Visibility, Compliance and Governance

Monitor posture, detect and remediate risks, and maintain compliance with Prisma® Cloud
Request a Trial
Visibility, Compliance and Governance Front
Visibility, Compliance and Governance Back

Gartner forecasts that through 2023, 99% of cloud security failures will be the customer’s fault. Complete visibility into every deployed resource as well as absolute confidence in their configuration and compliance status is foundational to a robust cloud security posture.

Read about our unique approach to Cloud Security Posture Management.

Download the datasheet
1

Resources and services are spread across many clouds

Most organizations today use at least three clouds, each with their own security tooling and policy engines. Gaining centralized visibility and consistent control across cloud environments is essential to streamline SOC operations and deliver security for cloud environments and applications.
2

The rate of deployment is only accelerating

The high rate at which new resources are added and changed, combined with a universal lack of good cloud security policy management, challenges security teams to keep up and continuously enforce security policies.
3

Cloud compliance is ever-changing

Compliance is never “one and done.” Given the highly dynamic, distributed nature of cloud environments and the fact that frameworks were developed for on-premises environments, cloud compliance can be exceedingly complex.

Gain complete visibility into all your multi-cloud resources

Prisma Cloud provides security teams with full visibility into all of their cloud assets and simplifies compliance reporting. Prisma Cloud maintains support for more than 20 compliance frameworks, with support for custom frameworks, and enables one-click audit-ready reporting.

With a single solution, prevent misconfigurations and drift by immediately enforcing policy guardrails from a library of more than 700 pre-built cloud security policies
  • Support for the world’s five largest clouds
  • Complete visibility into every deployed resource
  • Continuously enforce compliance
  • Asset inventory
    Asset inventory
  • Configuration management
    Configuration management
  • Easy-to-use query language
    Easy-to-use query language
  • Compliance reporting
    Compliance reporting
  • Infrastructure-as-code scanning
    Infrastructure-as-code scanning
  • Automated remediation
    Automated remediation
THE PRISMA CLOUD SOLUTION

Our approach to Visibility, Compliance and Governance

Cloud asset inventory

Maintaining a current inventory of deployed resources requires continuous discovery and automatic classification as soon as new resources are deployed. Prisma Cloud also maintains a history of configuration changes, enabling users to understand exactly when a new security issue was introduced and by whom, to simplify cloud forensics and auditing.

  • A single dashboard for all your cloud assets

    Continuously track resources across multiple clouds and surface their risk posture in a single view for comprehensive security.

  • Support for the world’s five largest clouds

    Enjoy comprehensive security for all your assets, with support for AWS®, Azure®, Google Cloud, Alibaba Cloud and Oracle Cloud Infrastructure.

  • Detailed resource classification

    Use API metadata to automatically determine the resource types that compose every environment, workload and application. Understanding the types of resources deployed is a key element to determining security posture.

  • Real-time and historical views into risk

    Track the risk posture of assets in real time and gain detailed historical context from fine-grained audit trail analysis.

Learn more
Cloud asset inventory

Configuration management

Ensuring newly deployed resources are securely configured and preventing configuration drift requires policy guardrails. Prisma Cloud ships with more than 700 policies aligned to compliance frameworks and industry best practices.

  • Immediately enforce security guardrails

    Ensure a strong cloud security posture from day one without having to build hundreds of policies from scratch. Leverage the rich policy library built into Prisma Cloud.

  • Prevent configuration drift

    Continuously enforce security policies and ensure resources perpetually align to guardrails. When resources can be created and destroyed in minutes, it's important to ensure security policies stay relevant.

  • Augment your security with custom policies

    Adjust Prisma Cloud policies to meet your specific requirements, or add custom policies to bolster pre-built policies for more complete coverage.

Learn more
Rightsizing permissions

Easy-to-use query language

Gain security and operational insights about your deployments in public cloud environments. Perform configuration checks on resources and query network events across different cloud platforms. Turn queries into custom cloud-agnostic policies and define remediation steps as well as compliance implications.

  • Immediately gain insights

    Perform configuration checks on resources deployed on different cloud platforms and gain unmatched visibility and insights into user and network events.

  • Ask nearly any question

    Search for the configuration of cloud resources, audit all the console and API access events in your cloud environment, or search real-time network events in your environment with detailed network graph depicting actual traffic between resources.

  • Craft cloud-agnostic policies

    Turn any query into a cloud-agnostic policy with a single click. Map compliance frameworks or remediation steps for each policy for a seamless experience across multi-cloud environments.

