SEC302 S 143971 Session Presentation.1554e4b8

WA S H I N G T O N , D C | M AY 2 3 - 2 5 , 2 0 2 2
SEC302-S
S P O N S O R E D B Y P R I S M A C L O U D B Y PA L O A LT O N E T W O R K S
Secure your mission-critical applications

with cloud-native security
Rajeev Karamchedu
Prisma Cloud Security Specialist, National Security Programs
Palo Alto Networks
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“Security must be job zero.”
Andy Jassy
Palo Alto Networks is fully integrated and best of breed, offering
complete protection for AWS
FULLY INTEGRATED WITH AWS
Cloud Security SOC Security Network Security
Secure any tech stack and Automate incident response Deliver advanced network
any application components to eliminate manual work and threat protection
running on AWS and speed response (NGFWs) on AWS
All flagship Palo Alto Networks cloud security products integrate with AWS
Palo Alto Networks is fully integrated and best of breed, offering
complete protection for AWS
FULLY INTEGRATED WITH AWS
CNAPP Findings Protection
Defenders
Cortex Strata
XSOAR NGFWs
Amazon EC2 Amazon ECS Amazon EKS

Kernel Container Pod / Node
Security
Amazon EC2 AWS Fargate Lambda Hub
Agentless Embedded Function
Palo Alto Networks is an Advanced Technology Partner and ISV
Accelerate Partner with AWS
PERFECT AWS PARTNER FIT
AWS Service Integrations

AWS Competencies
● Monitoring ● CI/CD
●Security ISV Competency ○ GuardDuty ○ CodePipeline
●Containers ISV Competency ○ Security Hub ○ CodeDeploy
●DevOps ISV Competency ○ Amazon Inspector ○ CloudFormation
○ FireLens
●Networking ISV Competency ○ Amazon S3
● Incident Response
○ Amazon SQS
○ ACM
AWS Programs ○ AWS Control Tower
○ Access Analyzer
○ Athena
●APN Customer Engagement ○ CloudTrail
● Compute
●Marketplace Seller + Containers ○ Amazon EC2 ○ CloudWatch
Anywhere ○ Amazon ECS ○ DynamoDB
●Public Sector Partner ○ Amazon EKS ○ Detective
○ Amazon ECR ○ IAM
●ISV Accelerate ○ Lambda ○ Network Firewall
●SaaS Revenue Recognition ○ Fargate ○ Route 53
●Outpost Ready Validation ○ Bottlerocket
○ App Mesh
○ VMware Cloud
Prisma Cloud by Palo Alto Networks is a committed, historical
AWS launch partner for security
PERFECT AWS PARTNER FIT
2017 AWS Fargate security launch partner
2017 Amazon GuardDuty security launch partner
2018 AWS Security Hub security launch partner
2018 AWS Lambda layers security launch partner
2021 AWS Control Tower security launch partner
2021 Amazon Inspector security launch partner

Security is a shared responsibility in the cloud
50% of surveyed customers view security as “top concern” slowing journey to cloud
State of Cloud Native Security Report, 2022
Customers Data
Hosts, Containers, Functions
Responsible for Networks
security in the Users & Credentials
cloud Resource Configurations
AWS Routers
Responsible for Switches
Hypervisor
security of the Hubs
cloud Data Center
What do they
have in
common?
Automated Cloud-Native Security Across Architectures
Each technology offers different benefits and different security challenges
Virtual Containers On-Demand

Containers Serverless
Machines as-a-Service Containers
Amazon EC2 Amazon ECS Amazon EKS AWS Fargate AWS Lambda
Prisma Cloud: Defining the Cloud-Native Application Protection
Platform (CNAPP)
A single user experience to secure cloud infrastructure, apps, identities,
networks, and data
Centralized policy management, auditing, and protection (no point solutions)
Unified agentless host protection with agent-based protection for

hosts, containers, and serverless
Vulnerability management, compliance, and runtime protection
Integrated with SecOps tools to address issues and alerts

Security posture dashboards and results to SIEM, SOAR, or ChatOps
Full lifecycle security code to cloud for infrastructure and apps

Identify vulnerabilities and misconfigurations, and integrate with code repos,
CI tools, CD workflows, and runtime
Prisma Cloud Cloud-Native Application Protection Platform
(CNAPP)
PURPOSE-BUILT FOR AWS
Cloud Code Cloud Security Cloud Workload Cloud Network Cloud Identity
Security Posture Protection Security Security
Management
Secure app artifacts, Monitor posture, detect Secure hosts, containers, Monitor and secure cloud Enforce permissions and
analyze code, and and respond to threats, and serverless with networks, enforce micro- secure identities across
fix issues maintain compliance single agent segmentation clouds
Full Application Lifecycle

Secure applications across AWS (build-deploy-run)
Delivering cloud security at the largest scale
SECURITY AT SCALE SECURING GLOBAL CUSTOMERS TOP ANALYST VALIDATIONS
● Forrester Wave™ for CWS3

4B+ 1800+ Leader in Cloud Workload
Security
Assets protected Total customers
● GigaOm Vulnerability
2M+ RECOGNIZED BY OUR USERS

Management Radar4 Leader
and Outperformer
Workloads protected
● GigaOm Developer Security
PeerSpot #1 Rank Tools Radar5
700B+ ∙
∙
Cloud Workload Security
Microsegmentation
Leader and Fast Mover
● Gartner 2021 Hype Cycle6
Weekly cloud events processed ∙ CSPM
∙
Included 7 market categories
CNAPP
1
G2000 is the Forbes Global 2000 Companies; 2 Customers active per Q1 FY22 Earnings Call
3
Forrester Wave for Cloud Workload Security; 4 2021 GigaOm Radar for Vulnerability Management; 5 2021 GigaOm Radar for Developer Security Tools
6
Gartner Hype Cycle for Cloud Security, 2021
Prisma Cloud Software Ecosystem
N2X Pathfinder
Platform One Colorado Springs,
Kessel Run
Colorado Springs,
Space CAMP Boston, MA
CO
Colorado Springs, CO
CO Hangar 18
● NORAD ● AOC
Rogue Blue Dayton, OH
● JAIC ● Space Force ● F-35
Omaha, NE
● Army Cyber ● ABMS
● AEGIS ● STRATCOM
● F-35
SoniKube
Hill AFB, UT ● ABMS
Red 5
● F-16 Langley, VA
Ski CAMP
Hill AFB, UT
Conjure
● GBSD Scott AFB, IL
Kobayashi Maru ● 375th

Los Angeles, CA
Blue Sky
● SMC Warner Robins, GA
● 402nd SWEG
Corsair Ranch
Tuscon, AZ
BESPIN
Montgomery, AL
Thunder CAMP
Oklahoma City, OK
TRON LevelUP ● PEO BES
Oahu, HI San Antonio, TX Scorpion CAMP
● 76th SWEG Oklahoma City, OK
● PACOM ● Unified Platform
Prisma Cloud DoD Use Case Examples
USAF Platform One
● Prisma Cloud prominent security component in DoD Enterprise DevSecOps
(DSOP) Platform One initiative
● Prisma Cloud images available for any DoD entity inside the Iron Bank (DoD
Centralized Artifacts Repository ~ DCAR)
● Prisma Cloud secures cloud apps for Navy onboard NAVSEA’s Cloud In a Box
Initiative (fully functional on-ship cloud)
JAIC (Joint Artificial Intelligence Center)

● Prisma Cloud secures the entire DevSecOps process for JAIC and the DoD AI
Center of Excellence which builds AI and ML for DoD.
DISA (Defense Information Systems Agency) – Joint Regional Security

Stacks
● Prisma Cloud delivers compliance, vulnerability, and malware scans in Defense
Container DoD central artifact repository (DCARS)
Prisma Cloud Continuous Authority to Operate (cATO)
DOD cATO memo dated 2/3/2022:
“cATO represents a challenging but necessary enhancement of our cyber risk approach in order to
accelerate innovation while outpacing expanding cybersecurity threats.”
Authorizing Official (AO) requires demonstration of three competencies:
1. On-going visibility of key cybersecurity activities inside of the system boundary with a robust
continuous monitoring of RMF controls
2. Ability to conduct active cyber defense in response to cyber threats in real time
3. Adoption and use of an approved DevSecOps reference design
Prisma Cloud cATO Competencies
“On-going visibility of key cybersecurity activities inside of the
● Continuous monitoring for “drift” in ATO- system boundary with a robust continuous monitoring of RMF
controls.”
identified controls, non-compliance alerting, and
anomaly detection at runtime
● Events mapped to ATT&CK framework in

