* [Blog](https://www.paloaltonetworks.com/blog)
* [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/)
* [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/)
* DSPM-Driven Data Context ...

# DSPM-Driven Data Context to Improve Attack Path Analysis and Prioritization

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdspm-attack-path-prioritization%2F)  
[](https://twitter.com/share?text=DSPM-Driven+Data+Context+to+Improve+Attack+Path+Analysis+and+Prioritization&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdspm-attack-path-prioritization%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdspm-attack-path-prioritization%2F&title=DSPM-Driven+Data+Context+to+Improve+Attack+Path+Analysis+and+Prioritization&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/cloud-security/dspm-attack-path-prioritization/&ts=markdown)  
\[\](mailto:?subject=DSPM-Driven Data Context to Improve Attack Path Analysis and Prioritization)  
Link copied  
By [Benny Rofman](https://www.paloaltonetworks.com/blog/author/benny-rofman/?ts=markdown "Posts by Benny Rofman") and [Yotam Ben-Ezra](https://www.paloaltonetworks.com/blog/author/yotam-ben-ezra/?ts=markdown "Posts by Yotam Ben-Ezra")  
Sep 05, 2024  
5 minutes  
[Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)  
[Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)  
[Attack Path Analysis](https://www.paloaltonetworks.com/blog/tag/attack-path-analysis/?ts=markdown)

Prioritization might be the biggest challenge in modern cloud security. Cloud environments are complex, often comprising hundreds of services and thousands of cloud resources. This disparate and diffuse nature creates virtually unlimited misconfiguration and vulnerability possibilities. Chasing down and fixing every issue is impossible, even for the best-resourced organizations. Instead, security teams typically identify the most critical security and compliance risks, which developers then prioritize in remediation workflows.

Attack path analysis plays a vital role in prioritization. It enables organizations to focus on combinations of risk factors such as identities, permissions, network exposure, infrastructure misconfigurations and vulnerabilities that create dangerous openings for threat actors.
![A diagram of a computer network showing multiple risks factors in attack path analysis](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/09/a-diagram-of-a-computer-network-description-autom.jpeg)
Figure 1: Attack path analysis showing multiple risks factors

Prisma Cloud has long been a leader in attack path analysis thanks to its unified Code to Cloud™ approach. Today, we're pleased to introduce yet another improvement. With Prisma Cloud's latest integration of [data security posture management (DSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown), organizations can now see whether specific attack paths put sensitive data at risk. Such insight can then feed into more granular prioritization or issues.

## Importance of Data Context to Cloud Risk Prioritization

Data is the most frequent target for [cyberattacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack?ts=markdown). Attackers are particularly interested in high-value information such as [personally identifiable information (PII)](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown), financial records, and protected health information (PHI) of customers. A breach involving these types of [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown) can lead to severe consequences --- for example, regulatory fines and reputational damage --- as well as harm to compromised individuals.

The nature of cloud environments and workloads exacerbates the challenge. Organizations go to great lengths to segregate sensitive records, minimize access permissions, and prevent unneeded duplication. But a foolproof way to ensure that sensitive data doesn't flow into one of dozens or hundreds of datastores used for testing, development or analytics doesn't exist.

A successful attack against cloud storage or databases containing sensitive data can be a much bigger problem than one against datastores containing anonymized system logs or publicly available records. Clearly, most organizations would prefer to address the former attack path first to avoid a costly data breach or severe compliance violation.

We have found that effective attack path analysis [reduces 99% of alert noise](https://www.paloaltonetworks.com/blog/prisma-cloud/disrupt-attack-paths-prioritize-security/?ts=markdown), enabling developers to focus on the 1% that matters most. But 1% of thousands of potential incidents is still a lot to wade through. Adding relevant data context to the mix enables organizations to minimize the time during which their most critical assets are exposed.

## Find and Block Most Critical Attack Paths with Prisma Cloud

[Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) is Palo Alto Networks Code to Cloud™ security platform --- an agentless, cloud-native application security platform ([CNAPP](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-application-protection-platform?ts=markdown)). Prisma Cloud provides complete protection for cloud infrastructure and cloud applications by combining best-of-breed capabilities, including cloud security posture management ([CSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown)), cloud infrastructure entitlement management ([CIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem?ts=markdown)), [code security](https://www.paloaltonetworks.com/cyberpedia/what-is-code-security?ts=markdown), and data security posture management ([DSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-dspm?ts=markdown)).

Prisma Cloud DSPM detects and classifies sensitive data across your entire cloud or multicloud environment. It scans cloud storage, such as Amazon S3 or Azure Data Lake. It in fact scans CSP-managed infrastructure --- Amazon Redshift, databases hosted on self-managed VMs or EC2 machines --- in addition to database-as-a-service tools like Snowflake. In essence, [Prisma Cloud DSPM](https://www.paloaltonetworks.com/prisma/cloud/cloud-data-security?ts=markdown) scans anywhere your data lives or flows in the cloud.

Today's feature release injects DSPM findings directly into your attack path analysis for more accurate and actionable prioritization. Now that Prisma Cloud can identify the relevant combination of risk factors, you can instantly see whether the attack's destination node contains sensitive data, as well as recognize classifications and other relevant information.
![Attack path analysis showing the impact on organization’s sensitive data](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/09/a-screenshot-of-a-computer-description-automatica.jpeg)
Figure 2: Attack path analysis showing the impact on organization's sensitive data

For example, a common attack path we've seen in [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown) includes a publicly exposed Amazon EC2 machine that hackers target to access an Amazon S3 storage bucket via privilege escalation. While this should be fixed under any circumstance, it becomes significantly more urgent when that storage bucket contains sensitive data, such as credit card numbers. Prisma Cloud's latest addition makes it easier for organizations to find and act on these types of insights.

Even before today's announcement, Prisma Cloud was an established leader in attack path analysis. Unlike point solutions, the Code to Cloud platform relies on a unified data model and correlates findings across the cloud ecosystem --- including code, runtime and infrastructure --- to suggest actions to address risks and block detected attack paths. With the addition of [DSPM insights and data context](https://www.paloaltonetworks.com/prisma/cloud/cloud-data-security?ts=markdown), organizations can now see the final (and crucial) piece of this puzzle within a single, tightly integrated security platform.

## Experience the Difference

New to Prisma Cloud? [Request a free 30-day trial](https://www.paloaltonetworks.com/prisma/request-a-prisma-cloud-trial?ts=markdown). And if you'd like to learn what to look for in a cloud data security provider, download a copy of [The Buyer's Guide to DSPM and DDR](https://www.paloaltonetworks.com/resources/guides/data-centric-dspm-ddr-buyers-guide?ts=markdown) today.

*** ** * ** ***

## Related Blogs

### [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Is Your Snowflake Data at Risk? Find and Protect Sensitive Data with DSPM](https://www.paloaltonetworks.com/blog/cloud-security/protect-sensitive-data-dspm-snowflake/)

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Data Security, Meet Remediation: Introducing the New Integration Between Prisma Cloud DSPM and Cortex XSOAR](https://www.paloaltonetworks.com/blog/cloud-security/dspm-xsoar-data-security/)

### [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Are Cloud Serverless Functions Exposing Your Data?](https://www.paloaltonetworks.com/blog/cloud-security/secure-access-cloud-serverless-functions/)

### [Data Detection and Response](https://www.paloaltonetworks.com/blog/cloud-security/category/data-detection-and-response/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### How to Build an Enterprise Data Security Team](https://www.paloaltonetworks.com/blog/cloud-security/how-to-build-enterprise-data-security-team/)

### [Data Detection and Response](https://www.paloaltonetworks.com/blog/cloud-security/category/data-detection-and-response/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Redshift Security: Attack Surface Explained](https://www.paloaltonetworks.com/blog/cloud-security/redshift-security-attack-surface-explained/)

### [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown)

[#### Redshift Security: Data Backups and Encryption Best Practices](https://www.paloaltonetworks.com/blog/cloud-security/configuring-aws-redshift-protect-data/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language