See our SolarStorm response
  • Network Security
  • Cloud Security
  • Security Operations
  • More
  • Get support
  • Sign In
  • Get Started

Identity and Access Management (IAM) Security

Secure cloud resources by establishing least-privileged identity access

Read the blog post
Securing identity across cloud environments
Cloud identity and access management (IAM) controls who can take actions on specific resources. When enterprises have thousands of resources spread across hundreds of accounts, lack of visibility into users’ entitlements poses a massive risk. Organizations implementing least privilege principles require a unified view into IAM policies, with process automation across cloud accounts, resources and policies.
Control Access and Net Effective Permissions

Prisma™ Cloud IAM Security automatically calculates effective permissions across cloud service providers, detects overly permissive access and suggests corrections to reach least privilege entitlements. Out-of-the-box policies help organizations govern IAM best practices. User and entity behavior analytics (UEBA) capabilities provide clarity by monitoring activities that could signal account compromises.
Unit 42 Cloud Threat Report on IAM misconfigurations

Get the report
Ensure consistent governance of permissions
  • Visibility into net-effective permissions
  • Rightsizing permissions
  • Identity-related entitlements and events querying
  • IDP integration
  • User and entity behavior analytics (UEBA)
  • Automated remediation

Visibility into net-effective permissions

Prisma Cloud IAM Security calculates net-effective permissions out of the various types of permissions policies within your cloud accounts to enable you to gain control over your cloud entitlements.

Rightsizing permissions

Using out-of-the-box policies to detect risky permissions, Prisma Cloud helps remove unwanted access to cloud resources by automatically detecting overly permissive access, and then offering suggestions to rightsize them to achieve least privilege entitlements.

Identity-related entitlements and events querying

Prisma Cloud RQL enables you to query all relevant IAM entities, including all the relationships among different entities and their effective permissions across cloud environments. For example, you can query who uses email addresses, rather than first itemizing all their entitlements.

IDP integration

Prisma Cloud enables organizations to federate user identities with existing identity providers and management systems to prevent the unnecessary management overhead associated with manual maintenance.

User and entity behavior analytics (UEBA)

Prisma Cloud analyzes millions of audit events using machine learning to detect anomalous activities that could signal account compromises, insider threats, stolen access keys and other potentially malicious user activities.

Automated remediation

Prisma Cloud can automatically suggest permissions adjustments, helping organizations continuously ensure least privilege access.

Prisma Cloud IAM Security calculates net-effective permissions out of the various types of permissions policies within your cloud accounts to enable you to gain control over your cloud entitlements.
Using out-of-the-box policies to detect risky permissions, Prisma Cloud helps remove unwanted access to cloud resources by automatically detecting overly permissive access, and then offering suggestions to rightsize them to achieve least privilege entitlements.
Prisma Cloud RQL enables you to query all relevant IAM entities, including all the relationships among different entities and their effective permissions across cloud environments. For example, you can query who uses email addresses, rather than first itemizing all their entitlements.
Prisma Cloud enables organizations to federate user identities with existing identity providers and management systems to prevent the unnecessary management overhead associated with manual maintenance.
Prisma Cloud analyzes millions of audit events using machine learning to detect anomalous activities that could signal account compromises, insider threats, stolen access keys and other potentially malicious user activities.
Prisma Cloud can automatically suggest permissions adjustments, helping organizations continuously ensure least privilege access.

Recommended resources

  • All
  • All
Identity Access Management (IAM) in Cloud Security
Read the blog
Cloud Security in a Distributed World
Watch the webinar
Harnessing the Power of UEBA for Cloud Security
Read the blog
Cloud Compliance Risk Assessment
Take the assessment
Applying Zero Trust to Cloud Environments
Download the white paper
Quick links
View a demo
View a demo
Request a personalized demo
Request a personalized demo
Contact sales
Contact sales
Visit the Resource Center
Visit the Resource Center
Visit the Corporate blog
Visit the Corporate blog
Visit the Unit 42 blog
Visit the Unit 42 blog

Unlock the cloud
security kit now

Get everything you need from best practices and guides to secure your cloud environments today.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
Subscription Reward

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Investors
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Careers
  • Contact Us
  • Manage Email Preferences
Report a Vulnerability
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)
  • Facebook
  • Linkedin
  • Twitter
  • Youtube
Create an account or login

© 2021 Palo Alto Networks, Inc. All rights reserved.