paloaltonetworks.cn/industry?ts=markdown) * [公共部门](https://www.paloaltonetworks.com/industry/public-sector) * [金融服务](https://www.paloaltonetworks.com/industry/financial-services) * [制造](https://www.paloaltonetworks.com/industry/manufacturing) * [医疗保健](https://www.paloaltonetworks.com/industry/healthcare) * [中小型企业解决方案](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio) * 服务 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 服务 [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [AI 安全评估](https://www.paloaltonetworks.cn/unit42/assess/ai-security-assessment?ts=markdown) * [攻击面评估](https://www.paloaltonetworks.cn/unit42/assess/attack-surface-assessment?ts=markdown) * [防泄露准备工作审核](https://www.paloaltonetworks.cn/unit42/assess/breach-readiness-review?ts=markdown) * [BEC 准备情况评估](https://www.paloaltonetworks.com/bec-readiness-assessment) * [云安全评估](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment) * [入侵评估](https://www.paloaltonetworks.cn/unit42/assess/compromise-assessment?ts=markdown) * [网络风险评估](https://www.paloaltonetworks.cn/unit42/assess/cyber-risk-assessment?ts=markdown) * [并购网络尽职调查](https://www.paloaltonetworks.cn/unit42/assess/mergers-acquisitions-cyber-due-dilligence?ts=markdown) * [渗透测试](https://www.paloaltonetworks.cn/unit42/assess/penetration-testing?ts=markdown) * [紫队演习](https://www.paloaltonetworks.cn/unit42/assess/purple-teaming?ts=markdown) * [勒索软件就绪评估](https://www.paloaltonetworks.cn/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC 评估](https://www.paloaltonetworks.com/unit42/assess/soc-assessment) * [供应链风险评估](https://www.paloaltonetworks.cn/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [桌面演习](https://www.paloaltonetworks.cn/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [云事故响应](https://www.paloaltonetworks.cn/unit42/respond/cloud-incident-response?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/unit42/respond/digital-forensics?ts=markdown) * [事件响应](https://www.paloaltonetworks.cn/unit42/respond/incident-response?ts=markdown) * [托管检测与响应](https://www.paloaltonetworks.cn/unit42/respond/managed-detection-response?ts=markdown) * [托管威胁追踪](https://www.paloaltonetworks.cn/unit42/respond/managed-threat-hunting?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [事故响应计划制定与审核](https://www.paloaltonetworks.cn/unit42/transform/incident-response-plan-development-review?ts=markdown) * [安全计划设计](https://www.paloaltonetworks.cn/unit42/transform/security-program-design?ts=markdown) * [虚拟 CISO](https://www.paloaltonetworks.cn/unit42/transform/vciso?ts=markdown) * [零信任咨询](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory) [全球客户服务](https://www.paloaltonetworks.cn/services?ts=markdown) * [教育与培训](https://www.paloaltonetworks.com/services/education) * [专业服务](https://www.paloaltonetworks.com/services/consulting) * [成功工具](https://www.paloaltonetworks.com/services/customer-success-tools) * [支持服务](https://www.paloaltonetworks.com/services/solution-assurance) * [客户成功](https://www.paloaltonetworks.com/services/customer-success) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) Unit 42 顾问人员 为满足企业的需求而定制,您可以选择将顾问人员工时数分配给我们的任意产品,包括主动网络风险管理服务。了解如何一键呼叫世界一流的 Unit 42 事故响应团队。 