Palo Alto Networks has added ML-powered next-generation Cloud Security Posture Management (CSPM) capabilities to Prisma Cloud, to help organizations eliminate dangerous cloud blind spots and free security teams from the burden of alert fatigue.
The five new features of Prisma Cloud are: True Internet Exposure, Visibility-as-Code, Network Data Exfiltration Detection, Anomalous Compute Provisioning Detection and Customizable Object-Level Scanning for AWS S3.
Legacy CSPM solutions generate alerts for any overly permissive security group — even if the security group is not publicly exposed. True Internet Exposure provides end-to-end network path visibility between any source and destination, eliminating needless alerts associated with unexposed cloud instances and security groups.
With Visibility-as-Code, Prisma Cloud can now support new cloud services in days, providing development teams with the freedom to take advantage of the latest cloud services while giving the security teams the security measures they need.
Prisma Cloud uses machine learning to analyze vast amounts of network flow logs and understand the typical traffic pattern of each customer, which is then used to detect and alert on abnormal egress traffic to any IP address, including TOR exit nodes.
This allows security teams to focus their remediation efforts on the most dangerous data exfiltration attacks and avoid unnecessary alert storms.