The following license types are currently available for Prisma SaaS
Prisma SaaS All Apps License – The All Apps license is a user-based license which grants one user the right to use Prisma SaaS to secure SaaS applications. A Prisma SaaS All Apps license is term-based at one or three years.
Public Cloud Storage License – This volume-based license helps you gain bucket and blob visibility and control for your AWS, Azure, and Google Cloud Storage, and it is term-based at one or three years. You can identify and remove public buckets and blobs from inadvertent exposure or use, prevent the propagation of malware and data exfiltration with advanced machine learning and DLP, and view an audit trail for stored buckets and blobs to detect anomalies.
Scope of scanning for Prisma SaaS All Apps License
The service automatically scans your cloud apps using predefined data patterns, classifies all documents using machine learning, and checks hash on all Microsoft Office documents, PDF, and portable executable files against WildFire rules without requiring you to create any policies.
Monitoring for risky or suspicious user or admin behavior
You can review user activity logs enabling you to monitor and investigate the actions of your end users on the data and assets stored in your apps. You can track events, such as file and folder downloads and uploads as well as failed login attempts, or you can learn how a user shared or collaborated on assets hosted in your SaaS applications.
Preventing malware propagation by scanning files using WildFire analysis
WildFire detects and protects against malicious portable executables, Microsoft Office Files, Adobe Portable Document Format (PDF) files, and known threats based on file hash (a unique fingerprint of a file as a result of running the file through a cryptographic hash function).
License Entitlement and Limitations
Currently, a license includes three properties:
License Type (Prisma SaaS All App and Public Cloud Storage)
Service End Date
Total User Count
Service End Date – This is when the current license loaded into the portal expires. When expiration occurs, all scanning of content is stopped until a valid license is applied. We will continue to keep the collected data in the portal for 90 days. After this point, the tenant is de-provisioned and deleted. These are provisioned for durations of one or three years.
Total User Count – This is the quantity of users that we can track and collect data on. This includes, activities, files owned, and shared. Currently this metric is not enforced and we try to match the total number of active users in the organization.