* [Blog](https://www.paloaltonetworks.com/blog)
* [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/)
* Reducing Alert Fatigue wi...

# Reducing Alert Fatigue with True Internet Exposure

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Ftrue-internet-exposure%2F)  
[](https://twitter.com/share?text=Reducing+Alert+Fatigue+with+True+Internet+Exposure&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Ftrue-internet-exposure%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Ftrue-internet-exposure%2F&title=Reducing+Alert+Fatigue+with+True+Internet+Exposure&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/cloud-security/true-internet-exposure/&ts=markdown)  
\[\](mailto:?subject=Reducing Alert Fatigue with True Internet Exposure)  
Link copied  
By [Jason Williams](https://www.paloaltonetworks.com/blog/author/jason-williams/?ts=markdown "Posts by Jason Williams")  
Jun 09, 2021  
6 minutes  
[Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown)  
[Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown)  
[Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)  
[AWS](https://www.paloaltonetworks.com/blog/tag/aws/?ts=markdown)

One major use case for [cloud security posture management (CSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management?ts=markdown) tools is to reduce risk by remediating or alerting on resource misconfigurations. While some tools offer visibility into these misconfigurations, they lack nuance needed to assess risks, resulting in more false positives and generally increasing the total number of alerts. Security teams need an approach that helps them *understand* over-exposed cloud networks -- not just a list of misconfigured resources.

True Internet Exposure in Prisma Cloud solves this issue by mapping all possible network paths to, from or across cloud resources, and assessing total risks around internet exposure before generating an alert. This provides greater visibility for users while reducing alert noise.

I'll highlight the problems with existing [cloud network configuration](https://www.paloaltonetworks.com/cyberpedia/what-is-container-network-security?ts=markdown) management and show how Prisma Cloud can help.

## Why Cloud Network Configuration Management is Important

Cloud workload adoption is growing, but security is not keeping up. In the 1H 2021 [Unit 42 Cloud Threat Report](https://www.paloaltonetworks.com/resources/research/unit42-cloud-threat-report-2021?ts=markdown), researchers found significant increases in a wide variety of security risks during the COVID-19 pandemic:

* Malicious port scan activity has increased by 185%
* A 122% increase in firewall configurations that allow all traffic to a Kubernetes cluster
* Internet exposed instances have increased by 68%
* As much as 70% increase in insecure security group configurations allowing all traffic to specific ports (e.g., allow 0.0.0.0/0 to tcp 23, 20, 445, 3389)

![A list of different security incidents and the percentage by which they increased during the COVID-19 pandemic.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/06/word-image-55.png)
Security incidents with the greatest increases during the pandemic

Cloud service providers (CSPs) offer built-in network security controls which help limit the exposure of cloud resources; however, it is the organization's responsibility to properly configure those tools in order to reduce risk. Enterprises are turning to CSPM tools to augment these capabilities and gain visibility into cloud network misconfigurations and maintain hygiene.

## What Most Cloud Security Posture Management Tools Are Missing

CSPM tools can offer visibility into hundreds, thousands or even millions of cloud resources, and security teams get an alert when even one of them is misconfigured or out of compliance. For example, if a security group is overly permissive or a native cloud firewall allows all traffic to SSH, then an alert is generated. The problem with most CSPM tools is that they look for these individual fragmented configurations without consideration for the wider network. There are two challenges with this approach:

### Incomplete risk profile

It's no secret that networking is complex. Organizations maintain network resources such as virtual private cloud (VPC) subnets, route tables, gateways, access control lists (ACLs), security groups -- the list goes on. So, while an overly permissive security group should be addressed, a basic misconfiguration alert does not provide context about the associated risk, or answer questions like:

1. 1. What compute resource(s) is attached to the insecure security group?
   2. Are my instances exposed to the internet and/or other cloud networks?
   3. What risk am I inheriting from a given misconfiguration?

### Alert fatigue

Security teams then struggle to address misconfiguration incidents, as they are forced to examine each alert in order to gain the appropriate context. Oftentimes those alerts turn out to be false positives if the cloud network resources have no impact on other compute resources. For example, when an overly-permissive security group is not actually attached to any cloud VMs.

