* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Cloud Workload Protection Platform](https://www2.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/)
* Prisma Cloud 2.0: The Ind...

# Prisma Cloud 2.0: The Industry's Most Comprehensive CNSP

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2020%2F10%2Fcloud-evolution-comprehensive-cnsp%2F)  
[](https://twitter.com/share?text=Prisma+Cloud+2.0%3A+The+Industry%E2%80%99s+Most+Comprehensive+CNSP&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2020%2F10%2Fcloud-evolution-comprehensive-cnsp%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2020%2F10%2Fcloud-evolution-comprehensive-cnsp%2F&title=Prisma+Cloud+2.0%3A+The+Industry%E2%80%99s+Most+Comprehensive+CNSP&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2020/10/cloud-evolution-comprehensive-cnsp/&ts=markdown)  
\[\](mailto:?subject=Prisma Cloud 2.0: The Industry’s Most Comprehensive CNSP)  
Link copied  
By [Keith Mokris](https://www.paloaltonetworks.com/blog/author/keith-mokris/?ts=markdown "Posts by Keith Mokris")  
Oct 13, 2020  
5 minutes  
[Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown)  
[DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)  
[Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)  
[Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/tag/cloud-native-security-platform/?ts=markdown)  
[Prisma Cloud](https://www.paloaltonetworks.com/blog/tag/prisma-cloud/?ts=markdown)  
[Product Announcement](https://www.paloaltonetworks.com/blog/tag/product-announcement/?ts=markdown)

With the rollout of Prisma Cloud in November 2019, Palo Alto Networks [announced a new category](https://www.paloaltonetworks.com/blog/2019/11/cloud-native-security-platform/) in cloud security -- the Cloud Native Security Platform (CNSP) -- for securing cloud native applications. Today, our release of Prisma Cloud 2.0 presents an evolution in the space with four new functionality modules and further platform alignment with key user needs and market categories.

###### **Cloud Security Posture Management**

[Cloud Security Posture Management](https://www.paloaltonetworks.com/prisma/cloud/cloud-security-posture-management) (CSPM) leverages data from public cloud service providers to deliver continuous visibility, security policy compliance and threat detection across cloud resources, users, data and applications. CSPM includes [shift-left capabilities](https://www.paloaltonetworks.com/resources/techbriefs/shift-left-and-enable-devsecops) to scan infrastructure-as-code (IaC) templates across the application lifecycle.

###### **Cloud Workload Protection**

[Cloud Workload Protection](https://www.paloaltonetworks.com/prisma/cloud/cloud-workload-protection-platform) (CWPP) helps secure cloud native applications across the application lifecycle, defined by the requirement to protect hosts (VMs), containers and serverless from a single console.

###### **Cloud Network Security**

[Cloud Network Security](https://www.paloaltonetworks.com/prisma/cloud/cloud-network-security) (CNS) helps protect cloud networks and applications, combining network visibility and microsegmentation for full-stack network security across multi- and hybrid-clouds.

###### **Cloud Infrastructure Entitlement Management**

[Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/prisma/cloud/cloud-infrastructure-entitlement-management) (CIEM) enables visibility and control over cloud identities to ensure least-privileged user access governing cloud resources, compute and data.

![Prisma Cloud: Cloud Native Security Platform (CNSP). In Prisma Cloud 2.0, there are four platform pillars and functionality modules: Cloud Security Posture Management, Cloud Workload Protection, Cloud Network Security and Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/10/image6.png)
New Prisma Cloud platform pillars and functionality modules

## The Need for a Cloud Native Security Platform

We're releasing Prisma Cloud 2.0 to support the many enterprises that are actively embracing multi-cloud architectures across various compute paradigms. According to the [2020 State of Cloud Native Security Report](https://www.paloaltonetworks.com/state-of-cloud-native-security), infrastructure and security leaders shared:

* **They are in a multi-cloud world:** 94% of respondents shared they are using more than one cloud platform, with 60% stating they use between two and five cloud platforms.
* **Organizations are also leveraging multiple compute offerings:** According to our survey, 86% of organizations expect their usage of cloud workloads to increase or stay the same, using a combination of VMs, containers, containers-as-a-service (CaaS) and platform-as-as-service (PaaS)/Serverless architectures.

As organizations march forward in their multi-cloud and multi-compute reality, they require new capabilities to implement consistent cloud security policies and manage risk holistically. These needs are best met through a single, comprehensive platform -- indeed, 51% of high-performing organizations in the report said a single end-to-end solution [would improve their cloud security posture](https://www.paloaltonetworks.com/blog/2020/06/cloud-native-security-genome/).

These organizations have a need to eliminate overhead associated with maintaining open source and point solutions, and eliminate the visibility gaps in a disjointed security stack. Consolidated platforms can also reduce alert fatigue and help control shadow IT associated with complex multi- and hybrid-cloud environments.

## Four New Modules Integrated Within Prisma Cloud 2.0

This latest release further allows organizations to implement consistent cloud security policies, all within a single solution and controlled from one dashboard. Below, we highlight the latest capabilities added to Prisma Cloud for its 2.0 release.

