Prisma Cloud Supports the Latest Amazon Inspector for Enhanced Security

Nov 29, 2021
4 minutes
... views

Prisma Cloud by Palo Alto Networks, together with Amazon Web Services (AWS), enhances cloud security at any scale with additional vulnerability assessments across AWS from the latest Amazon Inspector.


Prisma Cloud by Palo Alto Networks, together with AWS, is proud to announce an exciting new integration. Prisma Cloud is integrating with the latest Amazon Inspector providing customers with an enhanced automated security assessment service.

"Whenever AWS enhances their service offerings, we will act to ensure integration in a timely manner so our mutual customers can meet security challenges. The Prisma Cloud integration with Amazon Inspector delivers improved visibility of cloud risk so customers achieve the best possible security outcomes," said Steven Cacciaroni, Director of Business Development for Palo Alto Networks.

Customers will be  able to integrate with Amazon Inspector when they onboard their Prisma Cloud account and enable read-access permissions to Amazon Inspector and Amazon EventBridge using the AWS Identity and Access Management (IAM) role policy.

"Our partnership with Palo Alto Networks continually provides customers with integrated security offerings,” said Dudi Matot, Principal Segment Lead for Security at AWS. “Our latest Amazon Inspector launch and coordinated integration of the Prisma Cloud solution demonstrates how together we are empowering customers to better meet cloud security challenges and increase the protection of assets they run on AWS infrastructure."


Better Together with Prisma Cloud and Amazon Inspector

Working together, Amazon Inspector security assessments help uncover unintended network accessibility and vulnerabilities in your Amazon Elastic Compute Cloud (Amazon EC2) instances and container images while Prisma Cloud displays a consolidated view of risk in the Prisma Cloud Console.

Prisma Cloud will ingest the Amazon Inspector stream of real-time security data using the Amazon EventBridge webhook. The Prisma Cloud platform will receive that security data pushed from the Amazon EventBridge service and display all the consolidated findings in our Prisma Cloud Console.

Figure 1. Prisma Cloud with Amazon Inspector event-driven integration
Figure 1. Prisma Cloud with Amazon Inspector event-driven integration


Prisma Cloud customers can find Amazon Inspector assessments through a simple RQL search that returns a complete list of affected resources. Cloud teams gain full visibility on the security status of their Amazon EC2 instances across organizational units (OUs) and member accounts.


Figure 2. Amazon Inspector assessments in Prisma Cloud Console
Figure 2. Amazon Inspector assessments in Prisma Cloud Console


Prisma Cloud also makes it easy to investigate findings and accelerate remediation. Our Prisma Cloud Resource Explorer provides a consolidated, single-pane-of-glass view of all findings, including configurations, networks status, audit trail, and severity. With Common Vulnerabilities and Exposures (CVE) details and the Amazon Inspector findings, teams can then accelerate remediation of their security vulnerabilities.

Figure 3.  Investigate Amazon Inspector findings with our Prisma Cloud Resource Explorer
Figure 3.  Investigate Amazon Inspector findings with our Prisma Cloud Resource Explorer


Benefits of Prisma Cloud and Amazon Inspector

Assessments with Prisma Cloud and Amazon Inspector are simplified and effective, both before application deployment and in running production environments on AWS. For instance, we check for access to your Amazon EC2 instances from the internet, for remote root-login enabled, or even for vulnerable software versions installed. The Prisma Cloud and Amazon Inspector integration helps you improve the overall security posture of applications while enjoying multiple additional benefits:

  • Identification of application security issues
  • Integration of security into DevOps
  • Increased developer agility
  • AWS and Palo Alto Networks security expertise
  • Streamlined security compliance
  • Enforcement of security standards


Building Security into DevOps

The integration of Prisma Cloud and Amazon Inspector helps cloud teams simplify the building of continuous security risk assessments directly into DevOps workflows on AWS, which empowers development and operations teams with a DevSecOps capability. Cloud teams can then operationalize the prevention of many security issues that would otherwise appear later in the development lifecycle. Teams can then innovate more confidently and accelerate with a streamlined and validated automated process that improves agility, compliance, and best practices.


Get Started Using Prisma Cloud with Amazon Inspector

Graphical user interface, application Description automatically generated



Palo Alto Networks and AWS are committed cloud security and innovation partners dedicated to continuously delivering integrated and seamless cloud technologies that perform for customers and accelerate their business.


Start using Prisma Cloud and AWS together today by visiting Prisma Cloud in the AWS Marketplace. Learn more about Prisma Cloud integrated with Amazon Inspector by visiting our Prisma Cloud AWS environment page and the AWS announcement.






Availability: This integration will be available in June 2022.

Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.