Prisma Cloud - CyberTech ID Forum 24.pdf
satrioyoyo
195 views
31 slides
Aug 25, 2024
Slide 1 of 31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
About This Presentation
The Prisma Cloud - CyberTech ID Forum 24 slideshow presentation begins with an introduction to the CyberTech ID Forum, an influential event that gathers cybersecurity professionals to discuss emerging trends, challenges, and innovative solutions within the cybersecurity landscape. The presentation s...
Slide Content
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Securing Your Cloud Journey
from Code to Cloud
Fransiskus Indromojo, CISSP
Sr. Solution Architect Prisma Cloud
Palo Alto Networks
Securing Your Cloud Journey
from Code to Cloud
Fransiskus Indromojo, CISSP
Sr. Solution Architect Prisma Cloud
Palo Alto Networks
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
A majority of the code in the average application
is open source
Cloud Services
Compute Storage Network IAM
Host/VM
ServerlessOrchestrator
Container Runtime
App App
App
App App
of application code
is open source
1
75%
*Forrester’s The State of Application Security
A majority of the code in the average application
is open source
Cloud Services
Compute Storage Network IAM
Host/VM
ServerlessOrchestrator
Container Runtime
App App
App
App App
of application code
is open source
1
75%
*Forrester’s The State of Application Security
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Open source code is vulnerable to attack
Cloud Services
Compute Storage Network IAM
Host/VM
ServerlessOrchestrator
Container Runtime
App App
App
App App
of codebases contain
an OSS vulnerability**
81%
*Unit 42 Cyber Intelligence Network Threat Research
Open source code is vulnerable to attack
Cloud Services
Compute Storage Network IAM
Host/VM
ServerlessOrchestrator
Container Runtime
App App
App
App App
of codebases contain
an OSS vulnerability**
81%
*Unit 42 Cyber Intelligence Network Threat Research
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Open Source & Code Dependencies Findings
Attacks on software supply
chains are on the rise
7.3K+
malicious open-source
software packages were
discovered in 2022
Managing code
dependencies is
challenging
77%
of the required packages and
vulnerabilities are introduced
by non-root packages
Open Source & Code Dependencies Findings
Attacks on software supply
chains are on the rise
7.3K+
malicious open-source
software packages were
discovered in 2022
Managing code
dependencies is
challenging
77%
of the required packages and
vulnerabilities are introduced
by non-root packages
Open Source Trust Ecosystems In the Cloud Are Fragile
Source: https://xkcd.com/2347/
●Excessive implicit trust in open
source libraries and software
components
●Open source projects are usually
maintained on a volunteer basis
(e.g. Log4j)
●Traditional approaches do not
enable proactive ‘zero trust’
Source: https://xkcd.com/2347/
●Excessive implicit trust in open
source libraries and software
components
●Open source projects are usually
maintained on a volunteer basis
(e.g. Log4j)
●Traditional approaches do not
enable proactive ‘zero trust’
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
RISK
80%
OSS with Vulnerabilities
15 min
to exploit New
Vulnerabilities
10:1
Dev to Sec ratio
40%
GenAI proliferation
of insecure code
INNOVATION
75%
Public cloud will be the
primary platform by 2026
77%
Continuous delivery;
every week
10X
GenAI acceleration
of software
Modern Cloud Applications: The Perfect Storm of Innovation and Risk
RISK
80%
OSS with Vulnerabilities
15 min
to exploit New
Vulnerabilities
10:1
Dev to Sec ratio
40%
GenAI proliferation
of insecure code
INNOVATION
75%
Public cloud will be the
primary platform by 2026
77%
Continuous delivery;
every week
10X
GenAI acceleration
of software
Modern Cloud Applications: The Perfect Storm of Innovation and Risk
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Why Current Approaches to Protecting Applications Fail
SECURITY REMAINS AN AFTERTHOUGHT
Why Current Approaches to Protecting Applications Fail
SECURITY REMAINS AN AFTERTHOUGHT
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Device/Workload
Verify user device
integrity
Verify workload
integrity
Identify all devices
including IoT
Access TransactionIdentity
Validate users with
strong authentication
Validate developers,
