The acquisition of RedLock will add critical security analytics capabilities across multi-cloud environments to our extensive cloud security offering. The security analytics capability utilizes an innovative AI-driven approach that correlates disparate security data sets. RedLock provides comprehensive visibility, threat detection and rapid response across an organization’s entire public cloud environment.
RedLock correlates disparate data sets, including resource configurations, user activities, network traffic, host vulnerabilities/activities and threat intelligence to provide the necessary context on risks. This contextual understanding of the public cloud reduces incident response time from weeks to seconds.
Helps you prioritize remediation for the riskiest resources first, with risk scores determined for every cloud resource, based on the severity of business risks, violations and anomalies.
Allows for quick investigations of current or past issues and analysis of downstream impact. For example, you can search for all databases that were receiving traffic from suspicious IP addresses last month and subsequently drill down on each resource to determine connections to other resources.
Enables you to quickly respond to an issue, based on contextual alerts. You can perform auto-remediation, orchestrate policy, or send alerts via email or to third-party tools, such as Slack®, Demisto® and Splunk®.
provides you with a DVR-like capability to view time-serialized activity for any given resource. You can review the history of changes for a resource and better understand the root cause of an incident – past or present.
Palo Alto Networks® already provides the broadest security offering for multi-cloud environments with inline, host-based and API-based security, bolstered by the acquisition of Evident.io® in March 2018.
Customers will get cloud security analytics and advanced threat detection from RedLock with continuous security and compliance monitoring from Evident in a single offering in the future. The new offering will help security teams respond faster to the most critical threats by replacing manual investigations with automated reports, threat prioritization and remediation.