Protect your data across multicloud environments with exposure analysis, sensitive data detection, and malware detection.
The scale of application shifting to the cloud has caused organizations to store massive amounts of data in their Azure Storage blobs. In some cases, the massive volume of data exhausts resources to monitor, classify and protect the data.
Only 64% of the storage resources were publicly available, according to our Unit 42 threat research, and 30% of organizations had exposed sensitive content — such as personally identifiable information (PII), intellectual property, and healthcare and financial data — to the internet.
Without visibility, securing data and meeting compliance requirements becomes challenging across your storage resources.
We are excited to introduce Azure Blob Storage protection via the Data Security module in Prisma Cloud.
With this addition, Prisma Cloud now offers the following for Azure environments:
Visibility - Provides comprehensive visibility of your storage resources and blobs
Exposure Analysis - Prevents anonymous public read access for containers and blobs by detecting blob level exposure
Sensitive data detection - Identify sensitive and regulatory data such as PII, PHI, customer records, financial records, secrets and intellectual property in your storage blobs
Malware detection - Ensure your storage is free of known and unknown malware, that can spread across your cloud workloads and on-premise infrastructure.
Here are a few highlights of features introduced in this release.
Enable data security for your Azure cloud account or Azure management groups in two easy steps.
Provide access to your cloud storage by sharing minimal access required to protect your storage account using the Terraform template
Define scan configuration — Allow you to select “Custom Scan” and run scans on specific storage accounts
Enable Data Security on Azure Subscription
Detect Sensitive Data in Storage Blobs
Prisma Cloud incorporates Palo Alto Networks Enterprise DLP ending, which uses pattern analysis and machine learning to identify and categorize data. Out of the box Data Patterns can recognize sensitive and regulatory data within blob storage, such as financial information, PII, PHI, and intellectual property. In addition, you can ensure your data storage doesn’t violate GDPR by storing sensitive PII data.
Sensitive data patterns detected in Azure Storage
Detect Known and Unknown Malware in Storage Blobs
If your designed application stores data to be consumed by other users, you need to ensure that the stored data is free to known and unknown malware. Hidden malware in your cloud storage can spread across your cloud workloads or downloaded on a host machine. This is often an overlooked security requirement by cloud providers for platform-as-as-service (PaaS). Prisma Cloud leverages Palo Alto Networks Enterprise WildFire analysis engine to protect against known and unknown file-based threats.
Malware detected in Azure Storage
Data Security Policy and Alerts
Prisma Cloud provides out-of-box data security policies for detecting objects containing malware or publicly exposed sensitive information. These policies are available to help you create real time alerts for creating a remediation workflow with third-party services. Auto-quarantine an object, for example, by revoking all permissions for that object when an alert for “object containing malware’ gets triggered.
Pre-defined data security policies
3rd Party Integration in Prisma Cloud
Secure Your Cloud Storage
Gain comprehensive visibility and data security with Prisma Cloud to leverage enterprise class DLP engine and malware analysis engine for classify data and detect malware. Current customers can enable the data security module and scan up to 100 GB of Azure Blob Storage data for free. Please refer to the licensing document for additional licensing charges.