SlideShare ist ein Scribd-Unternehmen logo

SEC302-S-143971-Session-Presentation.7e95c642838da923e9d66db6fde28eef1554e4b8.pptx

Als PPTX, PDF herunterladen
K
Kocapep

Cloud Security

Ingenieurwesen
1 von 24
W A S H I N G T O N , D C | M A Y 2 3 - 2 5 , 2 0 2 2
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure your mission-critical applications with cloud-native security S P O N S O R E D B Y P R I S M A C L O U D B Y P A L O A L T O N E T W O R K S Rajeev Karamchedu S E C 3 0 2 - S Prisma Cloud Security Specialist, National Security Programs Palo Alto Networks
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. “Security must be job zero.” Andy Jassy
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is fully integrated and best of breed, offering complete protection for AWS FULLY INTEGRATED WITH AWS Network Security Deliver advanced network and threat protection (NGFWs) on AWS Cloud Security Secure any tech stack and any application components running on AWS SOC Security Automate incident response to eliminate manual work and speed response All flagship Palo Alto Networks cloud security products integrate with AWS
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is fully integrated and best of breed, offering complete protection for AWS FULLY INTEGRATED WITH AWS Protection Strata NGFWs Findings Cortex XSOAR Security Hub AWS Fargate Embedded Lambda Function Amazon ECS Container Amazon EC2 Kernel Amazon EKS Pod / Node Defenders Amazon EC2 Agentless CNAPP
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is an Advanced Technology Partner and ISV Accelerate Partner with AWS PERFECT AWS PARTNER FIT AWS Competencies ●Security ISV Competency ●Containers ISV Competency ●DevOps ISV Competency ●Networking ISV Competency AWS Programs ●APN Customer Engagement ●Marketplace Seller + Containers Anywhere ●Public Sector Partner ●ISV Accelerate ●SaaS Revenue Recognition ●Outpost Ready Validation AWS Service Integrations ●Monitoring ○ GuardDuty ○ Security Hub ○ Amazon Inspector ○ FireLens ○ Amazon S3 ○ Amazon SQS ○ AWS Control Tower ●Compute ○ Amazon EC2 ○ Amazon ECS ○ Amazon EKS ○ Amazon ECR ○ Lambda ○ Fargate ○ Bottlerocket ○ App Mesh ○ VMware Cloud ●CI/CD ○ CodePipeline ○ CodeDeploy ○ CloudFormation ●Incident Response ○ ACM ○ Access Analyzer ○ Athena ○ CloudTrail ○ CloudWatch ○ DynamoDB ○ Detective ○ IAM ○ Network Firewall ○ Route 53
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud by Palo Alto Networks is a committed, historical AWS launch partner for security AWS Security Hub security launch partner AWS Lambda layers security launch partner 2018 2018 AWS Control Tower security launch partner 2021 Amazon Inspector security launch partner 2021 Amazon GuardDuty security launch partner 2017 AWS Fargate security launch partner 2017 PERFECT AWS PARTNER FIT
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security is a shared responsibility in the cloud 50% of surveyed customers view security as “top concern” slowing journey to cloud State of Cloud Native Security Report, 2022 Responsible for security of the cloud AWS Hubs Switches Routers Hypervisor Data Center Resource Configurations Users & Credentials Networks Hosts, Containers, Functions Data Responsible for security in the cloud Customers
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. What do they have in common?
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automated Cloud-Native Security Across Architectures Each technology offers different benefits and different security challenges Virtual Machines Containers Containers as-a-Service On-Demand Containers Serverless AWS Lambda AWS Fargate Amazon EKS Amazon ECS Amazon EC2
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud: Defining the Cloud-Native Application Protection Platform (CNAPP) A single user experience to secure cloud infrastructure, apps, identities, networks, and data Centralized policy management, auditing, and protection (no point solutions) Full lifecycle security code to cloud for infrastructure and apps Identify vulnerabilities and misconfigurations, and integrate with code repos, CI tools, CD workflows, and runtime Unified agentless host protection with agent-based protection for hosts, containers, and serverless Vulnerability management, compliance, and runtime protection Integrated with SecOps tools to address issues and alerts Security posture dashboards and results to SIEM, SOAR, or ChatOps
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Cloud-Native Application Protection Platform (CNAPP) PURPOSE-BUILT FOR AWS Cloud Security Posture Management Cloud Workload Protection Cloud Network Security Cloud Identity Security Cloud Code Security Monitor and secure cloud networks, enforce micro- segmentation Enforce permissions and secure identities across clouds Secure hosts, containers, and serverless with single agent Monitor posture, detect and respond to threats, maintain compliance Secure app artifacts, analyze code, and fix issues Full Application Lifecycle Secure applications across AWS (build-deploy-run)
