Cloud Data Security

Data classification and malware scanning across public cloud storage.

The near-limitless capacity offered by cloud storage services has enabled organizations to store exponentially larger amounts of data, amplifying the challenges of traditional, lengthy and error-prone manual processes for classification.

Read about our approach to Cloud Data Security.

Protect public cloud storage services

Prisma Cloud Data Security is purpose-built to address the challenges of discovering and protecting data at the scale and velocity common in public cloud environments. By combining the power of Palo Alto Networks Enterprise Data Loss Prevention (DLP) and WildFire® malware prevention service, only Prisma Cloud Data Security offers a comprehensive, integrated cloud native solution.
  • Gain visibility with exposure analysis down to the object
  • Identify sensitive data using customizable patterns
  • Ensure your storage services are not hosting any malware
  • icon Data visibility
    Data visibility
  • icon Exposure calculation
    Exposure calculation
  • icon Data classification
    Data classification
  • icon Malware detection
    Malware detection


Our approach to Cloud Data Security

Sensitive data detection

Prisma Cloud leverages Palo Alto Networks powerful Enterprise DLP to categorize sensitive and regulated data, such as PII, protected health information (PHI), customer records, financial data and intellectual property.

  • Enterprise DLP engine

    Save time using consistent regex-based data patterns and machine learning to identify sensitive data across networks, endpoints and clouds. Reuse customized data patterns or profiles built for other Enterprise DLP use cases.

  • Data discovery at cloud scale

    Leverage machine learning and pattern recognition to accurately detect many different types of data, such as addresses, credit cards or driver’s license numbers. Users can even define their own data patterns unique to each use case.

  • Security posture visibility

    Gain comprehensive visibility into the security and privacy posture of the data stored in AWS S3. Immediately gain insight into any exposed or publicly accessible buckets.

Malware prevention

Ensuring stored data is free from malware that can spread across cloud environments is an essential yet often overlooked security requirement for cloud storage services. By leveraging WildFire, Prisma Cloud identifies and helps protect against known and unknown file-based threats that have infiltrated S3 buckets.

  • WildFire integration

    Use our WildFire malware analysis engine, seamlessly integrated into the Prisma Cloud Data Security module, to quickly and easily identify any malware hidden in your stored data without requiring a separate, siloed security product.

  • Antivirus for AWS S3

    Discover Trojans as well as other types of viruses and malware hidden in your AWS S3 buckets.

  • Deep integration

    Use a single UI for comprehensive cloud security. Prisma Cloud Data Security is built into the same platform and UI as every other Prisma Cloud capability.

Prevent accidental exposure

Publicly exposed sensitive data is one of the most commonly seen risks across public cloud environments. The exponential growth of cloud data amplifies this issue. Prisma Cloud prevents public exposure of sensitive data by automatically and continuously monitoring S3 objects, bucket policies and ACLs, or other configurations.

  • Exposure risk calculation

    Automatically and continuously monitor configurations for access control, policy, objects and others to calculate the exposure of objects. This allows users to quickly remediate unintended settings for buckets that have been identified as containing sensitive data.

  • Exfiltration prevention

    Gain visibility into misconfigured S3 buckets that are exposed. Leverage ML-powered policies to detect malicious insider activity

  • Automated remediation

    Enforce a continuously robust security posture across storage services by either letting Prisma Cloud fix any misconfigurations or by sending alerts to an existing workflow via 14 integrations.

Purpose-built policies, profiles and patterns

Prisma Cloud delivers built-in and custom policies to quickly alert on and remediate unintended settings on buckets and objects. It also enables you to create custom data profiles and patterns unique to your environment to reduce false positives. Users can send alert notifications to Simple Queue Service (SQS), Splunk and Webhook for remediation.

  • 500+ patterns included

    Leverage more than 500 default data patterns curated from the Enterprise DLP engine, which have been tested and affirmed in real-world scenarios.

  • Granular customization

    Go beyond our built-in policies – Prisma Cloud offers users the ability to customize any data policies, patterns or profiles to ensure they accurately detect and alert on the specific types of sensitive data being stored.

  • Automated remediation

    Enforce a continuously robust security posture across storage services by either letting Prisma Cloud fix any misconfigurations or by sending alerts to an existing workflow via 14 integrations.

Single view to assess all cloud storage risks

Prisma Cloud delivers a single pane of glass view to cover all cloud storage risks so security teams can quickly assess their risk and determine remediation approach without relying on yet another tool.

  • Misconfiguration of cloud storage services

    Detect misconfigurations that violate compliance standards and/or company policies with default and customizable configuration policies and remediate to reduce risk.

  • Audit trail of user activities

    Provide a unified view of user activities and impact on cloud storage services to quickly assess risk and potential threats.

  • Public exposure, sensitive data and malware

    Determine the public exposure risk of cloud storage services and objects, and detect the presence of sensitive data and malware in the same pane of glass as the misconfiguration and audit trail to provide a comprehensive view of all risks related to cloud storage services.

Prisma Cloud
Prisma Cloud
Prisma Cloud delivers the industry’s broadest security and compliance coverage—for applications, data, and the entire cloud native technology stack—throughout the development lifecycle and across multi- and hybrid-cloud environments.

Cloud Security Posture Management modules

Visibility, Compliance and Governance

Continuously monitor all cloud resources for misconfigurations, vulnerabilities and other security threats. Simplify compliance reporting.

Threat Detection

Pinpoint the highest risk security issues using ML-powered and threat intelligence-based detection with contextual insights.

Data Security

Continuously monitor cloud storage for security threats, govern file access and mitigate malware attacks.