In this sense, maintaining good cloud hygiene is like putting together a puzzle. Each cloud resource or network connection is a puzzle piece, and mapping their relationships is like fitting pieces together to make a picture. As stated above though, current CSPM tools only provide visibility into network and resource misconfigurations -- they only provide a list of which puzzle pieces don't *seem* to fit, they don't provide a box with the final picture on it for you to confirm.

But security teams need an approach that helps them understand overly exposed cloud workloads, not just a list of misconfigured security groups and ACLs. They need to be able to see the final picture on the box before adjusting any individual piece. Security teams need automation to build that picture of their network before being able to act on any single alert.
![Puzzle pieces labeled with different types of cloud resources](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/06/word-image-56.png)
Alerting against a security group or ACL doesn't include context about the risk, leading to alert fatigue.

## True Internet Exposure with Prisma Cloud

True Internet Exposure is a new functionality from Prisma Cloud that once again raises the bar for CSPM tools. We take a multi-dimensional approach to identifying overly-exposed cloud resources, providing end-to-end network path visibility between any source and destination -- IaaS instances, PaaS instances, serverless functions, the internet, or other VPCs, just to name a few.
![Two similar network paths, showing how a small change can affect whether there is a risk](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/06/word-image-57.png)
For a cloud workload to be reachable from the internet, there must be network routes as well as permissive security policies. Prisma Cloud analyzes both to identify the true exposure of critical workloads before alerting.

This breakthrough capability uses [advanced graph analytics](https://searchbusinessanalytics.techtarget.com/feature/Why-using-graph-analytics-for-big-data-is-on-the-rise) to evaluate possible network paths to cloud resources, including complex environments relying on transit gateways, load balancers, or firewalls. True Internet Exposure offers numerous benefits.

### Comprehensive Visibility

Spend less time combing through configurations and manually stitching together resource mappings to understand the cloud network. Prisma Cloud builds a complete network path to and from cloud resources to give you easy-to-understand visibility.

### Improved Risk Assessment

Easily identify open pathways that allow lateral movement across the cloud infrastructure and make informed security decisions that help you reduce the attack surface radius and partition the network.

### Reduced Alert Fatigue

Stop false positives and move away from alerts against single network points (such as security groups). Adopt a model that evaluates network exposure of resources before generating an alert.

![A network path analysis from the internet to AWS EC2](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/06/word-image-58.png)

## Learn More About True Internet Exposure

The True Internet Exposure functionality is part of Prisma Cloud's CSPM capabilities and will become generally available (GA) for AWS environments soon. This new feature will help customers reduce alert fatigue and get visibility into the reachability of business critical cloud workloads in order to make informed policy decisions on how to reduce exposure.

Learn more about Prisma Cloud's [industry-leading CSPM capabilities](https://www.paloaltonetworks.com/prisma/cloud/cloud-security-posture-management?ts=markdown).

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Prisma Cloud Supports the Latest Amazon Inspector for Enhanced Security](https://www.paloaltonetworks.com/blog/cloud-security/amazon-inspector-for-enhanced-security/)

### [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Multiple AWS Account Security with Prisma Cloud and AWS Control Tower](https://www.paloaltonetworks.com/blog/cloud-security/aws-control-tower-security/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Experience Next-Generation Cloud Security at AWS re:Invent 2024](https://www.paloaltonetworks.com/blog/cloud-security/aws-reinvent-2024/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Event](https://www.paloaltonetworks.com/blog/category/event/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Join Prisma Cloud at AWS re:Inforce 2024](https://www.paloaltonetworks.com/blog/cloud-security/aws-re-inforce-2024/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Secure from Code to Cloud --- Prisma Cloud at AWS re:Inforce 2023](https://www.paloaltonetworks.com/blog/cloud-security/aws-reinforce-2023-conference/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Prisma Cloud Supports Amazon Security Lake as a Source Provider](https://www.paloaltonetworks.com/blog/cloud-security/amazon-security-lake-available/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language