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Delivering cloud security at the largest scale SECURITY AT SCALE 4B+ Assets protected 2M+ Workloads protected 700B+ Weekly cloud events processed 1 G2000 is the Forbes Global 2000 Companies; 2 Customers active per Q1 FY22 Earnings Call 3Forrester Wave for Cloud Workload Security; 4 2021 GigaOm Radar for Vulnerability Management; 5 2021 GigaOm Radar for Developer Security Tools 6 Gartner Hype Cycle for Cloud Security, 2021 SECURING GLOBAL CUSTOMERS 1800+ Total customers RECOGNIZED BY OUR USERS TOP ANALYST VALIDATIONS ●Forrester Wave™ for CWS3 Leader in Cloud Workload Security ●GigaOm Vulnerability Management Radar4 Leader and Outperformer ●GigaOm Developer Security Tools Radar5 Leader and Fast Mover ●Gartner 2021 Hype Cycle6 Included 7 market categories PeerSpot #1 Rank ∙ Cloud Workload Security ∙ Microsegmentation ∙ CSPM ∙ CNAPP
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Software Ecosystem SoniKube Hill AFB, UT ● F-16 Kessel Run Boston, MA ● AOC ● F-35 ● ABMS Blue Sky Warner Robins, GA ● 402nd SWEG BESPIN Montgomery, AL ● PEO BES LevelUP San Antonio, TX ● Unified Platform Thunder CAMP Oklahoma City, OK ● 76th SWEG Rogue Blue Omaha, NE ● STRATCOM Space CAMP Colorado Springs, CO ● Space Force Platform One Colorado Springs, CO ● JAIC ● Army Cyber ● AEGIS ● F-35 ● ABMS Ski CAMP Hill AFB, UT ● GBSD Kobayashi Maru Los Angeles, CA ● SMC Corsair Ranch Tuscon, AZ TRON Oahu, HI ● PACOM Conjure Scott AFB, IL ● 375th Scorpion CAMP Oklahoma City, OK Hangar 18 Dayton, OH Red 5 Langley, VA N2X Pathfinder Colorado Springs, CO ● NORAD
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud DoD Use Case Examples USAF Platform One ● Prisma Cloud prominent security component in DoD Enterprise DevSecOps (DSOP) Platform One initiative ● Prisma Cloud images available for any DoD entity inside the Iron Bank (DoD Centralized Artifacts Repository ~ DCAR) ● Prisma Cloud secures cloud apps for Navy onboard NAVSEA’s Cloud In a Box Initiative (fully functional on-ship cloud) JAIC (Joint Artificial Intelligence Center) ● Prisma Cloud secures the entire DevSecOps process for JAIC and the DoD AI Center of Excellence which builds AI and ML for DoD. DISA (Defense Information Systems Agency) – Joint Regional Security Stacks ● Prisma Cloud delivers compliance, vulnerability, and malware scans in Defense Container DoD central artifact repository (DCARS)
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Continuous Authority to Operate (cATO) DOD cATO memo dated 2/3/2022: “cATO represents a challenging but necessary enhancement of our cyber risk approach in order to accelerate innovation while outpacing expanding cybersecurity threats.” Authorizing Official (AO) requires demonstration of three competencies: 1. On-going visibility of key cybersecurity activities inside of the system boundary with a robust continuous monitoring of RMF controls 2. Ability to conduct active cyber defense in response to cyber threats in real time 3. Adoption and use of an approved DevSecOps reference design
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies “On-going visibility of key cybersecurity activities inside of the system boundary with a robust continuous monitoring of RMF controls.” ● Continuous monitoring for “drift” in ATO-identified controls, non-compliance alerting, and anomaly detection at runtime ● Events mapped to ATT&CK framework in ATT&CK Explorer for threat context ● Machine learning and heuristics help to efficiently analyze events ● Option to analyze within Incident Explorer ● Live Forensic details to help threat remediation
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies (Active Cyber Defense) ● Intelligence Stream (IS) Real-time vulnerability & threat data ● Advanced Threat Protection (ATP) Runtime defense ● App-Specific Intelligence Detect runtime anomalies ● ATT&CK Explorer Correlated real-time view of TTPs ● Vulnerability Explorer Correlation and prioritization ● Machine Learning & Heuristics Automated detection & analysis ● WAAS & Virtual Patching Rapid response “Ability to conduct active cyber defense in order to respond to cyber threats in real time.”
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies (Supply Chain Security) ● IaC Security Embed security into popular IDEs, version control systems, and CI/CD tools ● Container Vulnerability Assessments Protect against misconfigurations in containers and ensure image integrity ● Image Analysis Sandbox Dynamically analyze runtime behavior of images before deployment ● Identity & Access Management (IAM) Govern identity and access to your supply chain and source code “Adoption and use of an approved DevSecOps reference design.”
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud by Palo Alto Networks: Resources ● Visit The Palo Alto Networks Showcase Booth Live product demonstrations and answers ● Prisma Cloud Datasheet for AWS paloaltonetworks.com/prisma/environments/aws ● Prisma Cloud for AWS Demo youtube.com/watch?v=rTH8y3fiW5s ● Forrester: Total Economic Impact of Prisma Cloud paloaltonetworks.com/prisma/forrester-tei-study-prisma-cloud-2021 ● Visit Palo Alto Networks in the AWS Marketplace
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Any questions? We have answers!
Thank you! © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Rajeev Karamchedu rkaramchedu@paloaltonetworks.com Matt Lamb mlamb@paloaltonetworks.com
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please complete the session survey in the mobile app Android iOS

