Emergency Security Contact (ESC) – User Manual

Emergency Security Contact (ESC) – User Manual

2811
Created On 02/04/26 22:03 PM - Last Modified 02/20/26 20:37 PM


Symptom


Purpose of Emergency Security Contact

The ESC serves as the primary point of contact during:

  • Critical security incidents

  • Vulnerability disclosures

  • Product-related security advisories

  • Urgent actions requiring immediate customer response

Keeping ESC details up to date ensures timely communication and reduces security and operational risk

Environment


Roles and Access
Eligible Roles

  • Super Users are responsible for managing and reviewing ESC information.

Access Rules

  • ESC is not assigned as a default role.

  • Only authorized users can:

    • View ESC details

    • Add or update ESC contacts

    • Complete the mandatory ESC review

Navigating to Emergency Security Contact

  1. Log in to the Customer Support Portal (CSP) and Navigate to Account Details.

  2. Select the Emergency Security Contact tab.

Within this tab, Super users can:

  • View the current list of ESCs

  • Add existing Members of the account as an ESC contact

  • Review or update existing ESC details

 

Adding a New Emergency Security Contact

  1. Log in to the Customer Support Portal (CSP) and Navigate to Account Details

  2. Open the Emergency Security Contact tab.

  3. Select Add ESC.

  4. Enter the required contact details (First Name, Last Name, Email) and Search

  5. Select the contact to be added as an ESC 

  6. Submit “Add ESC(s)

Once added, the contact appears in the ESC list and becomes eligible for future review cycles.

6-Month Review and Enforcement Policy
Review Cadence

  1. Actionable Management: During the 15/5/0 day or Overdue reminder windows, Super Users can update the Emergency Security Contact (ESC) list by deleting obsolete entries or adding new contacts. The Super User must click the Confirm Contacts button, even if no changes are made to the existing list.

  2. Compliance Reset: Once confirmed, the Renewal Review date automatically resets for the next 180 days, clearing all pending banners and reminders.

Tracking Who Added or Updated ESCs

  • The User Change Log will indicate who last added or updated each ESC entry

Best Practices

  • Always maintain at least one active ESC per account

  • Review ESC details promptly when banner notifications appear

  • Ensure contact information belongs to individuals authorized to respond to security incidents

  • Avoid using shared or generic inboxes unless explicitly approved

Frequently Asked Questions (FAQ)

Q: How often must ESC information be reviewed?
A: Every 6 months. The system enforces this cadence through reminders.

Q: Who is responsible for reviewing ESC details?
A: Super Users assigned to the account.

Q: Can multiple ESCs be added?
A: Yes. Multiple contacts can be added to ensure redundancy.

Q: Are ESC changes audited?
A: Yes. All views and changes are tracked with user, role, and timestamp details.

Summary

The Emergency Security Contact feature is a critical security mechanism designed to ensure rapid and accurate communication during security incidents. By enforcing periodic reviews, providing reminders, and maintaining a comprehensive audit trail, the ESC system helps protect both customers and Palo Alto Networks from unnecessary risk.

For questions or issues related to ESC management, contact your Palo Alto Networks support representative.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000wkTyKAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail