* [Blog](https://www.paloaltonetworks.com/blog) * [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/) * [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/) * Host Security: Automating... # Host Security: Automating Protection for VMs Across Public Clouds [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fhost-auto-protection-august-2021%2F) [](https://twitter.com/share?text=Host+Security%3A+Automating+Protection+for+VMs+Across+Public+Clouds&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fhost-auto-protection-august-2021%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fhost-auto-protection-august-2021%2F&title=Host+Security%3A+Automating+Protection+for+VMs+Across+Public+Clouds&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/cloud-security/host-auto-protection-august-2021/&ts=markdown) \[\](mailto:?subject=Host Security: Automating Protection for VMs Across Public Clouds) Link copied By [Hari Srinivasan](https://www.paloaltonetworks.com/blog/author/hari-srinivasan/?ts=markdown "Posts by Hari Srinivasan") Sep 08, 2021 4 minutes [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown) [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [Host Security](https://www.paloaltonetworks.com/blog/tag/host-security/?ts=markdown) As customers extend their deployments across multiple clouds, visibility and standardized security coverage remain a key challenge in multi-cloud management. Further, as these organizations begin to scale these diverse environments, most find that it is not sustainable to manually detect and confirm configurations for each resource. In the [January 2021 release for Prisma Cloud](https://blog.paloaltonetworks.com/2021/01/cloud-host-container-web-app-api-release/), we added the ability to automatically scan Amazon Web Services (AWS) accounts, allowing users to discover all cloud hosts and determine their protection coverage. Subsequently, in [April 2021](https://www.paloaltonetworks.com/blog/prisma-cloud/automating-visibility-protection-cloud-vms/?ts=markdown), we added support for discovery across all major cloud providers, including Azure and Google Cloud, with support for automated protection with auto-deployment of the Defenders on AWS EC2 instances. Now as a part of the August 2021 release, we are extending that coverage and supporting the automated deployment of Defenders on unprotected hosts across Azure and GCP. Ultimately, these capabilities allow easier deployment and management of the agents that are required to protect cloud VMs. ## Visibility in Clouds Prisma Cloud automatically discovers machines (instances) on AWS, Azure, and Google Cloud. Users can import or add their cloud service accounts in Prisma Cloud Compute and kick off a discovery scan automatically. The scan identifies all the virtual machines across all regions within those accounts, and populates the Cloud Radar. ![Cloud radar: A comprehensive view of cloud assets across multiple clouds.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/word-image-18.png) Cloud radar: A comprehensive view of cloud assets across multiple clouds. Then, users can drill down into the specific cloud provider and region to view the details of the discovered assets and their security coverage status, as highlighted in the screenshot below. ![Viewing GCP resources in a specific region (us-central1/Iowa)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/word-image-19.png) Viewing GCP resources in a specific region (us-central1/Iowa) ## Host Auto-Protection for Azure Prisma Cloud uses the Azure VM agent's [Run Command](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/run-command)) option to deploy Host defenders. To use this feature, users need to ensure the subscription is configured with the necessary permissions to invoke the run command. Users can then create one or more auto-defend rules, and use filters like account, region, and tags to further target hosts in specific areas of their deployments. ![Auto Defend rule for Azure unprotect VMs](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/word-image-20.png) Auto Defend rule for Azure unprotect VMs ## Host Auto-Protection for Google Cloud For auto-deploying Defenders on Google Cloud Compute Engine Instances, Prisma Cloud uses the [OS Patch Management](https://cloud.google.com/compute/docs/os-patch-management) service. With sufficient access to hosts, users can automate the deployment of the Defenders across all unprotected Linux hosts across the global regions. ![Auto Defend rule for Google Cloud unprotected Compute Engine Instances](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/word-image-21.png) Auto Defend rule for Google Cloud unprotected Compute Engine Instances ![Tracking Defender deployment for the created rules](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/word-image-22.png) Tracking Defender deployment for the created rules The rule deploys Defenders immediately and can be run periodically to cover any new hosts that have been spun up. Prisma Cloud Defenders are lightweight and have a very low consumption, with their purpose-created architecture. With automated discovery, deployment and upgrades, Prisma Cloud Defenders remove the need for any manual intervention and all maintenance overheads. ## Conclusion With cloud VMs being auto-discovered and auto-protected, Prisma Cloud delivers a combination of powerful capabilities that include scanning for vulnerabilities and compliance issues. Then specifically for the running environment, Prisma Cloud provides integrated runtime protection covering malware scanning, file integrity monitoring, log introspection, and network protection across Multi-Cloud environments. The latest features for host auto-protection provide users with unified visibility and seamless deployments across these clouds to gain visibility and gain security coverage from a single console. You can learn more about securing diverse architectures into runtime with our latest ebook, [Why and How to Add Runtime Defense to Your Cloud Security Strategy](https://www.paloaltonetworks.com/resources/whitepapers/add-runtime-defense-cloud-security.html?ts=markdown). For technical reference, please refer to the [auto defend for hosts](https://docs.paloaltonetworks.com/prisma/prisma-cloud/21-08/prisma-cloud-compute-edition-admin/install/install_defender/auto_defend_host.html) section in the [documentation](https://docs.paloaltonetworks.com/prisma/prisma-cloud/21-08/prisma-cloud-compute-edition-admin/welcome.html). *** ** * ** *** ## Related Blogs ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [#### Cloud Vulnerability Management for Hosts](https://www.paloaltonetworks.com/blog/cloud-security/cloud-vulnerability-management/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [#### Zero Trust for Applications: Securing Content within Transactions](https://www.paloaltonetworks.com/blog/cloud-security/zero-trust-for-applications-securing-content-within-transactions/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [#### Open Source Vulnerability Management for Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/open-source-vulnerability-management/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [#### Prevent Dangerous Kubernetes Operations with Prisma Cloud's Open Policy Agent Integration](https://www.paloaltonetworks.com/blog/cloud-security/prisma-cloud-compute-open-policy-agent/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [#### Applying White House Ransomware Best Practices for the Cloud](https://www.paloaltonetworks.com/blog/cloud-security/ransomware-best-practices-for-cloud/) ### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [#### What Is Container Scanning? A Top Requirement for Container Security](https://www.paloaltonetworks.com/blog/cloud-security/what-is-container-scanning-a-top-requirement-for-container-security/) ### Subscribe to Cloud Security Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language