* [Blog](https://www.paloaltonetworks.com/blog) * [SASE](https://www.paloaltonetworks.com/blog/sase/) * [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/) * Maximize Zero-Day Protect... # Maximize Zero-Day Protection with Dynamic RBI \& Prisma SASE [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsase%2Fmaximize-zero-day-protection-dynamic-rbi-prisma-sase%2F) [](https://twitter.com/share?text=Maximize+Zero-Day+Protection+with+Dynamic+RBI+%26%23038%3B+Prisma+SASE&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsase%2Fmaximize-zero-day-protection-dynamic-rbi-prisma-sase%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsase%2Fmaximize-zero-day-protection-dynamic-rbi-prisma-sase%2F&title=Maximize+Zero-Day+Protection+with+Dynamic+RBI+%26%23038%3B+Prisma+SASE&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/sase/maximize-zero-day-protection-dynamic-rbi-prisma-sase/&ts=markdown) \[\](mailto:?subject=Maximize Zero-Day Protection with Dynamic RBI \& Prisma SASE) Link copied By [Nitish Khadke](https://www.paloaltonetworks.com/blog/author/nitish-khadke/?ts=markdown "Posts by Nitish Khadke") and [Pratistha Srivastav](https://www.paloaltonetworks.com/blog/author/pratistha-srivastav/?ts=markdown "Posts by Pratistha Srivastav") Jul 22, 2024 4 minutes [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown) [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown) [Prisma SASE](https://www.paloaltonetworks.com/blog/tag/prisma-sase/?ts=markdown) [RBI](https://www.paloaltonetworks.com/blog/tag/rbi/?ts=markdown) [Remote Browser Isolation](https://www.paloaltonetworks.com/blog/tag/remote-browser-isolation/?ts=markdown) Employees now spend a significant portion of their workday interacting with web browsers and accessing critical SaaS applications. The average worker [spends over 85% of their workday in the browser](https://www.paloaltonetworks.com/resources/infographics/the-state-of-security-in-the-modern-organization?ts=markdown), making it a prime target for cybercriminals, who exploit it to infiltrate systems and deliver malware. A total of [296 vulnerabilities](https://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-15031/Google-Chrome.html?page=1&year=2023&month=-1&order=1&trc=296&sha=400ee16307fd6e142c157af557dffa4f387b6169)) were reported in Google Chrome in 2023. During the same period, [six vulnerabilities](https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-32367/Microsoft-Edge.html?page=1&year=2023&month=-1&order=1&trc=0&sha=963cdd09210adf3f855e2d64723da49480b0a428) were reported in Microsoft Edge and [41 vulnerabilities](https://www.cvedetails.com/vulnerability-list/vendor_id-49/product_id-2935/Apple-Safari.html?page=1&year=2023&month=-1&order=1&trc=1424&sha=10528c1c673f88d1c71b3bacdfaf28fb1269bd8b) in Apple Safari. This is not a surprise given that [Precision AI™ from Palo Alto Networks](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) identifies an alarming 112 million new and malicious URLs daily. Organizations adopting a zero-tolerance approach to cyberthreats require utmost assurance against unknown threats. ## Preventing Patient Zero Palo Alto Networks [Remote Browser Isolation (RBI) for Prisma SASE](https://www.paloaltonetworks.com/blog/sase/palo-alto-networks-natively-integrates-remote-browser-isolation-rbi-with-sase/?ts=markdown) protects organizations against zero-day attacks originating in the browser. By remotely isolating web sessions, RBI for Prisma SASE ensures that no code executes on the user's device and instead executes in a remote container, successfully protecting the user from being rendered patient-zero in the case of zero-day attacks. ## Secure Web Browsing \& Rich User Experiences with Dynamic RBI Finding the right balance between enabling rich web browsing experiences and security is imperative. Today, security teams assess risk signals across the security stack, logically aggregate them, and derive a risk level to determine access rights. This can be cumbersome and doesn't always lead to accurate assessments. [RBI for Prisma SASE](https://www.paloaltonetworks.com/resources/videos/remote-browser-isolation?ts=markdown) is the only remote browser isolation solution that enables security teams to balance user experience and security with dynamic, risk-based remote browser isolation policies. [RBI](https://www.paloaltonetworks.com/cyberpedia/what-is-remote-browser-isolation?ts=markdown) natively integrates with Prisma SASE, which automatically fuses and assesses risk factors from multiple sources. Administrators can craft laser-focused, comprehensive policies based on native signals from other Prisma SASE products or third-party risk signal sources to dynamically trigger remote web browsing sessions in real-time when risk is identified. For example, administrators can build targeted policies with App-IDs for a specific SaaS application or different SaaS application workflows. They can then attach this policy to existing