SEC302-S-143971-AWS-Prismacloud.pptx

1. W A S H I N G T O N , D C | M A Y 2 3 - 2 5 , 2 0 2 2

2. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure your mission-critical applications with cloud-native security S P O N S O R E D B Y P R I S M A C L O U D B Y P A L O A L T O N E T W O R K S Rajeev Karamchedu S E C 3 0 2 - S Prisma Cloud Security Specialist, National Security Programs Palo Alto Networks

4. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is fully integrated and best of breed, offering complete protection for AWS FULLY INTEGRATED WITH AWS Network Security Deliver advanced network and threat protection (NGFWs) on AWS Cloud Security Secure any tech stack and any application components running on AWS SOC Security Automate incident response to eliminate manual work and speed response All flagship Palo Alto Networks cloud security products integrate with AWS

5. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is fully integrated and best of breed, offering complete protection for AWS FULLY INTEGRATED WITH AWS Protection Strata NGFWs Findings Cortex XSOAR Security Hub AWS Fargate Embedded Lambda Function Amazon ECS Container Amazon EC2 Kernel Amazon EKS Pod / Node Defenders Amazon EC2 Agentless CNAPP

6. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is an Advanced Technology Partner and ISV Accelerate Partner with AWS PERFECT AWS PARTNER FIT AWS Competencies ●Security ISV Competency ●Containers ISV Competency ●DevOps ISV Competency ●Networking ISV Competency AWS Programs ●APN Customer Engagement ●Marketplace Seller + Containers Anywhere ●Public Sector Partner ●ISV Accelerate ●SaaS Revenue Recognition ●Outpost Ready Validation AWS Service Integrations ●Monitoring ○ GuardDuty ○ Security Hub ○ Amazon Inspector ○ FireLens ○ Amazon S3 ○ Amazon SQS ○ AWS Control Tower ●Compute ○ Amazon EC2 ○ Amazon ECS ○ Amazon EKS ○ Amazon ECR ○ Lambda ○ Fargate ○ Bottlerocket ○ App Mesh ○ VMware Cloud ●CI/CD ○ CodePipeline ○ CodeDeploy ○ CloudFormation ●Incident Response ○ ACM ○ Access Analyzer ○ Athena ○ CloudTrail ○ CloudWatch ○ DynamoDB ○ Detective ○ IAM ○ Network Firewall ○ Route 53

7. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud by Palo Alto Networks is a committed, historical AWS launch partner for security AWS Security Hub security launch partner AWS Lambda layers security launch partner 2018 2018 AWS Control Tower security launch partner 2021 Amazon Inspector security launch partner 2021 Amazon GuardDuty security launch partner 2017 AWS Fargate security launch partner 2017 PERFECT AWS PARTNER FIT

8. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security is a shared responsibility in the cloud 50% of surveyed customers view security as “top concern” slowing journey to cloud State of Cloud Native Security Report, 2022 Responsible for security of the cloud AWS Hubs Switches Routers Hypervisor Data Center Resource Configurations Users & Credentials Networks Hosts, Containers, Functions Data Responsible for security in the cloud Customers

11. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automated Cloud-Native Security Across Architectures Each technology offers different benefits and different security challenges Virtual Machines Containers Containers as-a-Service On-Demand Containers Serverless AWS Lambda AWS Fargate Amazon EKS Amazon ECS Amazon EC2

12. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud: Defining the Cloud-Native Application Protection Platform (CNAPP) A single user experience to secure cloud infrastructure, apps, identities, networks, and data Centralized policy management, auditing, and protection (no point solutions) Full lifecycle security code to cloud for infrastructure and apps Identify vulnerabilities and misconfigurations, and integrate with code repos, CI tools, CD workflows, and runtime Unified agentless host protection with agent-based protection for hosts, containers, and serverless Vulnerability management, compliance, and runtime protection Integrated with SecOps tools to address issues and alerts Security posture dashboards and results to SIEM, SOAR, or ChatOps

13. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Cloud-Native Application Protection Platform (CNAPP) PURPOSE-BUILT FOR AWS Cloud Security Posture Management Cloud Workload Protection Cloud Network Security Cloud Identity Security Cloud Code Security Monitor and secure cloud networks, enforce microsegmentation Enforce permissions and secure identities across clouds Secure hosts, containers, and serverless with single agent Monitor posture, detect and respond to threats, maintain compliance Secure app artifacts, analyze code, and fix issues Full Application Lifecycle Secure applications across AWS (build-deploy-run)

14. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Delivering cloud security at the largest scale SECURITY AT SCALE 4B+ Assets protected 2M+ Workloads protected 700B+ Weekly cloud events processed 1 G2000 is the Forbes Global 2000 Companies; 2 Customers active per Q1 FY22 Earnings Call 3Forrester Wave for Cloud Workload Security; 4 2021 GigaOm Radar for Vulnerability Management; 5 2021 GigaOm Radar for Developer Security Tools 6 Gartner Hype Cycle for Cloud Security, 2021 SECURING GLOBAL CUSTOMERS 1800+ Total customers RECOGNIZED BY OUR USERS TOP ANALYST VALIDATIONS ●Forrester Wave™ for CWS3 Leader in Cloud Workload Security ●GigaOm Vulnerability Management Radar4 Leader and Outperformer ●GigaOm Developer Security Tools Radar5 Leader and Fast Mover ●Gartner 2021 Hype Cycle6 Included 7 market categories PeerSpot #1 Rank ∙ Cloud Workload Security ∙ Microsegmentation ∙ CSPM ∙ CNAPP

15. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Software Ecosystem SoniKube Hill AFB, UT ● F-16 Kessel Run Boston, MA ● AOC ● F-35 ● ABMS Blue Sky Warner Robins, GA ● 402nd SWEG BESPIN Montgomery, AL ● PEO BES LevelUP San Antonio, TX ● Unified Platform Thunder CAMP Oklahoma City, OK ● 76th SWEG Rogue Blue Omaha, NE ● STRATCOM Space CAMP Colorado Springs, CO ● Space Force Platform One Colorado Springs, CO ● JAIC ● Army Cyber ● AEGIS ● F-35 ● ABMS Ski CAMP Hill AFB, UT ● GBSD Kobayashi Maru Los Angeles, CA ● SMC Corsair Ranch Tuscon, AZ TRON Oahu, HI ● PACOM Conjure Scott AFB, IL ● 375th Scorpion CAMP Oklahoma City, OK Hangar 18 Dayton, OH Red 5 Langley, VA N2X Pathfinder Colorado Springs, CO ● NORAD

16. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud DoD Use Case Examples USAF Platform One ● Prisma Cloud prominent security component in DoD Enterprise DevSecOps (DSOP) Platform One initiative ● Prisma Cloud images available for any DoD entity inside the Iron Bank (DoD Centralized Artifacts Repository ~ DCAR) ● Prisma Cloud secures cloud apps for Navy onboard NAVSEA’s Cloud In a Box Initiative (fully functional on-ship cloud) JAIC (Joint Artificial Intelligence Center) ● Prisma Cloud secures the entire DevSecOps process for JAIC and the DoD AI Center of Excellence which builds AI and ML for DoD. DISA (Defense Information Systems Agency) – Joint Regional Security Stacks ● Prisma Cloud delivers compliance, vulnerability, and malware scans in Defense Container DoD central artifact repository (DCARS)

17. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Continuous Authority to Operate (cATO) DOD cATO memo dated 2/3/2022: “cATO represents a challenging but necessary enhancement of our cyber risk approach in order to accelerate innovation while outpacing expanding cybersecurity threats.” Authorizing Official (AO) requires demonstration of three competencies: 1. On-going visibility of key cybersecurity activities inside of the system boundary with a robust continuous monitoring of RMF controls 2. Ability to conduct active cyber defense in response to cyber threats in real time 3. Adoption and use of an approved DevSecOps reference design

18. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies “On-going visibility of key cybersecurity activities inside of the system boundary with a robust continuous monitoring of RMF controls.” ● Continuous monitoring for “drift” in ATO-identified controls, non-compliance alerting, and anomaly detection at runtime ● Events mapped to ATT&CK framework in ATT&CK Explorer for threat context ● Machine learning and heuristics help to efficiently analyze events ● Option to analyze within Incident Explorer ● Live Forensic details to help threat remediation

19. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies (Active Cyber Defense) ● Intelligence Stream (IS) Real-time vulnerability & threat data ● Advanced Threat Protection (ATP) Runtime defense ● App-Specific Intelligence Detect runtime anomalies ● ATT&CK Explorer Correlated real-time view of TTPs ● Vulnerability Explorer Correlation and prioritization ● Machine Learning & Heuristics Automated detection & analysis ● WAAS & Virtual Patching Rapid response “Ability to conduct active cyber defense in order to respond to cyber threats in real time.”

20. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies (Supply Chain Security) ● IaC Security Embed security into popular IDEs, version control systems, and CI/CD tools ● Container Vulnerability Assessments Protect against misconfigurations in containers and ensure image integrity ● Image Analysis Sandbox Dynamically analyze runtime behavior of images before deployment ● Identity & Access Management (IAM) Govern identity and access to your supply chain and source code “Adoption and use of an approved DevSecOps reference design.”

21. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud by Palo Alto Networks: Resources ● Visit The Palo Alto Networks Showcase Booth Live product demonstrations and answers ● Prisma Cloud Datasheet for AWS paloaltonetworks.com/prisma/environments/aws ● Prisma Cloud for AWS Demo youtube.com/watch?v=rTH8y3fiW5s ● Forrester: Total Economic Impact of Prisma Cloud paloaltonetworks.com/prisma/forrester-tei-study-prisma-cloud-2021 ● Visit Palo Alto Networks in the AWS Marketplace

SEC302-S-143971-AWS-Prismacloud.pptx

Du liest eine Vorschau.

Hier ansehen

SEC302-S-143971-AWS-Prismacloud.pptx

Weitere Verwandte Inhalte

Ähnlich wie SEC302-S-143971-AWS-Prismacloud.pptx (20)

Aktuellste (20)