What’s New with Prisma

L1 Bithead

 

Prisma by Palo Alto Networks.png

Palo Alto Networks, best known for Next-Generation Firewalls, has had a secret rarely discussed: it has been one of the largest cloud security companies for some time now. This secret was brought to light with the recent launch of Prisma, the industry's most comprehensive cloud security suite. The announcement to acquire two additional cloud companies shows we’re serious about solving this complex problem for customers to propel the industry forward by addressing the key challenges the cloud introduces.

 

Having great products isn’t enough, however. The nature of the cloud is that it is constantly changing. It allows organizations such as yours to be extremely agile and much more efficient with your resources, which is why it is so widely used. Even though it’s hard to remember a time before the cloud, it’s still a relatively new industry. For this reason, best practices for organizations and attack techniques by adversaries are quickly evolving as well. To keep up with this constant change, security must constantly evolve to not only keep up but anticipate the next challenge.

 

As a suite of cloud-delivered services, Prisma is constantly updating to keep ahead of the new requirements of the cloud. Let’s look at some of the recent updates for the Prisma SaaS and Prisma Cloud services.

 

Prisma SaaS.pngPrisma SaaS: Protection Across All Your SaaS Applications

 

Prisma SaaS, which comprises Aperture for API-based security and GlobalProtect cloud service for inline security capabilities, enables you to control access and usage of SaaS applications and define policies to automate remediation as violations occur.

 

Given the nature of organizations, there are a number of people involved in evaluating the risk SaaS exposes and getting a better view of what that risk is. There is always risk in doing business—understanding the risk and mitigating it are key. When the risk is unknown, that is what keeps security professionals up at night. So, how do you truly know the risk introduced by SaaS, especially with shadow IT’s use of unsanctioned SaaS applications? You can place a device or service at an egress point to get an idea, but wouldn’t it be more effective to capture, analyze and report from sensors across your whole organization? We are pleased to announce the new Joint Visibility Reporting in Prisma SaaS to solve this.

 

Prisma SaaS: Joint Visibility

 

Prisma SaaS pulls data from all your inline services (physical firewalls, virtualized firewalls and Prisma for inline) across your organization to give a unified view of SaaS risk across multiple applications. This gives you a powerful view of SaaS usage and the risk associated with it, especially when it comes to shadow IT usage. Best of all, it captures this data from sensors you may already have deployed in your organization, or it can be added as a cloud-delivered inline service.

 

This gives CIO and CISO organizational-level visibility into SaaS usage and risk at a much deeper level than a simple egress sensor can provide, and it does so for the whole organization across multiple SaaS applications, gathered into a single report. This also gives detailed visibility to the InfoSec and GRC admins to understand SaaS usage, so they can quickly adapt acceptable usage policy changes across the org.

 

Go here to learn more about this exciting new capability.

 

Prisma SaaS: SAML Proxy/Reverse Proxy for Unmanaged Device Security

 

Increasingly, users are not only mobile but using personal devices to access SaaS applications. This ranges from personal computers at home to, and more likely, their personal smartphones. This represents a significant challenge for the teams that are trying to ensure the same protections are in place for all their users without overly restricting them and making it difficult for them to do their jobs effectively.

 

To solve this, Prisma SaaS now includes reverse proxy support to secure users’ unmanaged device usage and access to SaaS applications no matter the location or device being used. This is done though a new cloud-delivered service that is completely seamless to the users. They likely won’t even notice it's happening, and that’s the way it should be.

 

The service redirects the users through the Prisma inline service, enabling the full security capabilities of Prisma, such as granular App-ID controls for SaaS access across devices and locations, even if they are not managed by the organization.

 

As always, full WildFire malware analysis support is available, preventing malware from using SaaS applications as a distribution method.

 

Go here to learn more about this exciting new capability.

 

Prisma SaaS: Compliance Reporting

 

Compliance is a key requirement for doing business, and GDPR is no exception. With the dynamic nature of SaaS usage, it can keep you up at night wondering if something one of your many users did will accidentally cause you to fail an audit and pay a hefty fine. So, how do you gain visibility across your SaaS applications and, even more importantly, access the information to take quick action?

 

Enter the new, dynamic GDPR reporting for Prisma SaaS. This report gives you full visibility across your SaaS applications on where you stand with respect to GDPR compliance and what is violating it. This isn’t a static PDF, though. This is an actionable report that not only shows your GDPR compliance status but gives you the ability to click on the violations and instantly correct them from within the report. Then, you can use those changes to make policy adjustments so that future violations will be instantly remediated.

 

Go here to learn more about this exciting new capability.

 

This is just the beginning for Prisma SaaS. We are constantly adding to Prisma SaaS, including new SaaS applications and enhancing support for existing applications. Look for major enhancements to DLP, more compliance reporting and much more in the next update.

 

Go here for a more in-depth look at all the updates to Prisma SaaS.

 

Prisma Cloud: Security for All Major Clouds – No Compromises

 

At Palo Alto Networks, we are kicking off summer with new beginnings. The Prisma launch announcement, followed by the Ignite USA 2019 user conference, brought together our vision of comprehensive security across all public cloud infrastructure. Prisma Cloud, formerly known as RedLock, is a cloud service for continuous security posture management, along with threat protection across all major public clouds. There is a new feature to try out every month on Prisma Cloud. Leading to the announcement, the team introduced a slew of new features that help organizations enable security for their public cloud with ease, integrate better with their preferred notification services and extend availability to new regions.

 

Here is a summary of some key features that were generally available in the months of April and May:

  • General availability in new regions: Prisma Cloud is now available on AWS GovCloud in Australia and New Zealand.
  • New integrations with notification systems: Prompt response to security alerts and detailed tracking of incident response remain critical requirements for security and DevOps teams. Prisma Cloud now integrates with PagerDuty for security incident management and Security Incident Module in ServiceNow for generating security tickets.
  • Try and buy simplified: Prisma Cloud is easily accessible for trial and purchase from both Palo Alto Networks Marketplace and AWS Marketplace.

 

The month of May also brought the beta release of our scanning APIs. As security "shifts left" within the software development lifecycle, developers and DevOps teams are looking for security tools that are easy to use and natively integrate into the DevOps toolchain. Prisma Cloud vulnerability scan API and Infrastructure-As-Code scan API are open and free scanning services that can be built into your DevOps toolchain with a single line of code.

  • The vulnerability scan API service provides insight into known software vulnerabilities within your container and virtual machine images.
  • On the other hand, the Infrastructure-As-Code scan API service helps in identifying insecure configuration rules included in your AWS CFT, Terraform and Kubernetes YAML templates.

 

Wait! There are more features to try out. Check out our docs and stay tuned for new features in June and July. Stay “cloud cool” and say hello to a great summer.

 

We just scratched the surface. There is so much more to Prisma, and you don’t have to take my word for it.

 

Go here to learn more about Prisma or here to see a quick demo.

1,333 Views
Ask Questions Get Answers Join the Live Community
Labels