了解更多](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * 合作伙伴 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 合作伙伴 NextWave 合作伙伴 * [NextWave 合作伙伴社区](https://www.paloaltonetworks.com/partners) * [云服务提供商](https://www.paloaltonetworks.com/partners/nextwave-for-csp) * [全球系统集成商](https://www.paloaltonetworks.com/partners/nextwave-for-gsi) * [技术合作伙伴](https://www.paloaltonetworks.com/partners/technology-partners) * [服务提供商](https://www.paloaltonetworks.com/partners/service-providers) * [解决方案提供商](https://www.paloaltonetworks.com/partners/nextwave-solution-providers) * [托管安全服务提供商](https://www.paloaltonetworks.com/partners/managed-security-service-providers) 采取行动 * [门户网站登录](https://www.paloaltonetworks.com/partners/nextwave-partner-portal) * [管理的服务计划](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program) * [成为合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [请求访问](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [查找合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE 代表了因其安全专业知识而值得信赖的前 1% 的合作伙伴工程师。 了解更多](https://www.paloaltonetworks.com/cyberforce) * 公司 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 公司 Palo Alto Networks * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [管理团队](https://www.paloaltonetworks.com/about-us/management) * [投资者关系](https://investors.paloaltonetworks.com/) * [地点](https://www.paloaltonetworks.com/about-us/locations) * [道德与合规性](https://www.paloaltonetworks.com/company/ethics-and-compliance) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [军人和退伍军人](https://jobs.paloaltonetworks.com/military) [为什么选择 Palo Alto Networks?](https://www.paloaltonetworks.cn/why-paloaltonetworks?ts=markdown) * [Precision AI 安全](https://www.paloaltonetworks.cn/precision-ai-security?ts=markdown) * [我们的平台方法](https://www.paloaltonetworks.cn/why-paloaltonetworks/platformization?ts=markdown) * [加速网络安全转型](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio) * [获得的奖项与表彰](https://www.paloaltonetworks.com/about-us/awards) * [客户案例](https://www.paloaltonetworks.cn/customers?ts=markdown) * [全球认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [全方位信任计划](https://www.paloaltonetworks.com/resources/whitepapers/trust-360) 职业生涯 * [概述](https://jobs.paloaltonetworks.com/) * [文化与福利](https://jobs.paloaltonetworks.com/culture) [《新闻周刊》评选出的最受欢迎的工作场所 善待员工的企业 阅读更多](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021) * 更多内容 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 更多内容 资源 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [Unit 42 威胁研究博客](https://unit42.paloaltonetworks.com/) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) * [技术内幕](https://techinsider.paloaltonetworks.com/) * [知识库](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks 频道](https://tv.paloaltonetworks.com/) * [领导者的视角](https://www.paloaltonetworks.com/perspectives/) * [《网络视角》杂志](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine) * [区域云位置](https://www.paloaltonetworks.cn/products/regional-cloud-locations?