* [Blog](https://www2.paloaltonetworks.com/blog)
* [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Computing](https://www2.paloaltonetworks.com/blog/category/cloud-computing-2/)
* Strengthening Integration...

# Strengthening Integrations in our Cloud Native Security Platform

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fstrengthening-integrations-in-our-cloud-native-security-platform%2F)  
[](https://twitter.com/share?text=Strengthening+Integrations+in+our+Cloud+Native+Security+Platform&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fstrengthening-integrations-in-our-cloud-native-security-platform%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fstrengthening-integrations-in-our-cloud-native-security-platform%2F&title=Strengthening+Integrations+in+our+Cloud+Native+Security+Platform&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/strengthening-integrations-in-our-cloud-native-security-platform/&ts=markdown)  
\[\](mailto:?subject=Strengthening Integrations in our Cloud Native Security Platform)  
Link copied  
By [Aqsa Taylor](https://www.paloaltonetworks.com/blog/author/aqsa-taylor/?ts=markdown "Posts by Aqsa Taylor")  
Oct 01, 2021  
6 minutes  
[Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown)  
[Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/platform/?ts=markdown)  
[CNSP](https://www.paloaltonetworks.com/blog/tag/cnsp/?ts=markdown)  
[CWPP](https://www.paloaltonetworks.com/blog/tag/cwpp/?ts=markdown)  
[Prisma Cloud](https://www.paloaltonetworks.com/blog/tag/prisma-cloud/?ts=markdown)

In our [latest CWPP release of Prisma Cloud](https://www.paloaltonetworks.com/blog/2021/09/container-image-sandboxing/)**,** we enhanced and expanded our best-of-breed capabilities and built upon our [award winning](https://www.paloaltonetworks.com/blog/2021/05/cloud-leader-in-gigaom-radar-vulnerability-management/) technology to protect cloud workloads across security for hosts, containers, and serverless applications. All of our enhancements contribute to strengthening integrations in our Cloud Native Security Platform: Prisma Cloud.

At Prisma Cloud, we recognize that no one cloud service provider, or one cloud workload type is enough for all organizations. We acknowledged this early, introducing the industry's first **[Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/prisma-cloud/cloud-native-security-platform/)** which encompassed [DevSecOps](https://www.paloaltonetworks.com/cyberpedia/what-is-devsecops), CSPM, CWPP, CNS, and CIEM across workloads and cloud providers.
![Prisma Cloud Platform](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/diagram-description-automatically-generated-10.png)
Prisma Cloud Platform

However, [cloud native security platform (CNSP)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-security-platform) is more than an umbrella for different products in a platform. A true CNSP solution is an integrated approach to securing an environment and applications, regardless of which modules they are using or how that might change in the future. It works across the [software development lifecycle (SDLC)](https://www.paloaltonetworks.com/cyberpedia/sdlc-software-development-lifecycle) and enables security to effectively [shift left](https://www.paloaltonetworks.com/cyberpedia/shift-left-security).

Let's walk through an example that generalizes a real-world scenario. Say you own the operations of serving a bank's website and you are hosting your web server in a Kubernetes cluster through [containers](https://www.paloaltonetworks.com/cyberpedia/what-is-a-container). The application talks to an internal database connecting to S3 bucket for sensitive data storage.

In this case, consider the different attack surfaces -

* Web application prone to [layer 7](https://www.paloaltonetworks.com/cyberpedia/what-is-layer-7) attacks like SQLi, [XSS](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting) scripting, etc. (WAAS)
* Container and image risks and vulnerabilities ([container security](https://www.paloaltonetworks.com/cyberpedia/what-is-container-security))
* Open ports or unmonitored access to Internet (Network Exposure)
* Cluster posture risks / misconfigurations leading to exposure (IaC security and [CSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management))
* Underlying host misconfiguration and vulnerabilities (on Kubernetes nodes) (Host security)
* Poor posture management of data as part of s3 buckets (Data Security)
* Unmanaged Identity and access to sensitive data (IAM Security)

In this blog, I'd like to highlight from a Product Manager's perspective, the integration strategy between [CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform) and CSPM, through some of our recent updates along with new features. Working with customers, we realized that to create an efficient [CNAPP](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-native-application-protection-platform), it's important to address three main integration categories for active users of the platform:

1. 1. Ease of Onboarding
   2. Ease of Configuration
   3. Ease of Reporting

### Ease of Onboarding

The first step to securing cloud services and workloads should be a unified experience.
![Cloud discovery across AWS regions](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/a-screenshot-of-a-computer-description-automatica-4.png)
Cloud discovery across AWS regions

This new feature highlights the benefit of a CNSP: the ability for one part of the solution to alert and inform another.

Once a cloud account is onboarded into the platform, CSPM will immediately analyze the security posture and state of cloud resources deployed in this account. At the same time, it is also available automatically for the CWP to discover unprotected workloads across the environment and, if the customer chooses, automatically deploy an agent. Immediately the organization has the full range of CNAPP functionality at its disposal. No need to onboard in one part of a product and then another.

Not only does this integration ease workload discovery, but in this release, by reusing the same ingested metadata from cloud providers for both CSPM and [CWPP](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform), the time to scan for unprotected resources is reduced substantially, providing instant visibility into undefended workloads in your organization.

