Manage your Unmanaged Cloud with Prisma Cloud and Cortex Xpanse

Apr 20, 2021
4 minutes

Today, we are announcing the Unmanaged Cloud integration for Prisma Cloud and Cortex® Xpanse™ (formerly Expanse). With Xpanse, organizations can more accurately discover and attribute their unknown cloud assets, which can then be brought under management in Prisma Cloud for stronger cloud security and central policy enforcement.


Problem Solved

Recent events have forced many organizations to accelerate their digital transformation projects. While IT teams are stressed and operating under pressure to support the transformation, attackers are constantly on the lookout for an accidentally exposed vulnerability. 

Organizations have developed cloud governance strategies to address some issues that this rapid expansion has created, but CISOs are often left with an incomplete picture when they ask their teams:

  • What is the full extent of our organization's cloud presence?
  • How are we ensuring that our cloud policies are enforced across all instances?

Since cloud deployments can be created with as little as a credit card and an email address, rogue cloud instances are one of the most prevalent ways in which an organization can inadvertently grow its attack surface. While an organization might have policies around approved providers such as Amazon Web Services (AWS), Google Cloud, Microsoft Azure, etc., it is normal to find cloud instances from unsanctioned providers within an organization as well.

Teams need a smarter way to identify these unmanaged cloud assets.


Get Unparalleled Visibility with Cortex Xpanse

Prisma™ Cloud is the industry’s most comprehensive Cloud Native Security Platform (CNSP) for applications, data and the entire cloud native technology stack – throughout the development lifecycle and across hybrid- and multi-cloud environments. The platform offers an integrated approach that enables security operations and DevOps teams to collaborate effectively and accelerate secure cloud native application development. Organizational leaders can sleep soundly by deploying Prisma Cloud on their known cloud assets. 

But what about an organization's unknown cloud assets?

That's where Xpanse Unmanaged Cloud integration for Prisma Cloud comes into play. With Xpanse, organizations have an automated solution for discovering unknown cloud assets, which can then be monitored in Prisma Cloud for comprehensive security and internal policy enforcement.

Customers can use the Xpanse APIs to merge known cloud data from Prisma Cloud into Xpanse and then compare it against newly-discovered cloud data to identify unmanaged cloud assets. Using Xpanse-provided context, customers can more easily track down missing cloud accounts and onboard them into Prisma Cloud. 


Prisma Cloud and Cortex Xpanse: Unmatched Security

Xpanse’s outside-in approach to monitoring your cloud attack surface is the perfect complement to Prisma Cloud’s inside-out approach, which currently supports AWS, Azure, Alibaba Cloud, Google Cloud and Oracle Cloud Infrastructure (OCI) to secure all your cloud assets. Together, Prisma Cloud and Xpanse form a holistic cloud attack surface management solution, which helps organizations: 

  • Identify rogue cloud and shadow IT instances not covered inside Prisma Cloud.
  • Gain visibility into cloud asset sprawl, irrespective of the provider ( e.g., assets in IBM, OCI, Rackspace, Digital Ocean, etc.).
  • Bring unmanaged assets under management by consolidating Xpanse discovered assets within Prisma Cloud.
  • Reduce mean time to discovery (MTTD) and mean time to recovery (MTTR) by automatically monitoring accidentally exposed services running on your internet-facing cloud assets.

In conclusion, Xpanse provides IT operations, DevOps, and security teams the confidence that digital transformation projects are pursued and implemented securely and according to cloud governance policy, and that they stay that way over time. 

To learn more, you can join Dr. Greg Heon, Director of Product Management for Cortex Xpanse, and Matt Chiodi, CSO, Public Cloud for Prisma Cloud, for a demonstration of the new integration and a discussion of best practices for managing unknown cloud assets. The event will take place May 11, 2021, at 10 a.m. Pacific. Check out the event page for more information and to register.

Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.