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [安全态势评估](https://www.paloaltonetworks.cn/security-posture-assessment?ts=markdown) * [威胁载体播客](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) 联系 * [在线社区](https://live.paloaltonetworks.com/) * [活动资讯](https://events.paloaltonetworks.com/) * [高管简报中心](https://www.paloaltonetworks.com/about-us/executive-briefing-program) * [演示](https://www.paloaltonetworks.cn/demos?ts=markdown) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) [博客 了解行业趋势和全球最大网络安全公司的最新创新 了解更多](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * CN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) * [立即开始](https://www.paloaltonetworks.cn/get-started?ts=markdown) 搜索 Close search modal [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) 2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown) 3. [Cyberthreat Intelligence](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) 4. [什么是威胁情报生命周期?](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle?ts=markdown) 目录 * [什么是网络威胁情报 (CTI)?](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) * [威胁情报:为何重要](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#why-it-matters?ts=markdown) * [网络威胁情报的好处](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#benefits?ts=markdown) * [网络威胁情报的挑战](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#challenges?ts=markdown) * [网络威胁情报的类型](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#types?ts=markdown) * [威胁情报的来源](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#sources?ts=markdown) * [威胁情报中的工具和服务](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#tools?ts=markdown) * [威胁情报的实际实施](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#implementation?ts=markdown) * [威胁情报生命周期:概述](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#lifecycle?ts=markdown) * [建立有效的威胁情报计划](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#program?ts=markdown) * [威胁情报常见问题解答](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti#faq?ts=markdown) * 什么是威胁情报生命周期? * [威胁情报生命周期为何重要?](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#why?ts=markdown) * [威胁情报生命周期的 6 个阶段](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#lifecycle?ts=markdown) * [威胁情报生命周期框架的优势](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#benefits?ts=markdown) * [威胁情报生命周期常见问题解答](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#faqs?ts=markdown) * [What is Digital Forensics and Incident Response (DFIR)?](https://www.paloaltonetworks.com/cyberpedia/digital-forensics-and-incident-response?ts=markdown) * [DFIR: A Symbiotic Relationship](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#dfir?ts=markdown) * [The Role of Digital Forensics](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#role-of-digital-forensics?ts=markdown) * [The Role and Importance of Incident Response](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#roles?ts=markdown) * [What is the Difference Between DFIR and SOC?](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#difference?ts=markdown) * [The Role of EDR in DFIR](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#role-of-edr?ts=markdown) * [DFIR Challenges](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#challenges?ts=markdown) * [Digital Forensics and Incident Response Best Practices](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#best-practices?ts=markdown) * [Future Trends in DFIR](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#future-trends?ts=markdown) * [DFIR FAQs](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response#faqs?ts=markdown) # 什么是威胁情报生命周期? 目录 * * [威胁情报生命周期为何重要?](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#why?ts=markdown) * [威胁情报生命周期的 6 个阶段](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#lifecycle?ts=markdown) * [威胁情报生命周期框架的优势](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#benefits?ts=markdown) * [威胁情报生命周期常见问题解答](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#faqs?ts=markdown) 1. 