devops, and admins
with strong
authentication
Validate all users with
access to the
infrastructure
Enforce least-privilege
user access to data and
applications
Least-privilege access
segmentation for
native and third-party
infrastructure
Enforce least-privilege
access for workloads
accessing other
workloads
Scan all content for
malicious activity and
data theft
Scan all content for
malicious activity and
data theft
Scan all content within
the infrastructure for
malicious activity and
data theft
Zero Trust for
Users
Zero Trust for
Applications
Zero Trust for
Infrastructure
© 2022 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
WHERE DOES CLOUD SECURITY FIT INTO ZERO TRUST
Device/Workload
Verify user device
integrity
Verify workload
integrity
Identify all devices
including IoT
Access TransactionIdentity
Validate users with
strong authentication
Validate developers,
devops, and admins
with strong
authentication
Validate all users with
access to the
infrastructure
Enforce least-privilege
user access to data and
applications
Least-privilege access
segmentation for
native and third-party
infrastructure
Enforce least-privilege
access for workloads
accessing other
workloads
Scan all content for
malicious activity and
data theft
Scan all content for
malicious activity and
data theft
Scan all content within
the infrastructure for
malicious activity and
data theft
Zero Trust for
Users
Zero Trust for
Applications
Zero Trust for
Infrastructure
© 2022 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
WHERE DOES CLOUD SECURITY FIT INTO ZERO TRUST
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Everything Cloud Starts as Code
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
Everything Cloud Starts as Code
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Everything Cloud Starts as Code, Where 1 issue …
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
Everything Cloud Starts as Code, Where 1 issue …
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Everything Cloud Starts as Code, Where 1 issue Becomes Hundreds in Runtime
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
! ! !
! ! !
Everything Cloud Starts as Code, Where 1 issue Becomes Hundreds in Runtime
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
! ! !
! ! !
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Everything Cloud Starts as Code, Where 1 issue Becomes Hundreds in Runtime
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
! ! !
! ! !
!
!
!
!
!
!
!
! !
!
!
!
Everything Cloud Starts as Code, Where 1 issue Becomes Hundreds in Runtime
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
! ! !
! ! !
!
!
!
!
!
!
!
! !
!
!
!
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
The End Goal: Fewer Incidents, Reduced Cost
1
Misconfigured or
vulnerable repo
Security
Run-Time
100s
of deployments
Developers DevOps
Build Deploy
Issues To Fix
1,000s
of security alerts
Turns
Into
Turns
Into
1x
Cost to fix a bug
found during coding
5x
Cost to fix a bug
found during testing
20x
Cost to fix a bug
found in production
Uncaught Uncaught
The End Goal: Fewer Incidents, Reduced Cost
1
Misconfigured or
vulnerable repo
Security
Run-Time
100s
of deployments
Developers DevOps
Build Deploy
Issues To Fix
1,000s
of security alerts
Turns
Into
Turns
Into
1x
Cost to fix a bug
found during coding
5x
Cost to fix a bug
found during testing
20x
Cost to fix a bug
found in production
Uncaught Uncaught
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
VISIBILITY COMPLIANCE
AND GOVERNANCE
Code Compliance, IaC Compliance,
Cloud Compliance to Workload
Compliance
FULL LIFECYCLE
VULNERABILITY
MANAGEMENT
Shift Left and Also Shift Right
Vulnerability Management
FULL LIFECYCLE
PREVENTION
Prevention First on API, VM, Container,
Serverless Workloads
03
01 02
We Need to…
DEFINE THE PROTECTION STRATEGY
VISIBILITY COMPLIANCE
AND GOVERNANCE
Code Compliance, IaC Compliance,
Cloud Compliance to Workload
Compliance
FULL LIFECYCLE
VULNERABILITY
MANAGEMENT
Shift Left and Also Shift Right
Vulnerability Management
FULL LIFECYCLE
PREVENTION
Prevention First on API, VM, Container,
Serverless Workloads
03
01 02
We Need to…
DEFINE THE PROTECTION STRATEGY
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Mitigating Security Risks across Application Lifecycle
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
! ! !
! ! !
!
!
!
!
!
!
