With its automated prevention-first approach, continuous real-time visibility at any scale, and security options for its users, Prisma Cloud Data Security by Palo Alto Networks secures your applications from code to cloud. Today, Amqid.info will give you some details about that cloud.
What is Prisma Cloud Data Security?
You can find and categorize data stored in AWS S3 buckets and Azure Blob storage using Prisma Cloud’s data security capabilities, and you can also prevent unintentional disclosure, abuse, or sharing of sensitive data.
Prisma Cloud Data Security integrates with Palo Alto Networks’ Enterprise DLP service and offers data classification with built-in data profiles and data patterns that match sensitive information such as personally identifiable information (PII), health care information, financial information, and intellectual property.
Using the Palo Alto Networks WildFire service, your data is safeguarded not just against known and unknown dangers (zero-day), but also against personal and sensitive information.
To help secure the security of an organization’s cloud-based application, Prisma can suggest configurations for the entire cloud environment. Prisma can spot network threats, malware, data leaks, and questionable user behavior, in addition to identifying cloud setups that leave security gaps.
Prisma-using organizations ought to be able to securely link both stationary and mobile users to a cloud service while enabling each user to create and deploy cloud apps.
Prisma is suitable for firms that use DevOps or create cloud-based apps because it may be used by operations and security teams. Organizations that now utilize several cloud security products that are not optimized for collaboration can also benefit from the security suite. Prisma is a suite of four platforms from Palo Alto Networks that aims to simplify access, application security, and data protection. Other Palo Alto Networks cloud security solutions are the foundation of this package.
What Does Prisma Cloud Data Security Include?
- Support for Azure Blob Storage and AWS S3 is available to Prisma Cloud users in the USA, EMEA, and Canada.
Note: The Data Security, Enterprise DLP, and Wildfire services will operate in North America if you use the Prisma Cloud tenant there. Prisma Cloud Data Security will also be enabled. Contact your Prisma Cloud customer support agent if you have any questions about data sovereignty.
- Before using the Prisma Cloud Data Security module, you are given three credits as part of a freemium experience. You spend credits from the Prisma Cloud Enterprise Edition license when the amount of your data surpasses the freemium limit. The free three credits can be applied to either 600GB of exposure scanning or 100GB of sensitive and malware scanning; after that, the price will be modified in accordance with the scan power. For a full scan (exposure, malware, and sensitivity analysis), all selected data will be scanned at a cost of 5 credits per TB for exposure, while only classifiable data and malware will be paid at a cost of 30 credits per TB.
Note: At the moment of scanning, the real volume of compressed files is determined.
- When you sign up for your AWS and Azure subscription accounts on Prisma Cloud, you will have the option of scanning all or specific storage resources. When you include the cloud account, you may decide whether to enable a forward or backward scan.
Each tenant has a default scan quota of 1500 credits, which gives you the control you need to balance your organizational DLP budget with the amount of data you scan. This 1500 credit cap can be increased, and you can do so by opening a support case with Prisma Cloud Customer Success.
- You should also make sure that Prisma Cloud Data Security is being used to scan the file types that you want to safeguard.
Note: For scanning purposes, Prisma Cloud Data Security needs to read objects from your AWS S3 buckets. The encryption types that are supported are AMS KMS keys that are AWS-maintained or customer-managed, as well as Amazon S3-produced and maintained keys (SSE-S3).
Prisma Cloud can scan files in S3 buckets that have been encrypted using customer-managed encryption keys if you utilize the AWS Key Management Service with Customer Managed Keys (CMK) and grant the proper rights to the Prisma Cloud IAM role.
- On the new Data Dashboard, Data Inventory, and Object Explorer for AWS, Prisma Cloud offers visibility, exposure, and classification of S3 buckets and objects.
- Only S3 objects from the standard storage class are consumed for scanning.
- To scan for malware:
- There must be no more than 100MB in the uncompressed file size. For instance, the file won’t be successfully scanned if it was compressed from a larger size of more than 100MB to less than 100MB.
- To scan for data classification:
- Avro, CSV, JSON, ORC, Parquet, and TXT files must not exceed 2.5GB in size.
- The uncompressed file size must be less than 20MB for all other file types supported by Prisma Cloud Data Security. The file won’t be successfully scanned, for instance, if it was compressed from a larger file to one that is just 20MB in size.
- The file must be smaller than 1MB in order to be scanned using ML-based classification.
Note: S3 objects are processed and checked for malware and sensitive data using Prisma Cloud Data Security’s Enterprise DLP and WildFire services from Palo Alto Networks. When S3 items are sent to Enterprise DLP for analysis, Prisma Cloud’s S3 buckets briefly keep the objects for fewer than 24 hours before deleting them. In addition, files with the.avro,.orc, and.parquet extensions are kept for up to seven days. After making a data classification decision on your files, Enterprise DLP does not keep any data. The regular WildFire retention schedule is followed when processing files.
- The data types and sizes that Prisma Cloud supports for Azure are as follows:
- The file size must be less than 20MB in order to scan for data classification.
- Files must be smaller than 20MB in order to be scanned for malware.
- Evaluation of exposure for all file kinds.
Note: Avro, CSV, JSON, ORC, Parquet, and TXT file types are not supported by Prisma Cloud on Azure.
- Default Data rules to identify the release of private information to the public. The Prisma Cloud’s supported external integration channels can be configured to receive notifications through the data policies, which create alerts. Additionally, you are able to develop unique data profiles and patterns and apply them to policies to scan information for security flaws.
- Config RQL integration enables the Resource Explorer to display all items within a storage resource, including exposure, data profiles, and malware detection.