Prisma SaaS is really good at identifying types of data and applying policy to your SaaS applications. What if you could do more? What if you could match on this but not this other thing? What if you had access to more data patterns without needing to spelunk the caverns of custom regular expressions?
Enter Prisma SaaS DLP
I’m excited to say that now you can with the addition of Prisma SaaS DLP a service that augments Prisma SaaS as we know it today. Prisma SaaS currently offers 40 data patterns. Not bad! The DLP service improves on that by introducing Data Profiles.
Imagine being able to combine data patterns into a data profile, then applying that profile to a policy. Currently the number of data profiles offered by Prisma SaaS DLP is 11, offering a helpful tool to the 40 data patterns (note the exact number varies as patterns and profiles are improved upon). Want more? Enterprise DLP Addon has around 380 data patterns. Enterprise DLP is currently available as a trial.
Have you wanted to create a policy that would apply to a data pattern but only if another data pattern wasn't present? A great example I encountered was a customer who wanted to raise an incident if data included proprietary source code but only if it didn't include open source. The regular expression was, to use a highly technical term, icky. Now you can do this kind of combined logic with basic and advanced boolean operators. You can even drag and drop to create the logic.
... View more
Prisma SaaS Default Data Pattern
Palo Alto Networks provides details about the Default Data Pattern in Prisma SaaS. See why it's important to enable this default setting early. Prisma SaaS Customer Success Engineer, Nick Trubic, has all the details.
A Conversation About Default Data Patterns in Prisma SaaS
I was talking with one of our Prisma SaaS Customer Success Engineers, Nick Trubic, about default policies. I asked, "who should apply them, when and why?" Rather than dive into a discussion about the value of default policies, he steered the conversation towards enabling default data patterns.
Default Data Patterns are Useful
Nick described the advantage of applying default data patterns early during Prisma SaaS onboarding. When you apply default data patterns then you don’t need to rescan the app when you apply a new policy. This gives Prisma SaaS the opportunity to categorize the assets when apps are attached. When you create a policy for that app then there’s no need for it to scan backwards for existing assets. The actions defined in the new policy are then applied based on the metadata already collected. Scanning continues going forward and policies are applied to new assets found.
Example default data patterns in Prisma SaaS
What happens if you setup a policy before default data patterns?
I asked what happens if policies are applied before default data patterns. It turns out that Prisma SaaS will then scan for the data patterns specified in the policy then apply actions in the policy. Nick mentioned that you can always add the default data patterns later then trigger a rescan of your assets. Prisma SaaS will then rescan against those data patterns. A rescan doesn’t fetch assets again, but it does apply the new policy to the data patterns associated with the metadata already collected.
Nick was careful to point out that if you modify a policy then a rescan is automatically triggered. The new rescan will go looking for assets that meet the established data patterns.
App re-scan menu option
When should you apply default policies?
It looks pretty clear that the answer is after applying default data patterns.
... View more
Why Can't I Login to Prisma SaaS?
That’s a pretty good question, and one that we hear often.
The short answer is that new administrator accounts should be provisioned from within Prisma SaaS itself. Setting up a new admin account via the hub will result in a new account on the hub, but not in Prisma SaaS. This is by design. The Prisma SaaS Admin Guide is pretty terrific at describing account creation.
Another variation on the theme:
“I clicked "Forgot your password" and never received a reset email. Why not?”
You may have an account in the hub or the Customer Service Portal but not on Prisma SaaS. It would be best to work with your company's Prisma SaaS Super Admin to get that account squared away rather than contacting technical support.
The initial Super Admin for your shiny new Prisma SaaS tenant (I love smell of newly licensed software) is the person who activated it. So if email@example.com has an account on the Customer Service Portal (CSP) and activates Prisma SaaS with an authcode then, ta-dah, Clark now has a Super Admin account on Prisma SaaS. If firstname.lastname@example.org also has an account on CSP or the hub, that doesn’t necessarily mean that she has an account on Prisma SaaS.
Ready for the cool part?
There is one, honest. Once Sally (our hypothetical CSP user) has an account on Prisma SaaS, her account is linked to both. Pretty cool, right? Okay, so to summarize: The best way to create new admin accounts for Prisma SaaS is within Prisma SaaS itself.
Setting up a new admin account from within Prisma SaaS starts at Settings > Application > Admin Accounts.
Prisma SaaS Admin Account Management
For more information about Prisma SaaS and join one of our discussions, visit our page on LIVEcommunity: Prisma SaaS Resource Page.
Bridge the SaaS Security Gap
Is Prisma SaaS the new Aperture? Confused on new name?
Prisma SaaS Technical Documentation
... View more