威胁情报生命周期为何重要? * * [威胁情报生命周期为何重要?](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#why?ts=markdown) * [威胁情报生命周期的 6 个阶段](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#lifecycle?ts=markdown) * [威胁情报生命周期框架的优势](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#benefits?ts=markdown) * [威胁情报生命周期常见问题解答](https://www.paloaltonetworks.cn/cyberpedia/what-is-the-threat-intelligence-life-cycle#faqs?ts=markdown) 威胁情报生命周期是网络安全领域用于管理网络威胁的一个流程。它通过收集、分析和应用有关潜在和当前网络威胁的信息,帮助组织保护其信息资产。目标是持续改进威胁情报的质量和相关性,适应不断变化的网络威胁形势。 周期通常包括以下几个阶段: 1. \*\*方向/发现:\*\*旨在确定或发现消费者的情报要求。 2. \*\*系列:\*\*从各种渠道收集数据和信息,以满足确定的要求。 3. \*\*处理:\*\*对数据进行清理,以去除重复、不一致和不相关的信息,将其转换为适合分析的格式,并通过附加的上下文和元数据进行增强。 4. \*\*分析:\*\*原始数据和信息经过整理、与其他来源融合,并通过各种机器和人工技术转化为智能。 5. \*\*传播/行动:\*\*及时将已完成的情报产品适当分发给目标消费者。 6. **反馈**:对情报周期每个步骤的有效性进行持续评估,以确保将最好的情报送达预定的消费者。 ![乔纳森-休伯纳的威胁情报追踪寻宝游戏](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/threat-intelligence-life-cycle/thumbnail-threat-intelligence-treasure-hunt.jpg) close ## 威胁情报生命周期为何重要? 威胁情报生命周期是一个持续和不断发展的过程,通过不断提高对威胁环境的理解并相应调整防御措施,帮助组织在网络威胁面前保持领先。 通过集中应对相关威胁,生命周期降低了攻击的影响,使组织能够更有效地做出反应,并保持稳健、适应性强的网络安全态势。 ![Unit 42 威胁情报生命周期](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/threat-intelligence-life-cycle/unit-42-threat-intel-lifecycle.png "Unit 42 威胁情报生命周期") ## 威胁情报生命周期的 6 个阶段 [威胁情报流程](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) 包括六个相互关联的阶段,共同收集、分析和传播有关潜在威胁的信息。这种迭代过程利用每个阶段的反馈来完善后续策略,持续提高组织识别和应对威胁的能力。 ### 方向/发现 为了启动生命周期,安全小组要与业务利益相关者合作,确定威胁情报计划的目的和目标。这通常始于确定哪些资产和数据需要保护、分配资源和预算,以及建立关键绩效指标(KPI)来测量计划的成功与否。这一阶段是一个重要的起点,因为它为整个威胁情报流程奠定了基础。 ### 收藏品 在收集阶段,各组织从 "方向 "阶段确定的各种来源收集数据和信息,包括 * 内部日志 * 外部威胁信息 * 开放源码情报(OSINT) * 信息共享和分析中心(ISACS) * SOCMINT * 政府机构、行业团体和商业供应商 * 深网和暗网情报 ### 加工 将收集到的数据转换成便于分析的格式。处理步骤包括分类、解密和将数据转换成可用的形式。对数据进行分类包括根据特定标准将数据组织成类别或组别。对数据进行解密,对任何加密或编码数据进行解码,以便读取和理解。 最后,将数据从一种语言或格式翻译和转换成另一种语言或格式,使其更易于理解和解释。这一重要步骤使分析人员能够更有效、更高效地处理数据。 ### 分析 在分析潜在网络威胁或攻击的数据时,专家们会检查处理过的数据,找出恶意活动的模式、异常和其他迹象。在这一过程中,往往需要对各种来源的数据进行交叉比对,并使用分析技术来了解信息的来龙去脉和影响。 ### 传播/行动 将分析后的情报分发给目标受众。这可能是组织内部的决策者、运营团队或外部合作伙伴。关键是要确保以可操作和相关的方式提供情报。 ### 反馈意见 收集主要利益攸关方对所提供威胁情报的有效性和针对性的反馈意见,是加强和完善威胁情报工作的关键步骤。对从利益攸关方收到的反馈意见进行细致分析,找出情报工作中的不足和需要改进的地方,确保所提供的情报具有相关性和时效性。从反馈中获得的见解被用于完善和改进威胁情报流程,从而为我们的利益相关者提供更有针对性和更好的情报。 ## 威胁情报生命周期框架的优势 威胁情报生命周期增强了组织抵御网络威胁的能力,有助于以更具战略性、更高效和更全面的方式管理网络安全风险。潜在的好处包括 1. 及早检测和应对潜在威胁,可以大大降低网络攻击的影响。 2. 通过了解不断变化的威胁形势和分配资源以产生最大影响,从而更具战略性地管理网络安全性风险。 3. 通过主动预防攻击或减轻其影响,而不是处理网络攻击的后果来节约成本。 4. 加强安全措施,提高抵御网络攻击的能力。 5. 在发生安全漏洞时,为事件响应和取证分析提供宝贵的背景资料。 6. 通过有效管理网络威胁,在客户和业务合作伙伴心目中树立更可靠、更安全的形象,从而赢得竞争优势。 7. 针对具体漏洞,开发量身定制的安全解决方案。 8. 通过整合全球各种来源的信息,获得有关网络威胁的更广阔视角。 9. 通过将威胁情报纳入组织运营,培养安全意识文化,鼓励员工提高警惕,了解网络安全在其职责中的重要性。 ## 威胁情报生命周期常见问题解答 ### 什么是威胁情报? 威胁情报是指为了解威胁参与者的动机、目标和攻击行为而收集、处理和分析的信息。这些情报有助于组织就其安全态势和策略做出明智决策,以减轻潜在的网络威胁。 ### 威胁情报与传统安全措施有何不同? 传统的安全措施往往是被动的,侧重于防御已知的威胁和漏洞。威胁情报则是前瞻性和预测性的。它涉及在遇到新威胁或潜在威胁之前收集有关数据,以便采取更具战略性和预见性的防御措施。 ### 威胁情报的主要来源有哪些? 威胁情报的主要来源包括开源情报 (OSINT)、社交媒体、深网和暗网来源、现有安全解决方案(如防火墙和入侵检测系统)的日志和报告,以及各行业特有的信息共享和分析中心 (ISAC)。 ### 中小型企业 (SME) 能否从威胁情报中获益? 当然。中小型企业可以从威胁情报中获益匪浅,因为威胁情报提供的洞察力有助于确定安全工作和资源分配的优先次序。虽然中小型企业可能需要更多资源来开展专门的威胁情报行动,但各种威胁情报服务和工具都是为小型组织量身定制的。 ### 威胁情报应多久更新一次? 威胁情报应该是持续性的,因为网络威胁的形势在不断变化。