Sabre secures every leg of the journey with a platform approach from Palo Alto Networks

To keep pace with Sabre’s innovation engine, security needed to move faster, too. By migrating its platforms to Google Cloud, Sabre embraced agility but introduced the complexity of keeping development secure and visible. Prisma Cloud was the answer, giving teams centralized visibility across environments and enabling them to automate vulnerability fixes. As a result, Sabre can now find and resolve issues earlier in development and accelerate software releases.

Sabre also needed to secure network connections in its Google Cloud environment, so the team turned to VM-Series Next-Generation Firewalls for its advanced features and sophistication. Sabre’s two main use cases focus on controlling inter-VPC traffic: segmentation of production, test, and lab environments, and management of all outbound internet traffic from their cloud workloads. By routing this traffic through the NGFWs, Sabre ensures all data is thoroughly inspected between VPCs and before leaving the cloud.

When Moser first joined Sabre, mobile workers accessed the network through a complex mix of VPN solutions that was difficult to manage. Moving to Prisma Access changed that. “Now, we have a single, unified Zero Trust and SASE solution that gives users secure access wherever they are,” he says. Cloud-delivered security services (CDSS) and Zero Trust principles go further to protect data from both known and emerging threats. What’s more, Sabre can apply the same CDSS across all its network traffic—whether it flows through the NGFWs or Prisma Access. Alfredo Rodriguez, VP of Cloud Platform Infrastructure at Sabre says, "We can see how users and applications move through our environment, which allows us to create more consistent, connected security policies.”

As an innovative company, Sabre empowers its users with access to cutting-edge SaaS and AI applications—while maintaining strong defenses against malware infiltration and data exfiltration. The SaaS Security add-on to Prisma Access has helped meet that challenge, introducing operational gains in the process. “We can use SaaS Security to enforce CASB policies instead of picking and choosing individual sites,” shares Rodriguez. Sabre has also rolled out Autonomous Digital Experience Management (ADEM), which provides deep visibility into user interactions with the network, and particular applications, to quickly resolve experience issues. All of the above is managed through Strata Cloud Manager for centralized visibility and policy control.

For threat detection and response, “Cortex XDR has been amazing,” says Moser. “It fulfills not only our security risk management needs but also our compliance requirements—including PCI, SOX, and SOC.” XDR ingests and correlates data from over 30 sources, including NGFW and Prisma Access, to give full context. Cortex XSOAR takes this process a step further by automating responses wherever possible—thanks to over 100 playbooks (and counting). The solution now automatically responds to 56% of all alerts.

The result is a transformation in efficiency. In the past, any investigation required pulling together multiple teams just to piece together what was happening. “Now, our SOC analysts have everything they need at their fingertips,” says Rodriguez. “The platform gives them situational awareness upfront.” As a result, the time to contain security cases has been reduced by 90% over the past two years.

AI fuels Sabre’s products—and its attackers. That’s why Sabre is doubling down on AI-powered security tools. As Generative AI is integrated into Sabre’s software and internal users are leveraging AI applications for productivity, Sabre relies on Palo Alto Networks solutions to help its teams stay ahead of increasingly sophisticated threats. “We expect them to keep pushing the boundaries with AI and ML,” Rodriguez says. “AI will give us a force multiplier that never sleeps, helping us respond instantly to fast-moving threats like Zero Day attacks and advanced persistent threats.”

For incident response, Sabre never has to go it alone. A Unit 42 Retainer keeps IR experts on speed-dial—and for proactive measures, Sabre uses its credits toward ongoing assessments and simulated exercises. Read the full story here.