##### **Data Security: Discovery, Classification and Malware Detection for AWS S3**

[Prisma Cloud Data Security](http://blog.paloaltonetworks.com/prisma-cloud/protect-sensitive-cloud-data) is purpose-built to address the challenges of discovering and protecting data at the scale and velocity common in public cloud environments. These new capabilities reduce the burden on security teams by providing a cloud native solution that leverages [Palo Alto Networks Enterprise DLP](https://www.paloaltonetworks.com/enterprise-data-loss-prevention) engine to help easily discover and protect sensitive data stored across public cloud environments. The Data Security module also uses Palo Alto Networks industry-leading [WildFire service](https://www.paloaltonetworks.com/products/secure-the-network/wildfire) to detect known and unknown malware that may have infiltrated the customer's Amazon Web Services Simple Storage Service (AWS S3) buckets.

![This screenshot shows the Data Security Dashboard in Prisma Cloud 2.0, including information such as Total Buckets, Total Objects, Top Publicly Exposed Objects by Classification, and Top Object Owners by Exposure.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/10/image3.png)
Prisma Cloud Data Security dashboard

At launch, Prisma Cloud Data Security will enter limited GA and be available to a subset of Prisma Cloud Enterprise Edition customers.

##### **Web Application and API Security: Protecting Web Applications and APIs from Attacks**

Cloud native applications are made up of a combination of containers, functions and underlying host compute resources, and require protection for front-end facing web applications and APIs. The latest release integrates [Web Application and API Security](https://www.paloaltonetworks.com/blog/prisma-cloud/secure-cloud-native-api-microservices/) into the Prisma Cloud unified agent framework.

![This screenshot shows an example of configuring Web Application and API Security in Prisma Cloud 2.0. The example screen features options for App Detection, App Firewall and Access Content](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/10/image1.png)
Configuring Web Application and API Security in Prisma Cloud

Users can protect applications against the [OWASP Top 10](https://owasp.org/www-project-top-ten/) critical security risks for web applications, secure APIs from application-layer attacks, implement file upload protection and more -- all from a single dashboard integrated with the protection already leveraged today.

##### **Identity-Based Microsegmenation with Aporeto Integration**

Following the [acquisition](https://www.paloaltonetworks.com/company/press/2019/palo-alto-networks-completes-acquisition-of-aporeto) of identity-based segmentation leader Aporeto, Prisma Cloud is moving forward with the integration of Aporeto technology in our [Identity-Based Microsegmentation module](http://blog.paloaltonetworks.com/prisma-cloud/aporeto-integration-prisma-cloud).

![This screenshot shows an example of managing identity-based microsegmentation in Prisma Cloud 2.0. In this case, the image tracks connections and separations between information stored in two different public clouds.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/10/image2.png)
Managing Identity-Based Microsegmentation in Prisma Cloud

Identity-Based Microsegmentation provides end-to-end visibility of network communications to network and cloud security teams, along with comprehensive security policy control and management. In the weeks after launch, the module will enter live preview and be available to a subset of Prisma Cloud Enterprise Edition customers.

##### **IAM Security: Establishing Least Privilege for Cloud Identities**

Securing user identity in the cloud presents tremendous challenges for cloud infrastructure and security teams. Improper Identity and Access Management (IAM) configurations, such as overly permissive roles, reusing roles, dormant roles or exposed resources can have [profound consequences](https://www.paloaltonetworks.com/prisma/cloud/unit42-ctr-oct-2020-IAM) for cloud security.

![This screenshot shows an example of IAM Security policies in Prisma Cloud 2.0. Information tracked includes policy name, category, type, class and subtype.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/10/image5.png)
Prisma Cloud IAM Security policies

With this latest release of Prisma Cloud, users can leverage our [IAM Security module](http://blog.paloaltonetworks.com/prisma-cloud/IAM-security-controls) to gain visibility into effective permissions and user activity, implement governance over excessive or unused permissions and respond to issues with least-privilege recommendations or automated remediation.

## Conclusion

These new modules and capabilities give organizations a single platform for truly powerful security in cloud native development. With Prisma Cloud 2.0, DevOps, cloud infrastructure and security professionals can more confidently secure the innovations that drive user engagement.

To learn more about these latest enhancements and how they fit into our vision for the platform, check out our [fireside chat on LinkedIn Live](https://www.linkedin.com/events/cloudnativesecurity-firesidecha6719607962433798144/) on Oct. 20. Palo Alto Networks product leadership and other industry experts will discuss the latest cloud trends and offer insights on how to protect your cloud native applications.

*** ** * ** ***

## Related Blogs

### [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Prisma Cloud 2.0 Just Launched: Why a Comprehensive CNSP is Essential](https://www2.paloaltonetworks.com/blog/2020/10/cloud-comprehensive-cnsp-essential/)

### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Highlighting the Latest Compute Security Capabilities in Prisma Cloud](https://www2.paloaltonetworks.com/blog/2020/04/cloud-compute-security/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### 3 Myths About Security in the Cloud](https://www2.paloaltonetworks.com/blog/2020/04/cloud-3-myths-about-security-in-the-cloud/)

### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Prisma Cloud Native Security Platform Embeds Security into DevOps Lifecycle](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-native-security-platform-2/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### The Best Method to Secure the Cloud Starts Offline](https://www2.paloaltonetworks.com/blog/2020/03/cloud-secure-the-cloud/)

### [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Breaking Down Silos with DevSecOps](https://www2.paloaltonetworks.com/blog/2020/03/cloud-break-silos-devsecops/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language