Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
1 | © 2019 Palo Alto Networks. All Rights Reserved.
Paulo Vieira
Prisma CloudComplete Cloud Security
IDC Futurescape 2020
• Add slides for rate of innovation
2 | © 2019 Palo Alto Networks. All Rights Reserved.
25 Product
Releases a Week
Today’s Cloud Native Landscape
The Need For Speed
Development, DevOps and the business need
to move fast
The Vastness of CloudThousands of services and technologies are
emerging across multi/hybrid clouds
Security Is CrucialAs cloud adoption
accelerates, security & compliance become
board-level issues
Multiple StakeholdersCollaboration becomes challenging as security is seen as an obstacle
Challenges Are Emerging
THROUGH 2023, AT LEAST 99% OF CLOUD SECURITY FAILURES WILL BE THE CUSTOMER’S FAULT
Australian tech unicorn Canva
suffers security breach
885 Million Sensitive Financial Records
Exposed OnlineReal estate giant First American left Social Security
numbers, tax documents, and more publicly
available.
620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts
Facebook Vows to Improve Security After Hack of 29 Million Users
Capital One replaces security
chief after data breach
Online casino group leaks
information on 108 million bets,
including user details
Cloud development is fraught with complexity
Dev Repo
B
Dev Repo
C
Dev Repo
D
Dev Repo
E
Dev Repo
A
Dev Repo
F
Central Repo 1
Central Repo 2
Multiple Ungoverned Teams, Repos, Pipelines, Accounts, Clouds
Disparate tools generate alerts with no shared context
Dev Repo
B
Dev Repo
C
Dev Repo
D
Dev Repo
E
Dev Repo
A
Dev Repo
F
Central Repo 1
Central Repo 2
Overpermissive
IAM role
Data leakage
risk
Resource exposed
to public internet
Anomalous
behavior
IaC misconfiguration
CVEs in ImageVulnerable
OSS package
Misconfigured
Resource
IaC config scan via IDE & SCM Plugins
IaC config & Vuln scan in CI/CD and registry
Complete runtime security
Total visibility, compliance & governance
Dev Repo B
Dev Repo
C
Dev Repo
D
Dev Repo
E
Dev Repo
A
Dev Repo
F
Central Repo 1
Central Repo 2
Private Cloud / Data
Center
Prisma Cloud - Full lifecycle, Full Stack Security
Prisma Cloud - The Cloud Native Security Platform
Prevent, Detect & Respond
NetworkSecurity
Secure networks and enforce microsegmentation across hybrid environments
Visibility &Governance
Understand cloud environments, maintain compliance and enforce
guardrails
Compute Security
Secure containers, hosts and functions across the application cycle
IdentitySecurity
Manage and secure identity across workloads, users, and cloud services.
Build Deploy Run
A Unified Approach To Cloud Native Security
Asset
Inventory
Governance
&
Compliance
Data Security
Vulnerability
managemnt
Runtime Security
Application
Security
Network Anomaly
Detection
Micro-segmenta
tion NGFWIAM
SecurityAccess MGMT UEBA
Visibility & Compliance Compute Security Network Security Identity Security
Prevention, Detection, & Automated Response
Build
One Platform For Complete Cloud Security
Enable DevSecOps
Eliminate issues early and prevent
alert fatigue by seamlessly
integrating security across the
entire lifecycle, from IDE, SCM,
CI/CD, registries, to runtime.
Complete Cloud Security
Deliver comprehensive visibility,
automation, detection, and
response across any compute,
network and cloud service.
One Platform, All Clouds
Monitor and secure multi- and
hybrid cloud environments with a
single, integrated platform.
12 | © 2019 Palo Alto Networks. All Rights Reserved.
Prisma Cloud
Compute Security
Visibility, Compliance, and Governance
Network Security
A single pane of glass for visibility, compliance, and autoremediation for your
entire cloud environment.
Build/Deploy:
Detect and preventmisconfigurations early, reduce risks and alerts in runtime
Identity Security
Run:
Catch security posture changes, detect attacks, run compliance checks and autoremediate
Prisma Cloud
Compute Security
Visibility, Compliance, Detection & Response
Network Security
Defend containers, hosts ,serverless, and applications in real time, detect and
prevent vulnerabilities, and integrate security early in the development lifecycle.
Build/Deploy:
Detect and prevent vulnerabilities and compliance issues in cloud native workloads.
Identity Security
Run:
Detect and block malicious activities on containers, hosts, and serverless with runtime protection.
Prisma Cloud
Compute Security
Visibility, Compliance, Detection & Response
Network Security
Automatically model network flows between micro-services, deploy ID-based
microsegmentation, and enforce advanced network security policies.
Build/Deploy:
Automate provisioning of network security policies during the CI/CD process and detect Security Group misconfigurations.
Identity Security
Run:
Detect network anomalies and malicious traffic, deploy advanced threat protection, and microsegmentcloud native networks.
Prisma Cloud
Compute Security
Visibility, Compliance, Detection & Response
Network Security
Decouple machine identity from IP addresses and leverage ID-based policies. Ensure
least-privileged access to cloud native resources and secure IAM across clouds.
Identity Security
Run:
Detect anomalous user behavior,
manage IAM permissions, enforce
least-privileged access and
leverage machine identity.
Leading The Cloud Native Security Market
60,000+customers
in 150+ countries
50%of Fortune 100 rely on Prisma Cloud
Investing in cybersecurity innovation and market leading solutions
CommittedTo Cloud Native
Security