Empfohlen

Secure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on SecuritySecure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on SecurityAmazon Web Services
 
Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...
Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...
Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...Amazon Web Services
 
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Amazon Web Services
 
Meeting Enterprise Security Requirements with AWS Native Security Services (S...
Meeting Enterprise Security Requirements with AWS Native Security Services (S...Meeting Enterprise Security Requirements with AWS Native Security Services (S...
Meeting Enterprise Security Requirements with AWS Native Security Services (S...Amazon Web Services
 
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018Amazon Web Services
 
Accelerating Your Cloud Innovation
Accelerating Your Cloud InnovationAccelerating Your Cloud Innovation
Accelerating Your Cloud InnovationAmazon Web Services
 
Implementing Governance as Code
Implementing Governance as CodeImplementing Governance as Code
Implementing Governance as CodeAmazon Web Services
 
Underrated AWS Security Controls ~ AWS Atlanta Summit 2022
Underrated AWS Security Controls ~ AWS Atlanta Summit 2022Underrated AWS Security Controls ~ AWS Atlanta Summit 2022
Underrated AWS Security Controls ~ AWS Atlanta Summit 2022Teri Radichel
 

Empfohlen

Secure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on SecuritySecure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on SecurityAmazon Web Services
 
Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...
Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...
Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...Amazon Web Services
 
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Amazon Web Services
 
Meeting Enterprise Security Requirements with AWS Native Security Services (S...
Meeting Enterprise Security Requirements with AWS Native Security Services (S...Meeting Enterprise Security Requirements with AWS Native Security Services (S...
Meeting Enterprise Security Requirements with AWS Native Security Services (S...Amazon Web Services
 
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018Amazon Web Services
 
Accelerating Your Cloud Innovation
Accelerating Your Cloud InnovationAccelerating Your Cloud Innovation
Accelerating Your Cloud InnovationAmazon Web Services
 
Implementing Governance as Code
Implementing Governance as CodeImplementing Governance as Code
Implementing Governance as CodeAmazon Web Services
 