security rules for specific users or user groups. Administrators can create granular rules to trigger isolated sessions according to URL profiles, users, user groups, App-IDs, and other criteria---such as external dynamic lists (EDLs)---from third-party feeds and custom categories. By creating granular and contextual groups, security teams can reduce false positives by avoiding blanket actions for all high-risk users. ## The Unique Power of RBI for Prisma SASE with ZTNA 2.0 RBI with Prisma SASE leverages [ZTNA 2.0](https://www.paloaltonetworks.com/sase/ztna?ts=markdown) to continuously validate user risk and enforce adaptive access control. [Continuous trust verification](https://www.paloaltonetworks.com/blog/2022/05/allow-and-ignore-model-is-a-recipe-for-disaster/?ts=markdown), a core Zero Trust principle, significantly enhances the organization's security posture. With it, enterprises can enforce granular security controls without compromising business productivity. Moreover, Prisma SASE enables administrators to accurately identify risky users using third-party risk signals from their [endpoint detection and response (EDR)](https://www.paloaltonetworks.com/cyberpedia/what-is-endpoint-detection-and-response-edr?ts=markdown) and identity provider (IdP) solutions, in addition to native risk signals. For example, today, organizations using Microsoft Entra ID as their IdP can seamlessly integrate its user risk signals into [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) to identify risky users based on various attributes. These attributes include the ingested user risk level, the reason for that risk, and Active Directory information. Administrators can create a [Cloud Dynamic User Group (CDUG)](https://www.paloaltonetworks.com/blog/sase/prisma-access-cloud-dynamic-user-groups-find-risky-users/?ts=markdown) for users that Microsoft Entra ID has identified as high-risk due to using browsers with [multiple Common Vulnerabilities and Exposures (CVEs)](https://www.paloaltonetworks.com/blog/sase/use-rbi-as-your-edge-over-zero-day-browser-vulnerabilities/?ts=markdown). With just one click, security teams can use a granular and extremely flexible CDUG in the security policy to trigger RBI sessions as required. ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/07/Screenshot-2024-07-22-at-11.28.40 AM.png) *Figure 1: Web sessions of high-risk users reported by Microsoft Entra ID are redirected to RBI in real-time.* ## Harness the Power of RBI for Prisma SASE With the widespread shift to browser-based work, web browsers have become a prime target for threat actors. RBI for Prisma SASE uses ZTNA 2.0 to provide the ultimate protection against browser-based, zero-day threats. RBI for Prisma SASE significantly reduces risk while minimizing unnecessary isolation, allowing safe activities to proceed uninterrupted. It can trigger RBI using native and third-party risk signals from EDR and IdP solutions. Moreover, RBI natively integrated into Prisma SASE simplifies security and IT team operations with [a unified management console](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) for policy configuration, user monitoring, and troubleshooting. Learn more about [RBI for Prisma SASE](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown). *** ** * ** *** ## Related Blogs ### [Cloud-delivered Security](https://www.paloaltonetworks.com/blog/sase/category/cloud-delivered-security/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown) [#### Palo Alto Networks Natively Integrates RBI with SASE](https://www.paloaltonetworks.com/blog/sase/palo-alto-networks-natively-integrates-remote-browser-isolation-rbi-with-sase/) ### [Cloud-delivered Security](https://www.paloaltonetworks.com/blog/sase/category/cloud-delivered-security/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown) [#### Operational Resilience: Ensuring Business Continuity with Prisma SASE](https://www.paloaltonetworks.com/blog/sase/operational-resilience-ensuring-business-continuity-with-prisma-sase/) ### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown) [#### Securing GenAI Apps in Your Web Browser](https://www.paloaltonetworks.com/blog/sase/securing-genai-apps-in-your-web-browser/) ### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown) [#### VDI Reduction: Enterprise Browsers Redefine Workspaces](https://www.paloaltonetworks.com/blog/sase/vdi-reduction-enterprise-browsers-redefine-workspaces/) ### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown) [#### Myth Busting the Caching Fallacy](https://www.paloaltonetworks.com/blog/sase/myth-busting-the-caching-fallacy/) ### [Mobile Users](https://www.paloaltonetworks.com/blog/sase/category/mobile-users/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown) [#### The Dark Secret of Enterprise Security](https://www.paloaltonetworks.com/blog/sase/the-dark-secret-of-enterprise-security/) ### Subscribe to Sase Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language