Host Security

Securing cloud VMs for any public or private cloud with Prisma® Cloud.

Linux and Windows® hosts make up the backbone of many cloud native applications, from cloud instances to Kubernetes® nodes. Applications that run on unprotected, insecure hosts introduce risk and are susceptible to attack.

Read Gartner’s report on cloud workload protection platforms.

Secure cloud hosts across any environment

Prisma Cloud offers a unified platform for securing cloud VMs. Automatically detect and protect cloud hosts with vulnerability management, compliance, runtime protection and anti-malware capabilities. Secure your virtual machines across clouds and environments. Protect Linux and Windows® hosts from malicious processes and applications. Leverage a single agent to protect the host and the containers running on the host.
  • Complete lifecycle support from VM images to instances
  • Continuous vulnerability management and compliance
  • Full stack runtime protection with a single agent
  • Cloud Auto Protection Logo
    Cloud Auto Protection
  • CI/CD & VM Image scanning Logo
    CI/CD & VM Image scanning
  • Vulnerability management Logo
    Vulnerability management
  • Host compliance Logo
    Host compliance
  • Runtime defense Logo
    Runtime defense


Our approach to Host Security

Auto-discovery and auto-protection

Developer cloud accounts and ephemeral hosts makes visibility in the cloud more challenging. Prisma Cloud automates the discovery and protection of hosts in your cloud environment. Find and protect instances across your multi-cloud environments.

  • Discover VMs running across clouds

    Find all running hosts with complete cloud metadata across your various cloud environments leveraging API-based discovery.

  • Identify unmanaged virtual machines

    Get a quick view of your security coverage, identifying virtual machines without any agent protection across all of your clouds.

  • Auto-protect hosts without manually installing agents

    Rule-based automated agent install protects unprotected hosts. Flexibly define scope by Accounts and Tags to enable protection for existing and future instances being spun up

  • Secure hosts and containers with one installation

    Auto-protect hosts with an automatically installed agent that protects the host itself and all containers running on that node.

CI/CD & VM Image scanning

Cloud marketplaces images and in-house image snapshots offer custom VM images prebuilt for specific use cases, but they are not always secure. Avoid detecting known vulnerabilities and configuration issues in runtime by integrating Prisma Cloud automated scans to create sanitized VM images.

  • Build golden pipelines by identifying vulnerable machine images

    Introduce security into your Image factory, automate security scans in DevOps speed to create.

  • VM image library scans

    Scan marketplace and private images like AMIs to identify vulnerable pre-installed components and identify the impact.

  • Build a library of vetted images

    Create a set of pre-vetted images for developer teams to leverage, knowing they are secure and compliant.

Vulnerability management

Improve your hygiene and reduce the risk of exposure in your cloud environments by identifying vulnerabilities continuously before and after deployment. Prisma Cloud finds, prioritizes and protects against vulnerabilities in real time from a centralized dashboard.

  • Broader coverage and faster detection

    Get vulnerability detections across the full stack (OS, Applications and code) of your cloud servers in less than a few minutes. Eliminate blindspots with bespoke detections for unpackaged software.

  • Automated risk prioritization

    Get a global view of vulnerability posture of your entire environment. Identify the vulnerability trend and the top vulnerabilities impacting your hosts. Automated prioritization of vulnerabilities with on risk score and risk factors based on CVSS, exploitable threats, and your applications’ configurations.

  • Gain a consolidated view into risk across your stack from one agent and console

    View risks across your hosts, containers and serverless applications from one agent and console.

Host compliance

In addition to traditional compliance concerns around Linux and Windows settings, cloud native hosts need proper configurations for Kubernetes nodes and container runtimes. Meanwhile, cloud VMs have a shorter lifetime than traditional VMs. Prisma Cloud assesses host compliance as an image and at runtime for an end-to-end and continuous view of your host posture.

  • A single view into compliance across environments

    Gain a comprehensive view of all your hosts, along with images and functions, and their current compliance posture, for pre-built and custom policies.

  • Assess against out-of-the-box benchmarks, including CIS

    Compare host compliance against Linux, Windows, and Kubernetes node- and container-based policies from popular benchmarks, including CIS, PCI DSS, HIPAA, GDPR and NIST.

  • Customize and extend compliance policies

    Easily add custom policies for your organizations’ policies using the same framework as our container custom policies.

  • Begin checks at the image level

    Scan VM images for compliance violations and standardize images pre-deployment.

Runtime defense

Virtual machines can be locked down to purpose-built use cases only. Prisma Cloud leverages runtime modeling for file integrity monitoring and to identify anomalies as well as protect against malicious applications.

  • Automate threat protection

    Automatically profile secure runtime behavior and alert or block anomalous behavior, preventing attacks.

  • Enjoy full virtual machine protection

    Integrated protection across running processes, file system use, host log inspection and custom runtime rules.

  • Activate File Integrity Monitoring and Host Log Inspection

    Enforce FIM and log inspection, core requirements for both runtime protection and achieving compliance.

  • Trace forensic events that led to an incident

    Gather forensic details in a timeline to identify the events that led to an incident and enable incident response.

  • Create allow and block lists for fine-grained control

    Alert on or block behavior from Prisma Cloud’s list of malicious behavior, such as cryptominers, or add your own allow and block lists for processes, networking and file systems.

Prisma Cloud
Prisma Cloud
Prisma Cloud delivers the industry’s broadest security and compliance coverage—for applications, data, and the entire cloud native technology stack—throughout the development lifecycle and across multi- and hybrid-cloud environments.

Cloud Workload Protection modules

Host Security

Secure virtual machines (VMs) on any public or private cloud.

Container Security

Secure Kubernetes and other container platforms on any public or private cloud.

Serverless Security

Secure serverless functions across the full application lifecycle.

Web Application & API Security

Protect against Layer 7 and OWASP Top 10 threats in any public or private cloud.