CSPM

The #1 CSPM Leader

Prisma Cloud receives top scores in GigaOm analysis

Cloud Security Posture Management

Comprehensive cloud security across the world’s largest clouds.

Cloud Security Posture Management Hero Front Image
Cloud Security Posture Management Hero Back Image

Detecting and preventing the misconfigurations and threats that lead to data breaches and compliance violations is growing ever more difficult as cloud architectures become increasingly complex.

Download the latest datasheet on CSPM.

Continuously monitor all your cloud resources

As enterprises adopt cloud-native methodologies and gain the flexibility of multicloud architectures, stitching together security data from disparate legacy tools becomes a considerable obstacle. DevOps and security teams need a single, integrated solution that provides complete visibility into every deployed resource alongside configuration and compliance status.

Prisma® Cloud takes a unique approach to cloud security posture management (CSPM), going beyond mere compliance or configuration management. Vulnerability intelligence from more than 30 data sources provides immediate clarity on critical security issues while controls across the development pipeline prevent insecure configurations from ever reaching production.
  • Gain complete visibility across clouds.
  • Prevent configuration drift.
  • Protect identities and data, and enforce compliance.
  • Visibility, Compliance and Governance
    Visibility, Compliance and Governance
  • Threat Detection
    Threat Detection
  • Data Security
    Data Security

THE PRISMA CLOUD SOLUTION

Our approach to Cloud Security Posture Management

Visibility, Compliance and Governance

Prisma Cloud delivers comprehensive visibility and control over the security posture of every deployed resource. While some solutions simply aggregate asset data, Prisma Cloud analyzes and normalizes disparate data sources to provide unmatched risk clarity.

  • Cloud asset inventory

    Gain continuous visibility across all deployed assets from a single, unified console with more than 4 billion assets monitored across customers. Leverage automated workload and application classification across more than 350 services as well as full lifecycle asset change attribution.

  • Configuration assessment

    Immediately enforce configuration guardrails with more than 1,500 policies built in across more than 350 cloud services. Automatically fix common misconfigurations before they lead to security incidents. Build custom policies once that span across multicloud environments.

  • Compliance management

    Take advantage of continuous compliance posture monitoring and one-click reporting with comprehensive coverage (CIS, GDPR, HIPAA, ISO-27001, NIST-800, PCI-DSS, SOC 2, etc.) and support for custom reporting. Easily investigate and auto remediate compliance violations.

  • Easy-to-use query language

    Gain security and operational insights about your deployments in public cloud environments. Perform configuration checks on resources and query network events across different cloud platforms. Turn queries into custom cloud-agnostic policies and define remediation steps and compliance implications.

  • Automated remediation

    Automatically resolve policy violations, such as misconfigured security groups within the Prisma Cloud console. Send alert notification to 14 third-party tools, including email, AWS Lambda, Security Hub, PagerDuty®, ServiceNow® and Slack®. Integrate with SOAR tools including Cortex® XSOAR™ for multistep remediation playbooks.

Visibility, Compliance and Governance

Threat Detection

Static, positive/negative or rule-based policies are an essential foundation for effective cloud security, but alone do not adequately cover the entire threat landscape. Anomaly-based policies that leverage machine learning to monitor and report on suspicious or unusual activities complement traditional policy libraries for a comprehensive threat detection strategy.

  • Network threat detection

    Leverage intel on more than 500 billion flow logs ingested weekly to pinpoint unusual network activities such as port scans and port sweeps and DNS-based threats such as domain generation algorithms (DGA) and cryptomining.

  • User entity behavior analytics (UEBA)

    Monitor cloud environments for unusual user activities. Discover insider threats and potential account compromises. Leverage industry-leading ML capabilities with more than 5 billion audit logs ingested weekly.

  • Integrated threat detection dashboards

    Use powerful dashboards that highlight alerts and compromises within our console, helping you easily understand suspicious network communication and user activity.

Threat Detection

Data Security

Prisma Cloud Data Security is purpose-built to address the challenges of discovering and protecting data at the scale and velocity common in public cloud environments. By combining the power of Palo Alto Networks Enterprise Data Loss Prevention (DLP) and WildFire® malware prevention service, only Prisma Cloud Data Security offers a comprehensive, integrated cloud-native solution.

  • Multicloud data visibility and classification

    With comprehensive visibility into the security and privacy posture of the data stored in AWS S3 and Azure Storage Blob, users immediately gain insight into any exposed or publicly accessible storage resources.

  • Data governance

    Use prebuilt and customizable policies to detect data such as PII in publicly exposed objects. Enable or disable data compliance profiles for types such as PII, healthcare, financial and intellectual property based on mandates.

  • Malware detection

    By leveraging WildFire, Prisma Cloud identifies and helps protect against known and unknown file-based threats that may have infiltrated storage accounts.

  • Alerting

    View alerts for each object based on data classification, data exposure and file types. Forward alerts to AWS SQS, Azure Queuing Services, Splunk® and Webhooks to notify other teams for investigation and remediation.

Data Security
Prisma Cloud
Prisma Cloud
Prisma® Cloud is the industry’s most complete Cloud Native Application Protection Platform (CNAPP), with the industry’s broadest security and compliance coverage—for infrastructure, workloads, and applications, across the entire cloud native technology stack—throughout the development lifecycle and across hybrid and multicloud environments.

Cloud Security Posture Management modules

VISIBILITY, COMPLIANCE, AND GOVERNANCE

Continuously monitor all cloud resources for misconfigurations, vulnerabilities and other security threats. Simplify compliance reporting.

THREAT DETECTION

Pinpoint the highest risk security issues with ML-powered and threat intelligence-based detection with contextual insights.

DATA SECURITY

Continuously monitor cloud storage for security threats, govern file access and mitigate malware attacks.

Featured Resources

Get more insight into what Prisma Cloud can do for your business