The first step in security governance involves having visibility into the types of resources in your environment. Prisma Cloud uses AI to profile application behavior and identify the role of each cloud resource. This enables you to create relevant policies for each type of resource. For example, just knowing that you have 5000 cloud virtual machines running is not enough, because the policies for web servers will drastically vary from those for databases.
It is important to establish policy guardrails to enable continuous integration and continuous deployment (CI/CD) while ensuring that your organization’s security architecture requirements are continuously verified. Prisma Cloud provides hundreds of policies that reflect established security best practices, and also enables you to create custom policies. It continuously assesses these policies across configurations, networks, users, hosts, and applications. For example, you could monitor your environment for publicly exposed Amazon S3 or EBS volumes.
Effective governance requires accountability to identify the user causing the violation. Prisma Cloud can immediately identify the user who introduced a risky configuration, enabling rapid remediation. For example, if a new Amazon security group is created and left open to the internet, you can pinpoint the user who created the group and discuss if this was done in error.
When an incident occurs, it must be swiftly remediated to reduce the window of opportunity for malicious actors. Instead of generic alerts, Prisma Cloud provides context on the issue and a risk score attributed to each resource, which helps prioritize and automatically remediate it. This self-healing ability enables you to continuously maintain your organization’s “gold standard” security posture.