Palo Alto rolls out new Prisma Cloud security package with reinforced CASB Credit: CIS Palo Alto Networks has bolstered its security software to better protect enterprise Software-as-a-Service (SaaS) applications. The company rolled out a new version of its core cloud-security package, Prisma Cloud 3.0, which includes the ability to code security directly into SaaS applications. The package includes a cloud-access security broker (CASB) to control access to cloud resources. Prisma is a cloud-based security bundle that includes access control, advanced threat protection, user-behavior monitoring, and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, Zero Trust network access and a secure web gateway. The overarching goal is to protect web and non-web applications. The challenge securing cloud environments stems from the nature of the cloud itself. Workloads and resources in the cloud are broadly distributed and highly ephemeral, wrote Ankur Shah, senior vice president and general manager of Palo Alto’s Prisma Cloud business in a blog about the new software. “One new cloud account connects with workloads, applications, and data, where each point presents potential attack vectors,” he wrote. Palo Alto Networks Unit 42 cloud-threat researchers found that between April and June 2020, cloud security incidents increased by an astounding 188%, and some industries saw increases of more than 400%, Shah stated. The new Prisma Cloud release includes support for infrastructure as code (IaC) scanning and code fixes that can be embedded into developer tools across the development lifecycle. The package has also been upgraded to support agentless scanning that looks at cloud provider APIs and disk snapshots to determine vulnerabilities. Prisma Cloud also now includes pre-defined rules, application profiling, and automated policy creation to simplify and accelerate microsegmentation where needed. “These new rules are validated, predefined microsegmentation rules that can help secure common applications in just minutes,” Shah stated. “Application profiling is a simple workflow that automatically generates the optimal, least-privilege microsegmentation rules for any cloud-native application, with a single click. These new capabilities help security teams accelerate their Zero Trust adoption, simplify policy creation and minimize human error.” On the CASB front, Palo Alto has bolstered the broker’s machine-learning capabilities to help identify new or unsanctioned SaaS applications as they become popular, classify them, and apply appropriate security policies, according to Anand Oswal, senior vice president and general manager of Palo Alto. The idea is to protect sensitive data in real-time with Enterprise Data Loss Prevention, which incorporates machine learning, optical character recognition, and natural language processing, Oswal stated. With increased business use of Slack, Microsoft Teams, Zoom, and other collaboration apps, users are sending shorter, more frequent messages. “Confidential information is more unstructured than ever and increasingly difficult to protect with existing CASB solutions,” Oswal stated. “This makes data breach prevention, compliance and data privacy very difficult tasks for any organization.” Legacy CASB solutions focus only on apps accessible via HTTP/S, so they miss non-SaaS and non-web apps that account for over half of all enterprise traffic. They rely on static databases and support requests for app discovery, hindering their ability to identify or contain new SaaS apps before they are a risk. They also lack APIs to secure collaboration applications heavily utilized by hybrid workforces, Oswal stated. The Next Generation CASB within Prisma Cloud addresses those concerns and uses Palo Alto’s global network of 80,000 customers with millions of sensors across SaaS, IaaS, endpoint, network and Unit 42 research to help stop known, unknown, and zero-day threats, Oswal stated. The CASB has also been integrated into the vendor’s Prisma SASE package. Beyond Prisma, Palo Alto rolled out the first specialization offering for its NextWave Managed Service Program (MSP). The NextWave MSP is made up of about 300 partners who integrate, support and help manage Palo Alto security services. The specialization brings support for Palo Alto’s Cortex eXtended Managed Detection and Response (XMDR) service which offers network, endpoint and cloud data security. The Cortex XMDR Specialization will let partners worldwide combine Cortex XDR, with their managed-services offerings to help customers streamline security operations center (SOC) operations and quickly mitigate cyber threats, Palo Alto stated. Related content news Cisco adds AI features to AppDynamics On-Premises A new virtual appliance for Cisco's AppDynamics observability platform will give enterprise customers more deployment options as well as AI-driven capabilities for anomaly detection and root cause analysis, application security, and SAP monitori By Michael Cooney May 10, 2024 4 mins Network Management Software Network Monitoring news CHIPS Act to fund $285 million for semiconductor digital twins Plans call for building an institute to develop digital twins for semiconductor manufacturing and share resources among chip developers. By Andy Patrizio May 10, 2024 3 mins CPUs and Processors Data Center news Microsoft’s AI ambitions fuel $3.3 billion bet on Wisconsin data center The Mount Pleasant site was initially earmarked for a manufacturing plant operated by electronics giant Foxconn. By Sascha Brodsky May 10, 2024 6 mins Data Center news analysis Red Hat unveils image mode for its Linux distro New container image deployment method for Red Hat Enterprise Linux is aimed at helping enterprises streamline operations and management. By Maria Korolov May 09, 2024 5 mins Linux Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe