Learn about how Prisma Cloud enables identity-based microsegmentation.
To address the security challenges for DevOps and SecOps
teams who deploy and manage cloud native applications across multi-cloud
and hybrid cloud environments, Prisma Cloud provides the ability
to enforce security policies on applications deployed on Linux hosts,
Windows hosts, or Kubernetes infrastructure, and gain end-to-end
visibility of ingress, egress, and pod-to-pod communications.
Identity-Based microsegmentation on Prisma Cloud is based on
Decoupling security from the network by assigning every
workload a cryptographic identity. The identity, which is derived
using metadata from AWS, GCP, Azure, Kubernetes and other application
contexts, becomes the perimeter instead of an IP address.
Discovering applications and learning the communication patterns
both inside and across clouds. Prisma Cloud then maps this information
in real-time with workload identity context, not IP and port.
Enabling centralized policy management for endpoints that are
distributed. Policies can be auto-generated for you or you may choose
a more declarative approach to defining and testing segmentation
policies without impacting runtime.
Authenticating and authorizing each connection request using
workload identity. The ability to control communications between
workloads and enables you to segment applications and implement
With the Identity-Based Microsegmentation add-on license, Get Started.