Connect with us

Company News

Palo Alto Networks cozies up to CNAPP at Ignite

Palo Alto Networks kicked off its annual Ignite conference with new capabilities across its secure access services edge (SASE) and cloud-native application protection platforms (CNAPP). It also added a managed detection and response partner program based on its extended detection and response (XDR).

The updates collectively aim to secure a work-from-anywhere workforce, Palo Alto Networks Chief Product Officer Lee Klarich said. “How do we safely enable that construct, which is very much becoming the norm?”

Enterprises also seek to secure applications across cloud environments, he added. “With many of our customers being hybrid in nature, but increasingly moving toward more public-cloud native architectures, how do we secure that move in a way that actually embraces the constructs of cloud?”

Next-Generation CASB
First up: Palo Alto Networks’ SASE got a brand new cloud access security broker (CASB), aptly named Next-Generation CASB.

The vendor says its new CASB, which it will deliver via its Prisma Access 3.0 platform in January, automatically finds and secures all software-as-a-service (SaaS) and on-premises applications including collaboration apps like Slack. It uses machine learning (ML) to automatically identify new or unsanctioned SaaS applications, classify them, and apply appropriate security policies.

Unlike legacy CASBs that only protect web applications using HTTP or HTTPS protocols, Palo Alto Networks’ Next-Generation CASB “secures all applications of today’s hybrid enterprise,” said Anand Oswal, SVP of products for Palo Alto Networks.

Next-Generation CASB also protects sensitive data in real-time with Palo Alto Networks’ enterprise data loss prevention, which now uses ML, advanced optical character recognition, and natural-language processing. And it uses Palo Alto Networks’ threat detection and prevention capabilities, combined with Unit 42 threat intelligence, to stop known and unknown threats.

Palo Alto Networks embraces CNAPP
The security vendor also announced new capabilities for its Prisma Cloud security platform. This product essentially converges cloud workload protection platforms (CWPP) and cloud security posture management (CSPM) into what Gartner calls a cloud-native application protection platform (CNAPP).

Gartner recently coined CNAPP, and the whole cloud security sector has quickly rallied around this name and product category.

As the name suggests, CNAPP products secure cloud-native, microservices-based architectures including containers, Kubernetes, and serverless. They also combine CSPM, CWPP, and cloud infrastructure entitlements management, which manage identity and access privileges across multi-cloud environments. And finally, they help organizations adopt a DevSecOps approach to security by helping them identify vulnerabilities and misconfigurations early in the development process.

Prisma Cloud already had combined CSPM, CWPP, and identity and access management for Amazon Web Services (AWS) with Prisma Cloud. Today at Ignite, Palo Alto Networks fleshed out some of its missing CNAPP capabilities with Prisma Cloud 3.0.

Prisma Cloud security shifts left
“The next big shift in cloud security,” Klarich said, “is moving cloud security into the full application lifecycle, embracing the dev and DevOps functions, and helping make them part of the solution to how cloud applications are secured.”

In this move to shift security left in the development process, Prisma Cloud added new infrastructure as code (IaC) security capabilities. These come from Palo Alto Networks’ Bridgecrew acquisition earlier this year. And they aim to proactively fix flaws and code misconfigurations before the application reaches deployment by embedding scanning and security into developers’ tools.

Prisma Cloud already offered agent-based security for cloud environments and today it added agentless security. “In the first release we’re going to have support for host in AWS, and we’re going to follow that up by supporting multiple clouds across host, container, and serverless functions with agentless,” SVP of products Ankur Shah said.

This will let customers mix and match both agent-based and agentless across their cloud environments and manage rules from a single UI. “Customers don’t have to choose one or the other,” Shah said. “They can choose both.”

Finally, Prisma Cloud 3.0 adds identity and access management for Microsoft Azure (it already supported AWS). This includes net effective permissions analysis for Azure and Azure Active Directory integration. And it added identity-based microsegmentation with pre-defined rules and automated policy creation.

“So we’ll analyze your traffic, and you don’t have to write the rules yourselves,” Shah said. “The platform will automatically suggest some rules based on the network traffic analysis.”

Managed XDR with Cortex
The vendor’s third update focuses on its Cortex XDR platform with a new partner program for managed security services providers. It’s called Cortex eXtended Managed Detection and Response Specialization, and it allows partners to combine Cortex XDR with their managed services offerings.

To achieve specialization status, partner organizations must have Cortex XDR certified security operations center analysts or threat hunters on staff and available 24/7. Launch partners include PwC, Orange Cyberdefense, Critical Start, and Trustwave. SDxCentral

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Copyright © 2024 Communications Today

error: Content is protected !!