ATT&CK Explorer for threat context
● Machine learning and heuristics help to efficiently

analyze events
● Option to analyze within Incident Explorer
● Live Forensic details to help threat remediation
Prisma Cloud cATO Competencies (Active Cyber Defense)
● Intelligence Stream (IS) “Ability to conduct active cyber defense in order to respond to
Real-time vulnerability & threat data cyber threats in real time.”
● Advanced Threat Protection (ATP) Runtime

defense
● App-Specific Intelligence
Detect runtime anomalies
● ATT&CK Explorer
Correlated real-time view of TTPs
● Vulnerability Explorer
Correlation and prioritization
● Machine Learning & Heuristics

Automated detection & analysis
● WAAS & Virtual Patching

Rapid response
Prisma Cloud cATO Competencies (Supply Chain Security)
“Adoption and use of an approved DevSecOps reference
● IaC Security design.”
Embed security into popular IDEs, version control
systems, and CI/CD tools
● Container Vulnerability Assessments

Protect against misconfigurations in containers and
ensure image integrity
● Image Analysis Sandbox

Dynamically analyze runtime behavior of images
before deployment
● Identity & Access Management (IAM)

Govern identity and access to your supply chain
and source code
Prisma Cloud by Palo Alto Networks: Resources
● Visit The Palo Alto Networks Showcase Booth

Live product demonstrations and answers
● Prisma Cloud Datasheet for AWS

paloaltonetworks.com/prisma/environments/aws
● Prisma Cloud for AWS Demo

youtube.com/watch?v=rTH8y3fiW5s
● Forrester: Total Economic Impact of Prisma Cloud

paloaltonetworks.com/prisma/forrester-tei-study-prisma-cloud-2021
● Visit Palo Alto Networks in the AWS Marketplace
Any questions?
We have answers!
Thank you!
Rajeev Karamchedu Matt Lamb
[email protected] [email protected]
Please complete the
session survey in the
mobile app
Android iOS

SEC302 S 143971 Session Presentation.1554e4b8

Uploaded by

Copyright:

Available Formats

SEC302 S 143971 Session Presentation.1554e4b8

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SEC302 S 143971 Session Presentation.1554e4b8

Uploaded by

Copyright:

Available Formats

WA S H I N G T O N , D C | M AY 2 3 - 2 5 , 2 0 2 2

Secure your mission-critical applications

Cloud Security SOC Security Network Security

CNAPP Findings Protection

Amazon EC2 Amazon ECS Amazon EKS

AWS Service Integrations

2017 AWS Fargate security launch partner

2017 Amazon GuardDuty security launch partner

2018 AWS Security Hub security launch partner

2018 AWS Lambda layers security launch partner

2021 AWS Control Tower security launch partner

2021 Amazon Inspector security launch partner

Virtual Containers On-Demand

Unified agentless host protection with agent-based protection for

Integrated with SecOps tools to address issues and alerts

Full lifecycle security code to cloud for infrastructure and apps

Full Application Lifecycle

SECURITY AT SCALE SECURING GLOBAL CUSTOMERS TOP ANALYST VALIDATIONS

● Forrester Wave™ for CWS3

2M+ RECOGNIZED BY OUR USERS

Kobayashi Maru ● 375th

JAIC (Joint Artificial Intelligence Center)

DISA (Defense Information Systems Agency) – Joint Regional Security

Authorizing Official (AO) requires demonstration of three competencies:

● Events mapped to ATT&CK framework in

● Machine learning and heuristics help to efficiently

● Option to analyze within Incident Explorer

● Live Forensic details to help threat remediation

● Advanced Threat Protection (ATP) Runtime

● Machine Learning & Heuristics

● WAAS & Virtual Patching

● Container Vulnerability Assessments

● Image Analysis Sandbox

● Identity & Access Management (IAM)

● Visit The Palo Alto Networks Showcase Booth

● Prisma Cloud Datasheet for AWS

● Prisma Cloud for AWS Demo

● Forrester: Total Economic Impact of Prisma Cloud

● Visit Palo Alto Networks in the AWS Marketplace

You might also like