Palo Alto Networks bolsters its cloud native security offerings

Palo Alto Networks, a leader in The Forrester Wave™: Cloud Workload Security, Q1 2022, announced the addition of Out-of-Band Web Application and API Security (Out-of-Band WAAS) to Prisma Cloud to help organizations secure web applications with maximum flexibility.

Until recently, deploying inline web application firewalls was the primary industry approach to securing web applications (WAFs). However, due to performance and scalability concerns, some organizations are hesitant to implement WAFs or API security solutions inline.

With today’s announcement, Prisma Cloud can now provide organizations with deep web and API security both inline and out of band, allowing them to choose how to protect their cloud applications.

“Companies no longer have to decide between application security and performance. By adding Out-of-Band WAAS to Prisma Cloud, we are empowering customers with flexible security options that fit their evolving application needs,” said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. “As more organizations move workloads to the cloud, the capabilities that makeup Prisma Cloud help provide the most complete protection, reducing complexity and increasing visibility across infrastructure, workloads, identities and applications.”

“As organizations increasingly build and deploy their applications in the cloud, protecting their business-critical applications without impacting performance has been a challenge,” said Melinda Marks, senior analyst, ESG. “Adding the option of Out-of-Band WAAS helps both developer and security teams secure their applications with the same level of security as traditional in-line WAFs and API security without impacting performance.”

Prisma Cloud is getting new threat detection, alert prioritization, and permissions management capabilities, in addition to Out-of-Band WAAS, to help organizations gain deeper, unified visibility across their entire cloud application portfolio:

• Multicloud Graph View for Cloud Infrastructure Entitlement Management (CIEM): Discover privileged accounts and assess access risk in multicloud environments. Prisma Cloud now offers a graph view of AWS, Microsoft Azure, and Google Cloud net effective permissions.
• Multicloud Agentless Cloud Workload Protection: Extend visibility into cloud workloads and application risks across Azure and Google Cloud, in addition to AWS, to complement existing agent-based protection.
• DNS-Based Threat Detection: Surface malicious activity and anomalous behavior in cloud environments. Prisma Cloud Threat Detection now leverages machine learning (ML) and advanced threat intelligence to identify bad actors hiding in DNS traffic.
• MITRE ATT&CK^® Alert Prioritization: Enable security teams to prioritize risks and incidents based on the industry’s most widely adopted framework.