1. Home
    2. Prisma
    3. Prisma Cloud

    Prisma™ Cloud is a cloud security posture management (CSPM) and cloud workload protection platform (CWPP) that provides comprehensive visibility and threat detection across your organization’s hybrid, multi-cloud infrastructure. 

    Prisma Cloud taps into the cloud providers’ APIs for read-only access to your network traffic, user activity, and configuration of systems and services, and correlates these disparate data sets to help the cloud compliance and security analytics teams prioritize risks and quickly respond to issues. It also uses an agent-based approach to secure your host, container, and serverless computing environments against vulnerabilities, malware, and compliance violations.

    For visibility, compliance and governance of your cloud environments Prisma Cloud is available as a cloud-delivered or SaaS service. For securing your host, container, and functions across the application lifecycle, Prisma Cloud is available as:

    • Prisma Cloud Compute, which is the SaaS version of the full Cloud Native Security Platform that delivers host, container, and serverless capabilities along with the cloud security posture management capabilities.
      Palo Alto Networks operates the Console for you, and you must deploy the agents (Defenders) into your environment to secure hosts, containers, and serverless functions running in any cloud, including on-premises. 
    • Prisma Cloud Compute Edition, which is the downloadable, self-hosted software that you can use to protect hosts, containers, and serverless functions running in any cloud, including on-premises and even fully air-gapped environments. You must deploy and operate the Console and Defenders in your own environment. 

    *Review the Prisma Cloud privacy datasheet.

    Latest Releases

    November 2020
    • RQL Syntax Updates for Extensibility
    • New RQL attribute for Config queries - azure.resource.group 
    • Serverless remediation for AWS, available as community supported runbooks on GitHub.
    • Prisma Cloud Data Security adds the ability to view scan status, and disable data profiles and focus on data security issues that you care about.
    • DevOps Inventory, Build Alert Rules and Resource List for IaC Scan
    • Jenkins plugin for IaC scan
    October 2020
    • Support for new compliance standards- CIS GKE v 1.1.0, NIST 800-53 Rev 5, and Multi Level Protection Scheme v2.0.
    • Adjustable Scan Quota for Prisma Cloud Data Security
    • Role-Based Authentication on Amazon SQS Integration
    • Support for CIS v1.1.0 on GCP and CIS v1.3.0 on AWS
    • New policies and policy updates
    September 2020 
    • Support for AWS Organizations on Prisma Cloud
    • Consolidation of Unusual User Activity / UEBA Anomaly Settings
    • Expanded Support for Roles with Just-in-Time (JIT) Provisioning
    • Prisma Cloud Compute Edition 20.09 introduces the following changes:
      •  Web Application and API Security module
      • VMware Tanzu Application Service Defender with runtime protection
      • Git repo vulnerability management
      • Updated host protection capabilities

    Getting Started

    1. Access Prisma Cloud
    2. Connect your Cloud Environment on Prisma Cloud
    3. Manage Prisma Cloud Alerts
    4. Investigate issues Using RQL
    5. Manage Host, Container, and Serverless Deployments

    Documentation

    Prisma Cloud Administrator Guides and Release Notes

    Prisma™ Cloud Administrator's Guide

    Read Now

    Prisma™ Cloud Release Information

    Review the Prisma Cloud release notes to learn about all the exciting new features and known issues.

    Read More

    Prisma™ Cloud Administrator's Guide (Compute)

    Learn how to use the Compute tab on the Prisma Cloud administrative console to deploy Prisma Cloud Defenders and secure your hosts, containers, and serverless functions.

    Choose Version

    Prisma™Cloud Compute Edition Release Notes

    Stay informed on the new features for securing your hosts, containers, and serverless functions and breaking changes in Prisma™ Cloud Compute Edition.

    Choose Version

    Prisma™ Cloud API Reference

    Refer to the API documentation to learn how to securely access and use the Prisma Cloud APIs to monitor your cloud accounts.

    Read the API docs

    Prisma™ Cloud Compute API Reference

    Access the Prisma Cloud Compute APIs to automate the set up and deployment of Defenders in your cloud environments.

    Let's Go

    Prisma Cloud Supporting Documentation

    Prisma™ Cloud Resource Query Language (RQL) Reference

    Use a flexible query language to perform checks on resources deployed across different cloud platforms.

    Take Me There!

    Prisma™ Cloud Compute Reference Architecture

    Protect your container, serverless functions, non-container hosts, or any combination! This guide provides Enterprise and Security Architects guidance on how to deploy Prisma Cloud Defenders and integrate with systems commonly found in the enterprise stack.

    Tell Me More

    Prisma™ Cloud Compute Operationalize Guide

    Use this guide to derive quick time to value with the Compute tab capabilities available with the Prisma Cloud Enterprise Edition license. The guidelines enable you to plan for the work ahead, configure and deploy Prisma Cloud Defenders, and measure your progress.

    Learn More

    Prisma™Cloud DevOps Security

    Urge your developers and security teams to identify insecure configurations in common Infrastructure-as-Code (e.g. AWS Cloud Formation Templates, HashiCorp Terraform templates, Kubernetes App Deployment YAML files) with Prisma Cloud IaC scanning capabilities.

    Learn About IaC Scan

    Related Videos

    Protect Containers Running in Google Kubernetes Engine

    The VM-Series on GCP protects containers running in Google Kubernetes Engine. Container visibility empowers security operations teams to make informed security decisions and respond more quickly to potential incidents

    Lightboard Series: Continuous Cloud Security and Compliance Explained

    Addressing security and compliance in the cloud requires a rigorous and continuous approach that ensures risks are Identified and controlled with speed. In this lightboard video, watch Tim Prendergast, Chief Cloud Officer at Palo Alto Networks, discuss how organizations can automate the management of cloud security and compliance risks so that they can minimize the attack surface and protect their public cloud deployments.

    Lightboard Series: Firewall Services VPC Integration

    This Lightboard discusses how to integrate the VM-Series next-generation firewall into an AWS Services VPC architecture as a means of addressing security for an environment with many VPCs.

    Related Documentation

    Simplifying Your Multi-Cloud Security Strategy

    View Blog Article
    Book Image

    Containers: Fueling Your Move to DevSecOps

    View Blog Article

    Safely Enable SaaS Applications with Prisma™ SaaS

    Secure your business-critical data residing within enterprise SaaS applications with Prisma™ SaaS. Prisma SaaS is an API-based cloud access security broker deployment that can connect directly to your sanctioned SaaS applications for data classification, DLP and threat detection. It helps you maintain compliance while preventing data leaks and disruption for business-critical applications. .

    Bridge the SaaS Gap

    Secure Branch Offices and Mobile Users

    Protect all your offices and mobile users with Prisma™ Access.

    Read Now

    The Best Method to Secure the Cloud Starts Offline

    View Blog Article

    Enterprise DLP

    Palo Alto Networks Enterprise DLP is the industry’s first cloud-delivered solution that comprehensively protects sensitive data across all networks, clouds, and users. It easily enables data protection and compliance in minutes, eliminating deployment and ongoing management cycles to ensure the most cost effective enterprise DLP on the market.

    Review DLP

    © 2020 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo