Cloud Network Security

Protect cloud-native applications from every network attack path.
Cloud Network Security Front
Cloud Network Security Back

As cloud adoption accelerates, organizations have a much greater responsibility to protect their digital assets on the network. Sustaining a reliable and secure network in the cloud becomes challenging to balance.

Cloud Network Security Explainer

Contextualize and take control your cloud network

Prisma® Cloud delivers network visibility and controls across multicloud environments. Security teams can understand network-based threats and remediate unnecessary exposures.
  • Network configuration and flow visibility across clouds
  • Contextual insights to aid prioritization and investigation
  • Detailed instructions to simplify risk remediation steps
  • Network visibility
    Network visibility
  • Effective network exposure
    Effective network exposure
  • Threat detection
    Threat detection
  • Integrated into a CNAPP
    Integrated into a CNAPP

THE PRISMA CLOUD SOLUTION

Our approach to Cloud Network Security

Network Security Posture Management

Prisma Cloud offers end-to-end visibility of cloud networks across Amazon Web Services (AWS), Microsoft Azure and Google Compute Platform (GCP) deployments.

  • Network configuration and asset visibility

    Know about the assets and network configurations deployed across multicloud environments.

  • Configuration change monitoring

    Unlike scanning technologies that take infrequent snapshots, Prisma Cloud continuously monitors environments, enabling security teams to track network misconfigurations, when they happened and who changed them.

  • Flow mapping

    Visualize any network communication across your clouds. Prisma Cloud collects cloud provider network flow logs and builds a map of communications, including traffic to and from untrusted sources or malicious IP addresses.

  • Remediation guidance

    Reduce cross-collaboration friction and increase remediation efficiency. Prisma Cloud delivers step-by-step remediation instructions, providing context for the teams who are responsible for network misconfigurations.

Cloud Threat Detection

Effective Network Exposure

Prisma Cloud surfaces the effective network exposure of critical cloud assets, providing greater visibility for security teams while reducing alert noise.

  • Contextual network misconfiguration alerts

    Instead of generating excessive alerts against network security group misconfigurations, Prisma Cloud analyzes relationships between configurations to determine which assets are publicly exposed.

  • Network path analysis

    Use a graph to visualize network paths that expose cloud resources to the internet. Prisma Cloud provides a graph of network exposures, including a hop-by-hop analysis across configurations.

  • Improve risk assessment

    Easily identify open pathways that allow lateral movement across the cloud infrastructure and make informed security decisions that help you reduce the attack surface radius and partition the network.

True Internet Exposure

Threat Detection

Prisma Cloud employs advanced ML to monitor the normal network behavior of each customer’s cloud environment and then detect network anomalies and zero-day attacks effectively with minimal false positives. With Prisma Cloud, you can detect network anomalies without changing your network infrastructure.

  • Port scan and sweep detection

    Detect common reconnaissance techniques per MITRE ATT&CK® Cloud Matrix to facilitate remediation activities, such as closing ports opened unintentionally.

  • Unusual port and server activity detection

    Spot unusual activities and detect evasive tactics against critical assets, such as PII, financial information and others in preparation for data exfiltration.

  • DNS threat detection

    Identify DNS-based threats, such as domain generation algorithm and cryptomining – all without changing your DNS infrastructure.

  • Network threat investigation

    View network flows to and from untrusted sources in a graph. Prisma Cloud incorporates threat intelligence, ensuring security teams know which external IPs are known to be malicious.

Microsegmentation

Integrated into a CNAPP

Prisma Cloud offers powerful network visibility and control that is only made better through integration with other cloud-native application protection platform (CNAPP) capabilities.

  • Avoid alert fatigue

    Prisma Cloud correlates relationships between misconfigurations, network exposures, excessive permissions, vulnerabilities and threats to identify potential attack paths, helping security teams focus on the most important risks.

  • Attack path analysis

    Prisma Cloud provides a graph to visualize attack paths and the individual weaknesses that cause them. Security teams can contextualize critical risks, quickly identify the root cause and accelerate remediation steps.

True Internet Exposure
Prisma Cloud
Prisma Cloud
Prisma Cloud delivers the industry’s broadest security and compliance coverage—for applications, data, and the entire cloud native technology stack—throughout the development lifecycle and across multi- and hybrid-cloud environments.

Cloud Network Security solutions

mobile thumbnail banner
thumbnail banner

Visibility, Compliance and Governance

Monitor posture, detect and remediate risks, and maintain compliance.

mobile thumbnail banner
thumbnail banner

Threat Detection

Detect advanced threats, zero-day attacks and anomalies across multicloud environments.

Resources

Valuable Cloud Network Security documents