Gain comprehensive real-time visibility into your cloud infrastructure by
discovering and analyzing assets protected by Prisma AIRS AI
Runtime: Network intercept and VM-Series firewalls. The discovery
dashboard displays threats, network traffic, and protection status across both firewall
platforms when onboarded through Strata Cloud Manager.
Key Assets Discovered
Virtual Machine (VM) workloads.
Clusters and containers.
Serverless workloads: For Azure functions and AWS Lambda functions, you can
discover and analyze serverless workloads.
Prerequisite for serverless
discovery:
For Azure: A Reader role for your cloud account.
For AWS: IAM permissions to list, describe Lambda functions, and
retrieve tags associated with functions.
AI and non AI applications, AI models, and AI data.
Network traffic.
Important Notes on Discovery
Strata Cloud Manager doesn't detect or manage VM-Series firewall
deployed outside of the Prisma AIRS AI Runtime onboarding
workflow.
While the discovery service updates continuously, please note that deleted cloud
assets may continue to appear in the discovery UI for approximately 24 hours
after deletion from the cloud environment.
Analyzing Discovered Assets
Navigate to Insights Prisma AIRS Prisma AIRS AI Runtime: Network intercept to see a list of protected and unprotected cloud assets, including
applications, risky endpoints, user applications, AI models, and internet endpoints.
The discovery helps you analyze both AI and non-AI security traffic flow logs
and threat logs, enabling you to identify and correlate malicious threats with the
identified cloud assets. You can view threats detected from both platforms, analyze
network traffic flows, and understand which applications are secured by each firewall
type.
The Dashboard: AI Runtime Security provides
actionable insights into all cloud assets in your onboarded cloud account. It classifies
and prioritizes security issues based on threat urgency and risk categories, such as
vulnerability detection and prompt injection attacks. The discovery of assets is
classified into the operational and security views.
.
The Operational view displays all cloud assets: application
workloads, application users, and AI models. The view also shows the
bidirectional communication flows between:
User to application
Application to the AI model
Application to the internet, and
Application to application.
The Security view highlights the threat landscape with
security issues prioritized by urgency and risk type.
Based on the security analysis from the security view, you can add Prisma AIRS AI Runtime: Network intercept or VM-Series firewall by selecting the "+" icon on the dashboard.