更新频率可根据组织所处行业、具体威胁和可用资源而有所不同。然而,定期更新和持续监控对于保持有效的防御态势至关重要。 相关内容 [网络威胁情报 (CTI) 网络威胁情报通过分析和分享对数字威胁的洞察力来增强网络安全,帮助组织先发制人地抵御网络攻击。](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) [威胁情报管理产品页面 威胁情报管理是有效管理威胁情报数据的过程。了解 Palo Alto Networks 的威胁情报管理。](https://www.paloaltonetworks.cn/cortex/threat-intel-management?ts=markdown) [为您的 SOC 充电 Cortex XSOAR 采用独特的本地威胁情报管理方法,将威胁情报的汇总、评分和共享与游戏驱动的自动化统一起来。](https://www.paloaltonetworks.com/resources/infographics/xsoar-product-tour) [SANS 评论 XSOAR 通过集中管理所有威胁情报,提高 SOC 的效率。SANS Institute 是世界上最大的网络安全研究机构,它提供客观的产品信息,帮助您了解网络安全问题。](https://start.paloaltonetworks.cn/cortex-xsoar-sans-review) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=%E4%BB%80%E4%B9%88%E6%98%AF%E5%A8%81%E8%83%81%E6%83%85%E6%8A%A5%E7%94%9F%E5%91%BD%E5%91%A8%E6%9C%9F%EF%BC%9F&body=%E5%AE%9E%E6%96%BD%E6%9C%89%E6%95%88%E7%9A%84%E5%A8%81%E8%83%81%E6%83%85%E6%8A%A5%E7%94%9F%E5%91%BD%E5%91%A8%E6%9C%9F%E6%9C%89%E5%8A%A9%E4%BA%8E%E7%BB%84%E7%BB%87%E6%9B%B4%E5%AE%B9%E6%98%93%E5%9C%B0%E5%8F%91%E7%8E%B0%E5%92%8C%E9%98%BB%E6%AD%A2%E6%94%BB%E5%87%BB%EF%BC%8C%E6%9B%B4%E6%9C%89%E6%95%88%E5%9C%B0%E4%BF%9D%E9%9A%9C%E7%BB%84%E7%BB%87%E5%AE%89%E5%85%A8%E3%80%82%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-the-threat-intelligence-life-cycle) 返回页首 [上一页](https://www.paloaltonetworks.cn/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown) 什么是网络威胁情报 (CTI)? [下一页](https://www.paloaltonetworks.cn/cyberpedia/digital-forensics-and-incident-response?ts=markdown) What is Digital Forensics and Incident Response (DFIR)? {#footer} ## 产品和服务 * [实时人工智能驱动的网络安全](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-iot-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [主动评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [事故响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [安全策略转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [发现威胁情报](https://www.paloaltonetworks.cn/unit42/threat-intelligence-partners?ts=markdown) ## 公司 * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [人才招聘](https://jobs.paloaltonetworks.com/en/) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [客户](https://www.paloaltonetworks.cn/customers?ts=markdown) * [投资者关系](https://investors.paloaltonetworks.com/) * [位置](https://www.paloaltonetworks.com/about-us/locations) * [新闻资讯](https://www.paloaltonetworks.cn/company/newsroom?ts=markdown) ## 热门链接 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [网络百科](https://www.paloaltonetworks.com/cyberpedia) * [事件中心](https://events.paloaltonetworks.com/) * [管理电子邮件首选项](https://start.paloaltonetworks.com/preference-center) * [产品清单](https://www.paloaltonetworks.cn/products/products-a-z?ts=markdown) * [产品认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [报告漏洞](https://www.paloaltonetworks.com/security-disclosure) * [网站地图](https://www.paloaltonetworks.cn/sitemap?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [请勿出售或分享我的个人信息](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [隐私](https://www.paloaltonetworks.com/legal-notices/privacy) * [信任中心](https://www.paloaltonetworks.com/legal-notices/trust-center) * [使用条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use) * [文档](https://www.paloaltonetworks.com/legal) 版权所有 © 2025 Palo Alto Networks。保留所有权利 * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * CN Select your language