!
! !
!
!
!
P
SAST
P
Secrets
Scanning
P
IaC Security
CI/CD
Security
PP
SCA
P
API
P
CSPM
P
CIEM CDS
P P
CWP
P
WAAS CNS
P
CDR
PP
Vuln
Management
Mitigating Security Risks across Application Lifecycle
Cloud InfrastructureCode Cloud Runtime
Payments
Catalog
Shipping
Analytics
Billing
Custom
Open Source
IaC
CI/CD pipeline CI/CD pipeline
VMs ContainersServerless
PaaSDBaaS Identity
Cloud Application
!
!
! ! !
! ! !
!
!
!
!
!
!
!
! !
!
!
!
P
SAST
P
Secrets
Scanning
P
IaC Security
CI/CD
Security
PP
SCA
P
API
P
CSPM
P
CIEM CDS
P P
CWP
P
WAAS CNS
P
CDR
PP
Vuln
Management
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
How Prisma Cloud Can Help You?
How Prisma Cloud Can Help You?
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Zero In Quickly to Fix Now in Cloud, and Forever in Code
Critical Risks and Incidents
Showing critical risks and incidents in the last 24 hours
Go to Command Center
INCIDENTS
VIEW INCIDENTS
2100%
ATTACK PATHS
VIEW ATTACK PATHS
850%
VULNERABILITIES
VIEW VULNERABILITIES
2140%
EXPOSURES
VIEW EXPOSURES
32100%
IDENTITY RISKS
VIEW IDENTITY
2
DATA RISKS
VIEW DATA
5
Home Dashboard Reports Inventory Alerts Investigate
Internet Internet Exposure Admin Access PII Data
Misconfiguration
Virtual Machine
Critical Vulnerability
Send ticket to Application
owner with rich context
Or apply Compensating
controls to Block Exploits*
Open Ticket
Virtual Patch
Fix in Cloud
Send Pull Request
Send Recommended Fixes
for Developers to approve
Fix in Code
*Roadmap
25% 100%
Zero In Quickly to Fix Now in Cloud, and Forever in Code
Critical Risks and Incidents
Showing critical risks and incidents in the last 24 hours
Go to Command Center
INCIDENTS
VIEW INCIDENTS
2100%
ATTACK PATHS
VIEW ATTACK PATHS
850%
VULNERABILITIES
VIEW VULNERABILITIES
2140%
EXPOSURES
VIEW EXPOSURES
32100%
IDENTITY RISKS
VIEW IDENTITY
2
DATA RISKS
VIEW DATA
5
Home Dashboard Reports Inventory Alerts Investigate
Internet Internet Exposure Admin Access PII Data
Misconfiguration
Virtual Machine
Critical Vulnerability
Send ticket to Application
owner with rich context
Or apply Compensating
controls to Block Exploits*
Open Ticket
Virtual Patch
Fix in Cloud
Send Pull Request
Send Recommended Fixes
for Developers to approve
Fix in Code
*Roadmap
25% 100%
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Zero In Quickly to Fix Now in Cloud, and Forever in Code
Critical Risks and Incidents
Showing critical risks and incidents in the last 24 hours
Go to Command Center
INCIDENTS
VIEW INCIDENTS
2100%
ATTACK PATHS
VIEW ATTACK PATHS
850%
VULNERABILITIES
VIEW VULNERABILITIES
2140%
EXPOSURES
VIEW EXPOSURES
32100%
IDENTITY RISKS
VIEW IDENTITY
2
DATA RISKS
VIEW DATA
5
Home Dashboard Reports Inventory Alerts Investigate
Internet Internet Exposure Admin Access PII Data
Misconfiguration
Virtual Machine
Critical Vulnerability
Send ticket to Application
owner with rich context
Or apply Compensating
controls to Block Exploits*
Open Ticket
Virtual Patch
Fix in Cloud
Send Pull Request
Send Recommended Fixes
for Developers to approve
Fix in Code
*Roadmap
25% 100%
Code-to-Cloud Remediation
Zero In Quickly to Fix Now in Cloud, and Forever in Code
Critical Risks and Incidents
Showing critical risks and incidents in the last 24 hours
Go to Command Center
INCIDENTS
VIEW INCIDENTS
2100%
ATTACK PATHS
VIEW ATTACK PATHS
850%
VULNERABILITIES
