Register now for the Code to Cloud Virtual Summit

Cloud Security Posture Management

Comprehensive cloud security across the world’s largest clouds.
Request a Trial
Cloud Security Posture Management Hero Front Image
Cloud Security Posture Management Hero Back Image

Detecting and preventing the misconfigurations and threats that lead to data breaches and compliance violations is growing ever more difficult as cloud architectures become increasingly complex.

Download the latest datasheet on CSPM.

Download the datasheet
1

More clouds create more complexity

As enterprises adopt multi-cloud environments, non-integrated tools create friction and slow everyone down. Security teams must juggle multiple security tools just to gain complete visibility and control into all their cloud resources.
2

Compliance can feel like a fire drill

Without robust, customizable reporting capabilities or the right policy frameworks, it is too time consuming to demonstrate 24/7, year-round, multi-cloud compliance. Manual processes take up valuable cycles, and a lack of control further complicates passing audits.
3

Incomplete solutions create blind spots

Visibility must go deeper than the resource configuration shell. Gaining deep visibility into data objects stored in the public cloud as well as entitlements and user permissions adds the level of depth required for high-fidelity alerts and a clear understanding of risk.

Eliminate cloud blind spots, achieve compliance, and proactively address risks.

Prisma Cloud is a unique Cloud Security Posture Management (CSPM) solution that reduces the complexity of securing multi-cloud environments, while radically simplifying compliance.

Security and compliance teams gain comprehensive visibility across public cloud infrastructure, with continuous, automated monitoring that provides insights into new and existing assets, anomalous behaviors, and potential threats.
  • Complete visibility and protection across any cloud
  • Improved efficiency and collaboration with automation
  • Integrated data security and entitlement controls
  • Visibility, Compliance and Governance
    Visibility, Compliance and Governance
  • Threat Detection
    Threat Detection
  • Data Security
    Data Security
THE PRISMA CLOUD SOLUTION

Our approach to Cloud Security Posture Management

Visibility, Compliance and Governance

Prisma Cloud delivers comprehensive visibility and control over the security posture of every deployed resource. While some solutions simply aggregate asset data, Prisma Cloud analyzes and normalizes disparate data sources to provide unmatched risk clarity.

  • Cloud asset inventory

    Gain continuous visibility across all deployed assets from a single, unified console with more than 2.5 billion assets monitored across customers. Leverage automated workload and application classification across more than 100 services as well as full lifecycle asset change attribution.

  • Configuration assessment

    Immediately enforce configuration guardrails with more than 700 policies built in across more than 120 cloud services. Automatically fix common misconfigurations before they lead to security incidents. Build custom policies once that span across multi-cloud environments.

  • Compliance management

    Take advantage of continuous compliance posture monitoring and one-click reporting with comprehensive coverage (CIS, GDPR, HIPAA, ISO-27001, NIST-800, PCI-DSS, SOC 2, etc.) and support for custom reporting. Easily investigate and auto-remediate compliance violations.

  • Easy-to-use query language

    Gain security and operational insights about your deployments in public cloud environments. Perform configuration checks on resources and query network events across different cloud platforms. Turn queries into custom cloud-agnostic policies and define remediation steps and compliance implications.

  • Automated remediation

    Automatically resolve policy violations, such as misconfigured security groups within the Prisma Cloud console. Send alert notification to 14 third-party tools, including email, AWS Lambda, Security Hub, PagerDuty®, ServiceNow® and Slack®. Integrate with SOAR tools including Cortex® XSOAR for multi-step remediation playbooks.

Learn more

Threat Detection

Static, positive/negative or rule-based policies are an essential foundation for effective cloud security, but alone do not adequately cover the entire threat landscape. Anomaly-based policies that leverage machine learning to monitor and report on suspicious or unusual activities complement traditional policy libraries for a comprehensive threat detection strategy.

  • Network anomaly detection

    Leverage over 500 billion weekly flow logs, machine learning, and AutoFocus integrations to pinpoint anomalies like port scans, protocol/port abuse, and bots. Classify and view suspicious IP details, and investigate using visualizations.

  • User entity behavior analytics (UEBA)

    Monitor cloud environments for unusual user activities. Discover insider threats and potential account compromises. Leverage industry-leading ML capabilities with more than 5 billion audit logs ingested weekly.

  • Integrated threat detection dashboards

    Use powerful dashboards that highlight alerts and compromises within our console, helping you easily understand suspicious network communication and user activity.

Learn more

Data Security

Prisma Cloud Data Security is purpose-built to address the challenges of discovering and protecting data at the scale and velocity common in public cloud environments. By combining the power of Palo Alto Networks Enterprise Data Loss Prevention (DLP) and WildFire® malware prevention service, only Prisma Cloud Data Security offers a comprehensive, integrated cloud native solution.

  • Data visibility and classification

    Get visibility into S3 buckets and objects, and sort contents by region, owner and exposure. Detail any object, including metadata, in the Object Explorer. Detect sensitive data like PII, financial and healthcare info, and intellectual property.

  • Data governance

    Use pre-built and customizable policies to detect data such as PII in publicly exposed objects. Enable or disable data compliance profiles for types such as PII, healthcare, financial and intellectual property based on mandates.

  • Malware detection

    Identify and protect against known and unknown file-based threats that have infiltrated S3 buckets. Flag any object that contains malware as determined by WildFire.

  • Alerting

    View alerts for each object based on data classification, data exposure and file types. Forward alerts to AWS SQS, Splunk and Webhooks to notify other teams for investigation and remediation.

Learn more
Prisma Cloud
Prisma Cloud
Prisma Cloud delivers the industry’s broadest security and compliance coverage—for applications, data, and the entire cloud native technology stack—throughout the development lifecycle and across multi- and hybrid-cloud environments.
Learn more

Cloud Security Posture Management modules

Visibility, Compliance and Governance

Continuously monitor all cloud resources for misconfigurations, vulnerabilities and other security threats. Simplify compliance reporting.

Learn more

Threat Detection

Pinpoint the highest risk security issues with ML-powered and threat intelligence-based detection with contextual insights.

Learn more

Data Security

Continuously monitor cloud storage for security threats, govern file access and mitigate malware attacks.

Learn more
Featured Resources
See all Resources
Prisma™ Cloud
Research Report

Unit 42 Cloud Threat Report, 1H 2021 – The COVID-19 Conundrum: Cloud Security Impact and Opportunity

Read the full report
Prisma™ Cloud
Video

Prisma Cloud for CSPM

Watch now
Prisma™ Cloud
Datasheet

Prisma Cloud: Cloud Security Posture Management

Download
Prisma™ Cloud
Blog post

How The MITRE ATT&CK For Cloud Framework Can Improve Threat Detection

Learn more
See all Resources

Get the latest news, invites to events and threat alerts

Popular Resources

Legal Notices

Popular Links

Report a Vulnerability