### Accounts to Credentials

Prisma Cloud automatically translates onboarded cloud accounts in the platform used for CSPM and CWPP functionality into credentials that can be used for workload scanning features such as serverless function scanning, automatic runtime protection and registry scanning.

### Ease of Configuration

As a platform, Prisma Cloud simplifies configuration while also taking into account the [different personas](https://docs.prismacloudcompute.com/docs/compute_edition_21_04/authentication/user_roles.html#overview) and distributed teams involved in the remediation of alerts coming from CSPM and CWPP.

### Granular Role Based Access Control

Prisma Cloud's RBAC model provides the ability to segment data coming from different sources while also providing restrictive access into different views based on attributes such as image tags, namespaces, labels, etc. via [Resource Lists.](https://docs.prismacloudcompute.com/docs/enterprise_edition/authentication/assign_roles.html#overview) The segmentation is useful when you have large [workload](https://www.paloaltonetworks.com/cyberpedia/what-is-workload) deployments with multiple teams working on multiple apps all in the same environment. For example, you might have a Kubernetes cluster that runs a shopping app, a travel app, and an expenses app. Different teams might be responsible for the development and operation of each app. An internal tools team might be responsible for the travel and expenses app, while a product team runs the shopping app.

Selecting a resource list reduces the scope displayed in Console to just the relevant resources. For example, the developer for the travel app only cares about vulnerabilities in the images that make up the travel app. All other vulnerabilities are just noise. Collections help focus the data.

### Ease of Reporting

When alerting on security audits, providing flexibility in addition to central control addresses needs for both distributed and centralized teams.

Unified Notifications

With this new feature, you can configure your alert providers, whether it is Email, ServiceNow, JIRA, Slack or any provider from [our supported list](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/alerts/alert_mechanism.html) in one central place and regardless of the workload (VMs, containers, serverless functions) your notifications will be forwarded to the same channel. If you have multiple cloud service providers or even if you change in the future, your notifications are configured in a single location.

Remember that we are now operating across the software development lifecycle and DevOps teams. This same, single, notification configuration means that regardless of the automation that teams are using the notifications are delivered consistently and configured centrally.
![Prisma Cloud Radar highlighting a Kubernetes application](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/graphical-user-interface-description-automaticall.png)
Prisma Cloud Radar highlighting a Kubernetes application

With this new feature, not only can you target all the areas of risks listed above from a single security platform but also direct alerts from all those areas to a centralized notifications channel, so your incident response teams have full visibility and control over all workload layers that make up your application.

Set up Splunk configuration for [CSPM alerts in platform](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/configure-external-integrations-on-prisma-cloud/prisma-cloud-integrations.html#idc682745c-c041-4724-8af4-583c45f2bbc2), use the same configuration inside Compute to send container runtime audits as shown below

![Prisma Cloud alert configuration UI](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/09/graphical-user-interface-text-application-descr.png)
Prisma Cloud alert configuration UI

Check out more [details on how to set up unified integrations](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/alerts/alert_mechanism.html)**.**

### Get Started with Prisma Cloud

At Prisma Cloud by Palo Alto Networks, we've invested heavily in providing a solution that secures your diverse workloads across your private and public cloud environments across your SDLC, and most importantly across your changing business needs. All in a single comprehensive security platform.

[Request a 30-day trial](https://www.paloaltonetworks.com/prisma/request-a-prisma-cloud-trial) and learn how Prisma Cloud provides complete cloud native application protection in a single, unified platform.

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown), [Cloud Security Provider](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-provider/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Cloud Workload Protection Company of the Year](https://www2.paloaltonetworks.com/blog/2022/11/cloud-workload-protection-company-of-the-year/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Prisma Cloud: A Leader in Forrester Wave for Cloud Workload Security](https://www2.paloaltonetworks.com/blog/2022/03/prisma-cloud-leader-in-forrester-cws-wave/)

### [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Web Application \& API Security](https://www.paloaltonetworks.com/blog/category/web-application-api-security/?ts=markdown)

[#### Instant Protection with Virtual Patches](https://www2.paloaltonetworks.com/blog/cloud-security/protection-with-virtual-patches/)

### [Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-security-platform/?ts=markdown), [Cloud Workload Protection](https://www.paloaltonetworks.com/blog/category/cloud-workload-protection/?ts=markdown), [Web Application \& API Security](https://www.paloaltonetworks.com/blog/cloud-security/category/web-application-api-security/?ts=markdown)

[#### Web Application and API Security Enhancements: New Analytics Dashboards for Improved Visibility and Support for gRPC Protection](https://www2.paloaltonetworks.com/blog/cloud-security/web-app-and-api/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-security-platform/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### Prisma Cloud at Ignite '21: What to Know](https://www2.paloaltonetworks.com/blog/cloud-security/prisma-cloud-ignite-21/)

### [Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown), [Cloud Workload Protection](https://www.paloaltonetworks.com/blog/category/cloud-workload-protection/?ts=markdown), [Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/platform/?ts=markdown)

[#### Get to Know Cloud Native Application Protection Platforms](https://www2.paloaltonetworks.com/blog/cloud-security/get-to-know-cloud-native-application-protection-platforms/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language