Acer eDC has joined the Prisma Cloud Partner Program to help organizations successfully manage cloud security configurations and build and deploy security monitoring mechanisms. We hope that our cloud security solutions will make users safer and more powerful. If you have any needs related to Prisma Cloud management, deployment, and security monitoring,please feel free to contact us..
Background Description
What is Cloud Security Posture Management? Cloud Security Posture Management (CSPM)
Cloud Security Posture Management (CSPM) is the answer to the growing need for organizations to deal with cloud security risks and misconfigured public cloud services. This service is used for risk assessment, visualization, unexpected event response, regulation, oversight, and DevOps integration. Customers often use CSPM services to detect incorrect resource configurations, identify risks and unsafe activities across cloud applications and services, and provide relevant information to help security administrators improve and resolve cloud security issues.
What is a cloud workload protection platform? Cloud Workload Protection Platform (CWPP)
Cloud Workload Protection Platform (CWPP) is a security tool that detects and removes threats inside cloud software. CWPP is like a car mechanic, identifying defects and failures inside a car’s engine before causing further damage, except it inspects the inside of a cloud service instead of the car. CWPP automatically monitors a variety of workloads, including physical on-premises servers, virtual machines, and serverless functions.
What is Cloud Native Application Protection Platform? Cloud Native Application Protection Platform (CNAPP)
Cloud Native Application Protection Platform (CNAPP) is a unified and tightly integrated set of security and compliance capabilities designed to protect cloud native applications in development and production. CNAPP integrates a number of previously siled capabilities, including container scanning, cloud security posture management, infrastructure-as-code scanning, cloud infrastructure entitlement management, execution-time cloud workload protection, and execution-time vulnerability/configuration scanning.
Applicable Objects
Enterprises using cloud environments, including finance, manufacturing, government agencies, and e-commerce enterprises
Service Efficiency
- Visual risk assessment to identify risky and unsafe activities across cloud applications and services.
- Help strengthen cloud security issue management.
- Search for cloud security configuration errors and detect compliance violations.
Function Introduction
What are the main functions of CSPM?
- Regularly scan and analyze cloud services such as IaaS, SaaS, PaaS, etc. Look for security settings errors, possible compliance violations, and vulnerabilities.
- Map an organization's entire cloud infrastructure to uncover previously unknown risks. It sends alerts to the security team about any potential risks.
- Typically has a dashboard that displays identified issues and overall security scores and delivers alerts.
- Any potential violations such as the Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA), and General Data Protection Regulation (GDPR) are automatically scanned and detected.
- Cloud deployments are scanned to identify all cloud assets and provide visibility into their status. It also alerts security teams to configuration errors in discovered assets.
- Other capabilities include vulnerability identification and incident response. Some CSPM tools can not only alert the security team but also fix certain issues.
What are the main functions of CWPP?
According to global research and advisory firm Gartner, CWPP has the following eight functions:
- Hardening, Provisioning, and Vulnerability Management: CWPP helps ensure that there are no vulnerabilities in the software, even before it is put into production.
- Network Firewall, Visibility, and Micro-Segmentation: CWPP protects and micro-segments the network. The latter term refers to dividing a network into smaller parts so that an attacker cannot compromise the entire network at once.
- System Integrity Assurance: CWPP ensures that cloud systems work as expected.
- Application Control and Allowed List: CWPP allows and blocks applications based on the allowed application list.
- Exploit Prevention and Memory Protection: CWPP prevents exploits in actively executing software.
- Server workload endpoint detection and response (EDR), behavioral monitoring, and threat detection and response: CWPP responds to suspicious changes in server and application behavior and active threats.
- Host-based intrusion prevention with vulnerability masking: CWPP prevents external intrusions into servers.
- Anti-malware scanning: CWPP detects malware embedded in cloud workloads.
CWPP can apply these capabilities to any type of workload, including physical servers, virtual machines, containers and serverless functions.
What is the difference between CWPP and Cloud Security Posture Management (CSPM)?
Cloud Security Posture Management (CSPM) is another type of automated tool used to secure a range of cloud deployments. The main difference is - CSPM is external and looks for cloud configuration errors and compliance violations; CWPP is internal and looks for threats in software executing in the cloud. CNAPP integrates CWPP and CSPM functions.
Palo Alto Prisma Cloud includes three versions of functionality:
Prisma Cloud Applicable Scenarios - Compliance, Multi-cloud Management, Cloud-native Security | ||
Business Edition Commercial Compliance Edition(CSPM) |
Compute Edition Container Protection Edition(CWPP) |
Enterprise Edition Enterprise Edition(CSPM+CWPP) |
|
|
|
Public Cloud laaS/PaaS Security and Compliance |
Public Cloud Container Service |
|
Cloud Native and Private Cloud Container Services |
- Enterprise Edition (CSPM+CWPP)
Prisma Cloud 3.0: Cloud Native Application Protection Platform (CNAPP) |
||||
Cloud Code Security protects application components to analyze applications and IaC Code and fix issues |
Cloud Security Posture Management monitors cloud security posture, detects and responds to threats, and maintains compliance |
Cloud Workload Protection secures hosts, containers and serverless throughout the application lifecycle |
Cloud Network Security monitors and protects cloud networks and performs micro-segmentation (Micorsegmentation) |
Cloud Identity Security protects permissions and identities in multi-cloud environments |
Full application development lifecycle protection protects application services throughout the entire development lifecycle (build-deploy-run) |
- Business Edition Commercial Compliance Edition(CSPM)
—— Prisma Cloud Business Core Features
- Prisma Cloud Compute Container Protection Edition(CWPP)
—— Prisma Cloud Compute core features
Prisma Cloud and Cloud SOC. What's the difference?
Microsoft Sentinel Microsoft |
Prisma Cloud Palo Alto Networks |
Microsoft Defender for Cloud Microsoft |
|
|
|