Cloud Identity Security

Prisma® Cloud helps you discover, secure, and monitor identities across multi-cloud environments

Complex multi-cloud environments make enforcing least-privileged access a challenge due to limited visibility and inconsistent entitlements across cloud resources and service providers. Security and identity teams need to ensure that all infrastructure entitlements adhere to least-privileged access principles.

What to Know About Cloud Infrastructure Entitlement Management (CIEM).

Centrally manage identities and govern access across public clouds

Prisma Cloud provides integrated CIEM capabilities as part of a single platform and single solution for securing multi-cloud entitlements at scale.

With Prisma Cloud, security, identity and infrastructure teams can quickly audit cloud permissions and prevent security incidents that arise from improperly configured cloud entitlements. Deep integrations with identity tools, cloud service providers (CSPs), and third-parties give you comprehensive visibility and control.
  • Quickly audit and secure cloud entitlements
  • Unify security across cloud resources and workloads
  • Integrate with CSP and third-party identity providers
  • Privileged access management
    Privileged access management
  • Least privilege recommendation
    Least privilege recommendation
  • Account compromise detection
    Account compromise detection
  • Identity provider integrations
    Identity provider integrations


Our approach to cloud identity security

Privileged access management

Securing cloud identities and permissions requires comprehensive visibility into which accounts have access to, or can take action upon, which specific resources. Prisma Cloud analyzes all identities and permissions across Amazon Web Services (AWS), Microsoft Azure and Google Cloud (GCP) to determine net-effective permissions and gives recommendations to achieve least-privileged entitlements.

  • Manage cloud entitlements from a single solution

    Gain integrated capabilities from Prisma Cloud that extend resource-level posture management to cloud identities.

  • Implement pre-built policies

    Leverage specialized out-of-the-box policies to detect risky permissions and remove unwanted access to cloud resources.

  • Investigate IAM entitlements

    Use Resource Query Language (RQL) to see real-time and historical data to understand precisely who can take what actions on which resources, across cloud accounts.

  • Audit permissions for internal compliance

    Quickly audit cloud permissions with related user data, service data and cloud accounts.

Least privilege recommendation

Addressing cloud infrastructure entitlement issues requires a purpose-built and automated approach. That’s why Prisma Cloud automatically audits risky permissions combined with detailed remediation guidance. With Prisma Cloud, you can quickly address insecure entitlements as well as implement proper configurations from the start.

  • Understand the identity audit trail

    Just like cloud resources, access a detailed audit trail of historical activity for your cloud permissions.

  • View detailed recommendations

    Get step-by-step remediation guidance, automatically provided by policy, for each policy violation.

  • Activate automated remediation for over-privileged users

    Get suggestions on ideal permissions levels for any cloud user, straight from Prisma Cloud.

Account compromise detection

Take the human element out of detection and monitor user behavior at scale. By leveraging our User Entity and Behavior Analytics (UEBA) engine, you can detect signals of account compromises, insider threats, stolen access keys and other potentially malicious user activities.

  • Use machine learning to automate analytics

    Let Prisma Cloud autonomously monitor logs of various sources and establish a baseline of known activity.

  • Query data to get the full picture of user activity

    Use RQL to gain a detailed view of suspicious activity as well as connected accounts and resources.

  • Alert on suspicious behavior

    Alert on and investigate suspicious activity with fine-grained policies.

Identity provider integrations

Integrate with identity provider (IdP) services such as Okta and Azure AD to ingest single sign-on (SSO) data. View effective permissions across cloud providers, identify overly permissive roles of IdP users, and correlate results with cloud identities, such as IAM users and machine identities.

  • Leverage integrated support for IdP services

    Ingest single sign-on (SSO) data for effective permissions calculation and list users' effective permissions across cloud accounts.

  • Query data specific to identity providers

    Discover overly permissive roles of IdP users and correlate results with cloud identities, such as IAM users and machine identities.

Prisma Cloud
Prisma Cloud
Prisma Cloud delivers the industry’s broadest security and compliance coverage—for applications, data, and the entire cloud native technology stack—throughout the development lifecycle and across multi- and hybrid-cloud environments.

Cloud Identity Security modules

Cloud Infrastructure Entitlement Management

Centrally manage identities and govern access across clouds.