Identity and Access Management Security

Gain deep visibility into who has the ability to take what actions on which resources. By running complex calculations that analyze permissions, such as AWS IAM roles, policies and groups; AWS resource-based policies; and AWS service control policies (SCPs), the IAM Security module can precisely determine net-effective permissions.

• Manage cloud entitlements from a single solution

  Gain integrated capabilities delivered from Prisma Cloud that extend everything we do for Cloud Security Posture Management (CSPM) to cloud identities.

• Implement pre-built policies

  Leverage specialized out-of-the-box policies to detect risky permissions and remove unwanted access to cloud resources.

• Audit permissions for internal compliance

  Quickly audit cloud permissions with related user data, service data and cloud accounts.

Query all relevant IAM entities, including all the relationships among different entities and their effective permissions across cloud environments. Understand which user can take what actions on which resources. Turn queries into custom cloud-agnostic policies and define remediation steps as well as compliance implications.

• Investigate IAM entitlements

  See real-time and historical data to understand IAM activity and entitlements.

• Query data to get the full picture of user activity

  Gain a detailed view of suspicious activity as well as connected accounts and resources.

• Query data specific to identity providers

  Discover overly permissive roles of IDP users and correlate results with cloud identities, such as IAM users and machine identities.

Automatically adjust permissions and continuously enforce least-privileged access. Send alert notifications to 14 third-party tools, including email, AWS Lambda and Security Hub, PagerDuty®, ServiceNow® and Slack®.

• Activate automated remediation for over-privileged users

  Get suggestions for ideal permissions levels for any cloud user from Prisma Cloud.

• Support for 14 common integrations

  Seamlessly integrate Prisma Cloud alerting with your existing alert management tools with built-in support for 14 third-party tools.

• Remediation playbooks

  Leverage custom Cortex® XSOAR playbooks for Prisma Cloud and easily operationalize advanced security orchestration capabilities.