Accelerate Detection and Remediation

Prioritize vulnerabilities, detect threats, investigate current or past incidents, and auto-remediate issues across your entire cloud computing environment.

SecOps teams today are overwhelmed by alert fatigue. Too many alerts that provide too little context makes it hard to prioritize and resolve issues in a timely manner. Plus, decentralized and rapidly changing cloud environments expand the threat landscape and exacerbate the issue. The right security service helps you prioritize, investigate and report on security risk activities.

The Prisma™ Cloud Solution

Security operations teams today are being inundated by alerts that provide little context on the issue, which makes it hard to triage issues in a timely manner. Decentralized and rapidly changing cloud environments expand the threat landscape and exacerbate the issue.

Vulnerability Management

Data from existing third party vulnerability scanning tools which identify missing patches by IP address is not actionable, since IP addresses are constantly changing in cloud environments. Prisma Cloud correlates vulnerability data with host configurations and network traffic in the cloud to accurately pinpoint the vulnerable host, provide context on its business purpose, and ultimately determine its level of exposure, which helps prioritize patching. For example, if a vulnerable host is identified as a database that is exposed to the internet, it should be prioritized for patching.

Advanced Threat Detection

To truly detect threats in public cloud computing environments, comprehensive visibility is necessary. Prisma Cloud takes a new AI-driven approach that correlates disparate security data sets including network traffic, user activities, risky configurations and threat intelligence. This enables it to detect complex threats and auto-remediate issues quickly. In the example above, if the vulnerable database is receiving traffic from a known malicious IP address, it should be immediately quarantined into a private network.

Cloud Forensics

Investigations are challenging in public cloud computing environments because they are constantly changing. Prisma Cloud maintains snapshots of your environment so that you can investigate any current or past incidents. You can run complex queries across your environment in seconds and analyze the results with an interactive risk map. You can also get a detailed incident timeline to trace incidents. For example, you could get a timeline of a user’s activity for the past month to determine if there was any suspicious activity.

Remediation

In the DevOps era, changes occur very rapidly and it is simply impossible to manually triage all issues. Not only is it important to identify what risky configuration was identified in your environment, but also to determine which developer introduced the issue, and have the option to automate remediation. Prisma Cloud enables you to fully automate security from incident detection to remediation. It also offers you the ability to leverage your existing investments by integrating with a number of third party orchestration tools. For example, if the platform detects an account hijacking attempt, it can instantly disable the user’s account.