1 | © 2019 Palo Alto Networks. All Rights Reserved.

Paulo Vieira

pvieira@paloaltonetworks.com

Prisma CloudComplete Cloud Security

IDC Futurescape 2020

• Add slides for rate of innovation

2 | © 2019 Palo Alto Networks. All Rights Reserved.

25 Product

Releases a Week

YOUR JOURNEY TO CLOUD IS NOT ON A “PAVED ROAD”

CI / CD

Workloads

Public Cloud

Today’s Cloud Native Landscape

The Need For Speed

Development, DevOps and the business need

to move fast

The Vastness of CloudThousands of services and technologies are

emerging across multi/hybrid clouds

Security Is CrucialAs cloud adoption

accelerates, security & compliance become

board-level issues

Multiple StakeholdersCollaboration becomes challenging as security is seen as an obstacle

Challenges Are Emerging

THROUGH 2023, AT LEAST 99% OF CLOUD SECURITY FAILURES WILL BE THE CUSTOMER’S FAULT

Australian tech unicorn Canva

suffers security breach

885 Million Sensitive Financial Records

Exposed OnlineReal estate giant First American left Social Security

numbers, tax documents, and more publicly

available.

620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts

Facebook Vows to Improve Security After Hack of 29 Million Users

Capital One replaces security

chief after data breach

Online casino group leaks

information on 108 million bets,

including user details

Cloud development is fraught with complexity

Dev Repo

B

Dev Repo

C

Dev Repo

D

Dev Repo

E

Dev Repo

A

Dev Repo

F

Central Repo 1

Central Repo 2

Multiple Ungoverned Teams, Repos, Pipelines, Accounts, Clouds

Disparate tools generate alerts with no shared context

Dev Repo

B

Dev Repo

C

Dev Repo

D

Dev Repo

E

Dev Repo

A

Dev Repo

F

Central Repo 1

Central Repo 2

Overpermissive

IAM role

Data leakage

risk

Resource exposed

to public internet

Anomalous

behavior

IaC misconfiguration

CVEs in ImageVulnerable

OSS package

Misconfigured

Resource

IaC config scan via IDE & SCM Plugins

IaC config & Vuln scan in CI/CD and registry

Complete runtime security

Total visibility, compliance & governance

Dev Repo B

Dev Repo

C

Dev Repo

D

Dev Repo

E

Dev Repo

A

Dev Repo

F

Central Repo 1

Central Repo 2

Private Cloud / Data

Center

Prisma Cloud - Full lifecycle, Full Stack Security

Prisma Cloud - The Cloud Native Security Platform

Prevent, Detect & Respond

NetworkSecurity

Secure networks and enforce microsegmentation across hybrid environments

Visibility &Governance

Understand cloud environments, maintain compliance and enforce

guardrails

Compute Security

Secure containers, hosts and functions across the application cycle

IdentitySecurity

Manage and secure identity across workloads, users, and cloud services.

Build Deploy Run

A Unified Approach To Cloud Native Security

Asset

Inventory

Governance

&

Compliance

Data Security

Vulnerability

managemnt

Runtime Security

Application

Security

Network Anomaly

Detection

Micro-segmenta

tion NGFWIAM

SecurityAccess MGMT UEBA

Visibility & Compliance Compute Security Network Security Identity Security

Prevention, Detection, & Automated Response

Build

BANKING & FINANCE TECHNOLOGY HEALTHCARE

MEDIA & RETAIL GOVERNMENT INDUSTRIAL & TELECOM

One Platform For Complete Cloud Security

Enable DevSecOps

Eliminate issues early and prevent

alert fatigue by seamlessly

integrating security across the

entire lifecycle, from IDE, SCM,

CI/CD, registries, to runtime.

Complete Cloud Security

Deliver comprehensive visibility,

automation, detection, and

response across any compute,

network and cloud service.

One Platform, All Clouds

Monitor and secure multi- and

hybrid cloud environments with a

single, integrated platform.

12 | © 2019 Palo Alto Networks. All Rights Reserved.

Prisma Cloud

Compute Security

Visibility, Compliance, and Governance

Network Security

A single pane of glass for visibility, compliance, and autoremediation for your

entire cloud environment.

Build/Deploy:

Detect and preventmisconfigurations early, reduce risks and alerts in runtime

Identity Security

Run:

Catch security posture changes, detect attacks, run compliance checks and autoremediate

Prisma Cloud

Compute Security

Visibility, Compliance, Detection & Response

Network Security

Defend containers, hosts ,serverless, and applications in real time, detect and

prevent vulnerabilities, and integrate security early in the development lifecycle.

Build/Deploy:

Detect and prevent vulnerabilities and compliance issues in cloud native workloads.

Identity Security

Run:

Detect and block malicious activities on containers, hosts, and serverless with runtime protection.

Prisma Cloud

Compute Security

Visibility, Compliance, Detection & Response

Network Security

Automatically model network flows between micro-services, deploy ID-based

microsegmentation, and enforce advanced network security policies.

Build/Deploy:

Automate provisioning of network security policies during the CI/CD process and detect Security Group misconfigurations.

Identity Security

Run:

Detect network anomalies and malicious traffic, deploy advanced threat protection, and microsegmentcloud native networks.

Prisma Cloud

Compute Security

Visibility, Compliance, Detection & Response

Network Security

Decouple machine identity from IP addresses and leverage ID-based policies. Ensure

least-privileged access to cloud native resources and secure IAM across clouds.

Identity Security

Run:

Detect anomalous user behavior,

manage IAM permissions, enforce

least-privileged access and

leverage machine identity.

Leading The Cloud Native Security Market

60,000+customers

in 150+ countries

50%of Fortune 100 rely on Prisma Cloud

Investing in cybersecurity innovation and market leading solutions

CommittedTo Cloud Native

Security

Obrigado!pvieira@paloaltonetworks.com