Cloud Security Posture Management

Prisma Cloud delivers comprehensive visibility and control over the security posture of every deployed resource. While some solutions simply aggregate asset data, Prisma Cloud analyzes and normalizes disparate data sources to provide unmatched risk clarity.

• Cloud asset inventory

  Gain continuous visibility across all deployed assets from a single, unified console with more than 2.5 billion assets monitored across customers. Leverage automated workload and application classification across more than 100 services as well as full lifecycle asset change attribution.

• Configuration assessment

  Immediately enforce configuration guardrails with more than 700 policies built in across more than 120 cloud services. Automatically fix common misconfigurations before they lead to security incidents. Build custom policies once that span across multi-cloud environments.

• Compliance management

  Take advantage of continuous compliance posture monitoring and one-click reporting with comprehensive coverage (CIS, GDPR, HIPAA, ISO-27001, NIST-800, PCI-DSS, SOC 2, etc.) and support for custom reporting. Easily investigate and auto-remediate compliance violations.

• Easy-to-use query language

  Gain security and operational insights about your deployments in public cloud environments. Perform configuration checks on resources and query network events across different cloud platforms. Turn queries into custom cloud-agnostic policies and define remediation steps and compliance implications.

• Automated remediation

  Automatically resolve policy violations, such as misconfigured security groups within the Prisma Cloud console. Send alert notification to 14 third-party tools, including email, AWS Lambda, Security Hub, PagerDuty®, ServiceNow® and Slack®. Integrate with SOAR tools including Cortex® XSOAR for multi-step remediation playbooks.

Prisma Cloud Data Security is purpose-built to address the challenges of discovering and protecting data at the scale and velocity common in public cloud environments. By combining the power of Palo Alto Networks Enterprise Data Loss Prevention (DLP) and WildFire® malware prevention service, only Prisma Cloud Data Security offers a comprehensive, integrated cloud native solution.

• Data visibility and classification

  Get visibility into S3 buckets and objects, and sort contents by region, owner and exposure. Detail any object, including metadata, in the Object Explorer. Detect sensitive data like PII, financial and healthcare info, and intellectual property.

• Data governance

  Use pre-built and customizable policies to detect data such as PII in publicly exposed objects. Enable or disable data compliance profiles for types such as PII, healthcare, financial and intellectual property based on mandates.

• Malware detection

  Identify and protect against known and unknown file-based threats that have infiltrated S3 buckets. Flag any object that contains malware as determined by WildFire.

• Alerting

  View alerts for each object based on data classification, data exposure and file types. Forward alerts to AWS SQS, Splunk and Webhooks to notify other teams for investigation and remediation.