Extend ASM Coverage for Remote Workers by integrating Cortex Xpanse and Prisma Access

Mar 31, 2022
2 minutes
... views

Organizations have been forced to accelerate the migration to a remote workforce model despite very limited visibility into the security of networks those employees are using. 

Organizations have no way of knowing how secure remote worker networks are, whether there are unknown exposures or critical issues open on remote employee devices, or networks that are accessible from the public internet.

What about your critical employees, like your VP of Finance working with key financial information, or your teams working with critical customer information? Do you know if they are connecting using routers with known vulnerabilities? Do you dynamically alter their access controls based on where they are working, or are they still under the same generous access policies as though they were on your office network? 

Attack Surface Management (ASM) best practices include: 

  • Ensuring that insecure network configurations aren’t exposing risky services on corporate devices
  • Identifying endpoints connecting through known vulnerable routers and assessing the need to deploy enterprise-grade hardware to key employees 
  • Measuring the organizational risk associated with key employees working from their homes or temporary networks

Secure Your Remote Attack Surface

The ASM for Remote Workers module is an API integration between Cortex® Xpanse™ and Prisma Access that combines GlobalProtect client data with internet asset information discovered by Xpanse. 

This integration also supports GlobalProtect deployed through NGFW or Panorama with log forwarding to the Cortex Data Lake. This allows organizations to effectively identify and alert on security issues in remote worker systems and network environments.

Organizations can use this integration to:

  • Identify risks for key remote employees and deploy enterprise-grade hardware selectively
  • Use visibility to dynamically change policies to alter access controls based on employee location
  • Improve MTTR by providing additional network data to a given incident identified by Prisma Access or GlobalProtect
  • Find the internal and external IP mapping of your remote workforce

To learn more about how you can secure your attack surface, visit Cortex Xpanse

Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.