Prisma Cloud

Prisma™ Cloud is a cloud security posture management (CSPM) and cloud workload protection platform (CWPP) that provides comprehensive visibility and threat detection across your organization’s hybrid, multi-cloud infrastructure.

Prisma Cloud taps into the cloud providers’ APIs for read-only access to your network traffic, user activity, and configuration of systems and services, and correlates these disparate data sets to help the cloud compliance and security analytics teams prioritize risks and quickly respond to issues. It also uses an agent-based approach to secure your host, container, and serverless computing environments against vulnerabilities, malware, and compliance violations.

For visibility, compliance and governance of your cloud environments Prisma Cloud is available as a cloud-delivered or SaaS service. For securing your host, container, and functions across the application lifecycle, Prisma Cloud is available as:

Prisma Cloud Compute, which is the SaaS version. Palo Alto Networks operates the Console for you, and you must deploy the agents (Defenders) into your environment to secure hosts, containers, and serverless functions.
Prisma Cloud Compute Edition, which is self-hosted . You must deploy and operate the Console and Defenders in your own environment.

Latest Releases

March 2020	Geo-location avialability for port scan and port sweep alerts. Granular licensing data on hourly or daily licensed workloads in CSV. Prisma Cloud integration with Cortex XSOAR (formerly Demisto) supports multi-tenant Cortex XSOAR deployments.
February 2020	Streamlined onboarding workflow for your cloud accounts on Alibaba, AWS, Azure, and GCP. The new CFT and Terraform templates use your inputs to enable the permissions that Prisma Cloud requires to start monitoring your cloud resources. More new policies to strengthen your security posture.
January 2020	Support for checks to verify compliance against new data privacy rights for California residents with the California Consumer Privacy Act (CCPA), and Personal Information Protection and Electronic Documents Act (PIPEDA) standards. Alert notification emails with attachments. Scheduled reports for reviewing compliance posture and trends at a recurring interval or a one-time audit. Asset Inventory is updated to make it more interactive and visually engaging. RQL functions to enable better investigation -_IPAddress.inCIDRRange and _Set.
December 2019	HiTrust Compliance Standard Version 9.3 support on AWS, Azure, and GCP. Tag-Based Filtering for all cloud resources using RQL. AWS GovCloud (East) supported on Prisma Cloud Automated alert remediation for multi-step tasks using CLI in custom policy.

Getting Started

Documentation

Prisma Cloud Administrator Guides and Release Notes

Prisma™ Cloud Administrator's Guide

Find the answers on how to configure Prisma Cloud for securing your cloud infrastructure.

Read Now

Prisma™ Cloud Release Information

Review the Prisma Cloud release notes to learn about all the exciting new features and known issues.

Prisma Cloud Administrator’s Guide (Compute)

Learn how to use the Compute tab on the Prisma Cloud administrative console to deploy Prisma Cloud Defenders and secure your hosts, containers, and serverless functions.

Prisma™Cloud Compute Edition Release Notes

Stay informed on the new features for securing your hosts, containers, and serverless functions and breaking changes in Prisma™ Cloud Compute Edition.

What's New?

Prisma™ Cloud API Reference

Refer to the API documentation to learn how to securely access and use the Prisma Cloud APIs to monitor your cloud accounts.

Read the API docs

Prisma™ Cloud Compute API Reference

Access the Prisma Cloud Compute APIs to automate the set up and deployment of Defenders in your cloud environments.

Let's Go

Prisma Cloud Supporting Documentation

Prisma Cloud Resource Query Language (RQL) Reference

Use a flexible query language to perform checks on resources deployed across different cloud platforms.

Take Me There!

Prisma Cloud Compute Reference Architecture

Protect your container, serverless functions, non-container hosts, or any combination! This guide provides Enterprise and Security Architects guidance on how to deploy Prisma Cloud Defenders and integrate with systems commonly found in the enterprise stack.

Tell Me More

Prisma Cloud Compute Operationalize Guide

Use this guide to derive quick time to value with the Compute tab capabilities available with the Prisma Cloud Enterprise Edition license. The guidelines enable you to plan for the work ahead, configure and deploy Prisma Cloud Defenders, and measure your progress.

Learn More

Prisma™Cloud DevOps Security

Urge your developers and security teams to identify insecure configurations in common Infrastructure-as-Code (e.g. AWS Cloud Formation Templates, HashiCorp Terraform templates, Kubernetes App Deployment YAML files) with Prisma Cloud IaC scanning capabilities.

Learn About IaC Scan

Related Videos & Documentation

Protect Containers Running in Google Kubernetes Engine

The VM-Series on GCP protects containers running in Google Kubernetes Engine. Container visibility empowers security operations teams to make informed security decisions and respond more quickly to potential incidents

Lightboard Series: Continuous Cloud Security and Compliance Explained

Addressing security and compliance in the cloud requires a rigorous and continuous approach that ensures risks are Identified and controlled with speed. In this lightboard video, watch Tim Prendergast, Chief Cloud Officer at Palo Alto Networks, discuss how organizations can automate the management of cloud security and compliance risks so that they can minimize the attack surface and protect their public cloud deployments.

Simplifying Your Multi-Cloud Security Strategy

View Blog Article

Containers: Fueling Your Move to DevSecOps

View Blog Article

Safely Enable SaaS Applications with Prisma™ SaaS

Secure your business-critical data residing within enterprise SaaS applications with Prisma™ SaaS. Prisma SaaS is an API-based cloud access security broker deployment that can connect directly to your sanctioned SaaS applications for data classification, DLP and threat detection. It helps you maintain compliance while preventing data leaks and disruption for business-critical applications. .

Bridge the SaaS Gap

The Best Method to Secure the Cloud Starts Offline

View Blog Article

Secure Branch Offices and Mobile Users

Protect all your offices and mobile users with Prisma™ Access.

Read Now

Lightboard Series: Firewall Services VPC Integration

This Lightboard discusses how to integrate the VM-Series next-generation firewall into an AWS Services VPC architecture as a means of addressing security for an environment with many VPCs.