VIEW VULNERABILITIES
2140%
EXPOSURES
VIEW EXPOSURES
32100%
IDENTITY RISKS
VIEW IDENTITY
2
DATA RISKS
VIEW DATA
5
Home Dashboard Reports Inventory Alerts Investigate
Internet Internet Exposure Admin Access PII Data
Misconfiguration
Virtual Machine
Critical Vulnerability
Send ticket to Application
owner with rich context
Or apply Compensating
controls to Block Exploits*
Open Ticket
Virtual Patch
Fix in Cloud
Send Pull Request
Send Recommended Fixes
for Developers to approve
Fix in Code
*Roadmap
25% 100%
Code-to-Cloud Remediation
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Explore All Angles from Code to Cloud
Explore All Angles from Code to Cloud
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Explore All Angles from Code to Cloud
Code-to-Cloud Infinity Graph
Explore All Angles from Code to Cloud
Code-to-Cloud Infinity Graph
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
●Measure and report
from Code to Cloud
●See burndown trends
●Celebrate success
Full Lifecycle Reporting to Foster Dev-Sec Collaboration
Visibility from Code-to-Cloud Prioritize and Remediate Search and Investigate Force Multiply with AI Report from Code-to-Cloud
Total Buildtime Errors in Repositories
118
ACME Enterprises
Your Aggregate Environment Rollup
Total Urgent Vulns in Registry Images
32
Total Incidents & Attack Paths
7
Buildtime Errors in Repositories
76
Urgent Vulns in Registry Images
14
Incidents & Attack Paths
3
Buildtime Errors in Repositories
42
Urgent Vulns in Registry Images
18
Incidents & Attack Paths
4
8% 9% 20%
8% 9% 20%
Segment your top security risks by Applications or Account owners to identify problematic areas.
Inventory & Search App
Business Unit A
Inventory & Payments App
Business Unit B
●Measure and report
from Code to Cloud
●See burndown trends
●Celebrate success
Full Lifecycle Reporting to Foster Dev-Sec Collaboration
Visibility from Code-to-Cloud Prioritize and Remediate Search and Investigate Force Multiply with AI Report from Code-to-Cloud
Total Buildtime Errors in Repositories
118
ACME Enterprises
Your Aggregate Environment Rollup
Total Urgent Vulns in Registry Images
32
Total Incidents & Attack Paths
7
Buildtime Errors in Repositories
76
Urgent Vulns in Registry Images
14
Incidents & Attack Paths
3
Buildtime Errors in Repositories
42
Urgent Vulns in Registry Images
18
Incidents & Attack Paths
4
8% 9% 20%
8% 9% 20%
Segment your top security risks by Applications or Account owners to identify problematic areas.
Inventory & Search App
Business Unit A
Inventory & Payments App
Business Unit B
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
●Measure and report
from Code to Cloud
●See burndown trends
●Celebrate success
Full Lifecycle Reporting to Foster Dev-Sec Collaboration
Visibility from Code-to-Cloud Prioritize and Remediate Search and Investigate Force Multiply with AI Report from Code-to-Cloud
Total Buildtime Errors in Repositories
118
ACME Enterprises
Your Aggregate Environment Rollup
Total Urgent Vulns in Registry Images
32
Total Incidents & Attack Paths
7
Buildtime Errors in Repositories
76
Urgent Vulns in Registry Images
14
Incidents & Attack Paths
3
Buildtime Errors in Repositories
42
Urgent Vulns in Registry Images
18
Incidents & Attack Paths
4
8% 9% 20%
8% 9% 20%
Segment your top security risks by Applications or Account owners to identify problematic areas.