Learn more
Easy-to-use query language

Compliance monitoring and reporting

Prisma Cloud supports more than 20 compliance standards, including PCI DSS, HIPAA, GDPR, SOC2, NIST 800-171, NIST 800-53, NIST CSF, ISO 27002, CCPA, CCM and any custom frameworks. Generate audit-ready reports with a single click.

  • Continuous compliance monitoring

    Take advantage of out-of-the-box support for more than 20 compliance frameworks and a rich interactive dashboard, enabling even the most resource-constrained security teams to easily manage and enforce compliance across multi-cloud environments.

  • One-click audit reporting

    Generate audit-ready reports against any compliance standard with one click. Granular details identify the specific violating resources and provide the necessary guidance to correct specific compliance issues.

  • Real-time and historical data at your fingertips

    Surface compliance data in real time and with historical context to give your teams the data they need for audits and reporting.

Learn more
Compliance monitoring and reporting

Infrastructure-as-code scanning

Prisma Cloud offers software plugins for developers to proactively perform configuration/compliance assessments of infrastructure-as-code (IaC) templates, including AWS CloudFormation, HashiCorp Terraform and Kubernetes deployment YAMLs, to reduce risk in production environments.

  • Identify misconfigurations early in development

    Give developers and DevOps teams visibility into their infrastructure configurations directly in their development tooling.

  • Use native plugins optimized for developer toolkits

    Employ numerous plugins for IDE, SCM, CI and CD tooling used by developers. This frictionless approach enables developers to scan their IaC templates directly in the products they use to build and deploy their code.

  • Maintain DevOps inventory for centralized visibility

    In addition to complete visibility into every deployed resource, gain centralized visibility into IaC scan results, including specific details such as which policy violations failed.

  • Set global policies for development and DevOps

    Enable your security and DevOps teams to work together to improve risk posture by setting policies covering their build and deploy pipelines.

Learn more
Infrastructure-as-code scanning

Automated remediation

Automatically resolve policy violations, such as misconfigured security groups, within the Prisma Cloud console. Send alert notification to 14 third-party tools, including email, AWS Lambda, Security Hub, PagerDuty®, ServiceNow® and Slack®. Integrate with SOAR tools including Cortex® XSOAR for multi-step remediation playbooks.

  • Automatically resolve misconfigurations

    Auto-resolve policy violations, such as misconfigured security groups. Prisma Cloud runs the CLI command associated with the policy where it discovered the violation.

  • Support for 14 common integrations

    Seamlessly integrate Prisma Cloud alerting with existing alert management tools with built-in support for 14 third-party tools.

  • Remediation playbooks

    Leverage custom Cortex® XSOAR playbooks for Prisma Cloud and easily operationalize advanced security orchestration capabilities.

Learn more
Automated remediation
Prisma Cloud
Prisma Cloud
Prisma Cloud delivers the industry’s broadest security and compliance coverage—for applications, data, and the entire cloud native technology stack—throughout the development lifecycle and across multi- and hybrid-cloud environments.
Learn more

Cloud Security Posture Management modules

VISIBILITY, COMPLIANCE, AND GOVERNANCE

Continuously monitor all cloud resources for misconfigurations, vulnerabilities and other security threats. Simplify compliance reporting.

Learn more

THREAT DETECTION

Pinpoint the highest risk security issues using ML-powered and threat intelligence-based detection with contextual insights.

Learn more

DATA SECURITY

Continuously monitor cloud storage for security threats, govern file access and mitigate malware attacks.

Learn more
Featured Resources

Get more insight into what Prisma Cloud can do for your business

See all resources
Research report

Unit 42 Cloud Threat Report, 1H 2021 – The COVID-19 Conundrum: Cloud Security Impact and Opportunity

Read the full report
Datasheet

Prisma Cloud: Cloud Security Posture Management

Download
Blog

How The MITRE ATT&CK For Cloud Framework Can Improve Threat Detection

Learn more
E-book

An Executive’s Guide to Protecting Workloads and Data on AWS

Download

Customer Stories

Hear how Pokemon, Sabre and ElevenPaths take advantage of Prisma Cloud's full lifecycle security and full stack protection.

Cloud security basics

Learn about DevSecOp trends and get practical tips from developers, industry leaders and security professionals.

The latest from our blog

Start with a piece that focuses on container security with Kubernetes cluster awareness, then dive into the rest.

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links

Report a Vulnerability