Cloud Discovery and Exposure Management

Prisma® Cloud highlights unmanaged cloud assets and provides native workflows to convert them into managed assets.

Rapid innovation leads to shadow cloud deployments, leaving security blind spots. Attackers can discover and exploit internet exposures before security teams even know about them.

Learn how to secure internet exposure risk.

Combat Shadow Cloud Deployments with Cloud Discovery and Exposure Mitigation

Prisma Cloud accurately discovers and attributes internet exposed assets deployed across AWS, Microsoft Azure and Google Cloud (GCP). Security teams can investigate and communicate risk to application owners to remediate internet exposure risks. Prisma Cloud provides native workflows to convert unmanaged assets into managed assets protected by CSPM capabilities. Cloud Discovery and Exposure Management capabilities are backed by the industry leader in attack surface management: Cortex® Xpanse™.
  • Discover unknown internet-exposed cloud assets.
  • Evaluate internet exposure risks across clouds.
  • Easily onboard unmanaged assets to Prisma Cloud for security compliance and governance.
  • External asset discovery
    External asset discovery
  • Exposure risk assessment
    Exposure risk assessment
  • Onboard assets and remediate risk
    Onboard assets and remediate risk


Our Approach to Cloud Discovery and Exposure Management

External Asset Discovery

Tackle security blind spots by leveraging an outside-looking-in view into your environment to find rogue internet-exposed cloud assets that security teams are unaware of. Cloud discovery and exposure management (CDEM) leverages attack surface management technology powered by Cortex Xpanse within Prisma Cloud, so security teams can locate rogue cloud assets. By taking an outside-looking-in view into your environment security teams can now discover a complete asset inventory by combining these unmanaged assets with assets already managed by Prisma Cloud.

  • Visibility into rogue cloud assets

    Discover unknown or unmanaged cloud assets that are exposed to the internet. Get details such as: exposed services (eg. https, RDP, FTP, Databases), asset owner details, geo location, service certificates and more.

  • Continuous monitoring

    Track all internet-exposed cloud assets across cloud environments. Quickly understand asset inventory trends such as growing and shrinking unmanaged exposures over time.

  • Multicloud coverage

    Identify cloud assets across AWS, Azure and GCP that are not under Prisma Cloud management.

  • M&A exposure risk evaluation

    Improved and informed security posture pre- and post- mergers and acquisitions.

External Asset Discovery

Exposure Risk Assessment

Assess internet exposure risk by understanding what your environment looks like from an attacker's point of view and how vulnerabilities can be exploited.

  • Remote access weaknesses

    Detect exploitable vulnerabilities and misconfigurations that help gain privileged access to your environment, including remote desktop protocol (RDP), insecure open SSH, LDAP and more.

  • Developer infrastructure and applications

    Identify exposure risk across critical systems such as web applications and Kubernetes APIs.

  • Data loss prevention

    Spot publicly exposed databases and insecure file sharing services such as unencrypted FTP servers, server message block (SMB), unclaimed S3 buckets, and more.

Vulnerability Management

Onboard Unmanaged Assets and Remediate Risk

Secure your cloud environment by leveraging the industry leading Prisma Cloud. Easily onboard unmanaged assets to Prisma Cloud for visibility and control over your cloud security posture.

  • Bring rogue cloud assets into Prisma Cloud management

    Convert unmanaged assets to managed assets with a simple workflow.

  • Reduce internet exposure risk

    See misconfigurations that enable internet exposures and remediate risk using cloud security posture management capabilities.

  • Monitor security posture

    Get continuous monitoring of cloud security posture with the best-in-class Prisma Cloud platform.

Onboard Unmanaged Assets and Remediate Risk

Valuable Resources