Inventory & Search App
Business Unit A
Inventory & Payments App
Business Unit B
Code-to-Cloud Dashboard
●Measure and report
from Code to Cloud
●See burndown trends
●Celebrate success
Full Lifecycle Reporting to Foster Dev-Sec Collaboration
Visibility from Code-to-Cloud Prioritize and Remediate Search and Investigate Force Multiply with AI Report from Code-to-Cloud
Total Buildtime Errors in Repositories
118
ACME Enterprises
Your Aggregate Environment Rollup
Total Urgent Vulns in Registry Images
32
Total Incidents & Attack Paths
7
Buildtime Errors in Repositories
76
Urgent Vulns in Registry Images
14
Incidents & Attack Paths
3
Buildtime Errors in Repositories
42
Urgent Vulns in Registry Images
18
Incidents & Attack Paths
4
8% 9% 20%
8% 9% 20%
Segment your top security risks by Applications or Account owners to identify problematic areas.
Inventory & Search App
Business Unit A
Inventory & Payments App
Business Unit B
Code-to-Cloud Dashboard
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Code-to-Cloud
Remediation
Code-to-Cloud
Security
Code-to-Cloud
Dashboard
Code-to-Cloud
Infinity Graphs
AI Co-Pilot
Secure the InfrastructureSecure the Source Secure the Runtime
Prisma Cloud Helps Customers “Prevent Risks & Breaches”
Shift left and Secure by Design
all Code, Secrets, Open Source
libraries, Infrastructure as Code (IaC),
and CI/CD pipelines
Prisma Cloud
Gain Visibility and Control over
Configurations, Identity and Access, Data,
and Vulnerabilities across all clouds
Protect the Application Runtime
Environment, securing all Cloud
Workloads and APIs
Block breaches in runtimeFix risks at the source
Risk Prevention Visibility & Control Runtime Protection
Security Data Mesh
Open, Extensible Platform
Code-to-Cloud
Remediation
Code-to-Cloud
Security
Code-to-Cloud
Dashboard
Code-to-Cloud
Infinity Graphs
AI Co-Pilot
Secure the InfrastructureSecure the Source Secure the Runtime
Prisma Cloud Helps Customers “Prevent Risks & Breaches”
Shift left and Secure by Design
all Code, Secrets, Open Source
libraries, Infrastructure as Code (IaC),
and CI/CD pipelines
Prisma Cloud
Gain Visibility and Control over
Configurations, Identity and Access, Data,
and Vulnerabilities across all clouds
Protect the Application Runtime
Environment, securing all Cloud
Workloads and APIs
Block breaches in runtimeFix risks at the source
Risk Prevention Visibility & Control Runtime Protection
Security Data Mesh
Open, Extensible Platform
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
What’s Required: Integrated Context to Prioritize, Fix at Source, Block in Runtime
Cloud InfrastructureCode Cloud Runtime
Prisma Cloud
Code-to-Cloud Intelligence
Block breaches in runtimeFix risks at the source
Secure the InfrastructureSecure the Source Secure the Runtime
What’s Required: Integrated Context to Prioritize, Fix at Source, Block in Runtime
Cloud InfrastructureCode Cloud Runtime
Prisma Cloud
Code-to-Cloud Intelligence
Block breaches in runtimeFix risks at the source
Secure the InfrastructureSecure the Source Secure the Runtime
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
CURRENT
APPROACH
CLOUD NATIVE APPLICATION
PROTECTION PLATFORM
Protection Focused on Runtime Comprehensive Security from Code to Cloud
Visibility Without Prevention Prevention-First Approach
Infrequent Scans Lead to Blind Spots Continuous, Real Time Visibility
Tool Proliferation Platform with Choice For Every Cloud Journey
Scale Issues, Performance Impacts Cloud Scale Security
CLOUD SECURITY: PRISMA CLOUD PRINCIPLES
Prisma Cloud
CURRENT
APPROACH
CLOUD NATIVE APPLICATION
PROTECTION PLATFORM
Protection Focused on Runtime Comprehensive Security from Code to Cloud
Visibility Without Prevention Prevention-First Approach
Infrequent Scans Lead to Blind Spots Continuous, Real Time Visibility
Tool Proliferation Platform with Choice For Every Cloud Journey
Scale Issues, Performance Impacts Cloud Scale Security
CLOUD SECURITY: PRISMA CLOUD PRINCIPLES
Prisma Cloud
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
40%
greater coverage than
the nearest competitor
11 Hosting Locations
Multi-geo support: NA (US & Canada), EMEA (UK, Germany, France),
JAPAC (Australia, China, Singapore, Japan, India), GovCloud
Support your DEVELOPERS’ CHOICE of cloud services
Broadest Cloud Service Coverage
40%
greater coverage than
the nearest competitor
11 Hosting Locations
Multi-geo support: NA (US & Canada), EMEA (UK, Germany, France),
JAPAC (Australia, China, Singapore, Japan, India), GovCloud
Support your DEVELOPERS’ CHOICE of cloud services
Broadest Cloud Service Coverage
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Don’t take our word for it
Don’t take our word for it
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Secure the Runtime Secure the Infrastructure
CNAPP
LEADER
Global CNAPP Radar
CNAPP
Top Reviewed Product
Gartner Peer Insights CNAPP
CNAPP
LEADER
Cloud Workload Security Wave
Secure the Source
Prisma Cloud: Protection from Code to Cloud
A Complete Platform that Integrates Best of Breed Capabilities
DevSecOps
LEADER
Developer Security Tools Radar
Code Security
LEADER
Policy as Code Radar
CSPM
LEADER
CSPM Radar
CSPM
Top Reviewed Product
Gartner Peer Insights CSPM
CWPP
Ranked #1
Top CWPP Products
CWPP
LEADER
Global CWPP Radar
Secure the Runtime Secure the Infrastructure
CNAPP
LEADER
Global CNAPP Radar
CNAPP
Top Reviewed Product
Gartner Peer Insights CNAPP
CNAPP
LEADER
Cloud Workload Security Wave
Secure the Source
Prisma Cloud: Protection from Code to Cloud
A Complete Platform that Integrates Best of Breed Capabilities
DevSecOps
LEADER
Developer Security Tools Radar
Code Security
LEADER
Policy as Code Radar
CSPM
LEADER
CSPM Radar
CSPM
Top Reviewed Product
Gartner Peer Insights CSPM
CWPP
Ranked #1
Top CWPP Products
CWPP
LEADER
Global CWPP Radar
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Thank you
paloaltonetworks.com
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Thank you
paloaltonetworks.com
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
© 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
Prisma Cloud Adoption Journey Roadmap
Risk Prevention
Infrastructure as Code (IAC)
Software Composition
Analysis
Secrets Scanning
CI/CD Pipeline
Cloud Migration Journey
Cloud Security Adoption
Visibility & Control
Visibility & Compliance
Misconfiguration and threat
detection
Vulnerability management
Permissions management
Runtime Protection
Exploit & Malware Prevention
Command & Control (C2)
Protection
API Security
Lateral Movement Prevention
Integration & Orchestration
Automation and Response
Incident Management
Security Orchestration
Threat Hunting and management
Foundation
Advanced
Ideal
Objective & Goal:
Safer:
Reduction in likelihood of breaches with
prevention first strategy and proactive risk
based security
Simpler:
Achieving simpler process to improve on
MTTD(Detection) / MTTI(Investigate) /
MTTR(Remediation)
Faster:
Reducing the time to create and tune
workflow and policies
Basic
Prisma Cloud Adoption Journey Roadmap
Risk Prevention
Infrastructure as Code (IAC)
Software Composition
Analysis
Secrets Scanning
CI/CD Pipeline
Cloud Migration Journey
Cloud Security Adoption
Visibility & Control
Visibility & Compliance
Misconfiguration and threat
detection
Vulnerability management
Permissions management
Runtime Protection
Exploit & Malware Prevention
Command & Control (C2)
Protection
API Security
Lateral Movement Prevention
Integration & Orchestration
Automation and Response
Incident Management
Security Orchestration
Threat Hunting and management
Foundation
Advanced
Ideal
Objective & Goal:
Safer:
Reduction in likelihood of breaches with
prevention first strategy and proactive risk
based security
Simpler:
Achieving simpler process to improve on
MTTD(Detection) / MTTI(Investigate) /
MTTR(Remediation)
Faster:
Reducing the time to create and tune
workflow and policies
Basic
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 195
- Slides 31
- Age 463 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views