Underrated AWS Security Controls ~ AWS Atlanta Summit 2022
Underrated AWS Security Controls ~ AWS Atlanta Summit 2022Underrated AWS Security Controls ~ AWS Atlanta Summit 2022
Underrated AWS Security Controls ~ AWS Atlanta Summit 2022Teri Radichel
 
Security@Scale
Security@ScaleSecurity@Scale
Security@ScaleAmazon Web Services
 
Hybrid Cloud on AWS
Hybrid Cloud on AWSHybrid Cloud on AWS
Hybrid Cloud on AWSTom Laszewski
 
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security Designs
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security DesignsAWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security Designs
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security DesignsAmazon Web Services
 
State of the Union: Networking
State of the Union: NetworkingState of the Union: Networking
State of the Union: NetworkingAmazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...How FINRA achieves DevOps agility while securing its AWS environments - GRC33...
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...Amazon Web Services
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Cynthia Hsieh
 
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)Amazon Web Services
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudAmazon Web Services
 
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)Amazon Web Services
 
Managing Security on AWS
Managing Security on AWSManaging Security on AWS
Managing Security on AWSAmazon Web Services
 
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...Amazon Web Services
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
 
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesAmazon Web Services
 
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...HostedbyConfluent
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
Cybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionCybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionAmazon Web Services
 
Managing Enterprise security in the Cloud
Managing Enterprise security in the CloudManaging Enterprise security in the Cloud
Managing Enterprise security in the CloudAmazon Web Services
 
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Amazon Web Services
 
Lock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountLock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountAmazon Web Services
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 

Weitere ähnliche Inhalte

Ähnlich wie SEC302-S-143971-Session-Presentation.7e95c642838da923e9d66db6fde28eef1554e4b8.pptx

AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security Designs
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security DesignsAWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security Designs
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security DesignsAmazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...How FINRA achieves DevOps agility while securing its AWS environments - GRC33...
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...Amazon Web Services
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Cynthia Hsieh
 
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)Amazon Web Services
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudAmazon Web Services
 
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)Amazon Web Services
 
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...Amazon Web Services
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
 
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesAmazon Web Services
 
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...HostedbyConfluent
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
Cybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionCybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionAmazon Web Services
 
Managing Enterprise security in the Cloud
Managing Enterprise security in the CloudManaging Enterprise security in the Cloud
Managing Enterprise security in the CloudAmazon Web Services
 
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Amazon Web Services
 
Lock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountLock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountAmazon Web Services
 

Ähnlich wie SEC302-S-143971-Session-Presentation.7e95c642838da923e9d66db6fde28eef1554e4b8.pptx (20)

Security@Scale
Security@ScaleSecurity@Scale
Security@Scale
 
Hybrid Cloud on AWS
Hybrid Cloud on AWSHybrid Cloud on AWS
Hybrid Cloud on AWS
 
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security Designs
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security DesignsAWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security Designs
AWS FSI Symposium 2017 NYC - 9 Cloud Enabled Security Designs
 
State of the Union: Networking
State of the Union: NetworkingState of the Union: Networking
State of the Union: Networking
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
 
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...How FINRA achieves DevOps agility while securing its AWS environments - GRC33...
How FINRA achieves DevOps agility while securing its AWS environments - GRC33...
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020
 
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloud
 
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
 
Managing Security on AWS
Managing Security on AWSManaging Security on AWS
Managing Security on AWS
 
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
 
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated Industries
 
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...
Building Real-Time Serverless Data Applications With Joseph Morais and Adam W...
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 
Cybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionCybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud Adoption
 
Managing Enterprise security in the Cloud
Managing Enterprise security in the CloudManaging Enterprise security in the Cloud
Managing Enterprise security in the Cloud
 
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...
 
Lock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS AccountLock It Down: How to Secure Your Organization's AWS Account
Lock It Down: How to Secure Your Organization's AWS Account
 

Kürzlich hochgeladen

Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...ranjana rawat
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 

Kürzlich hochgeladen (20)

Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 

SEC302-S-143971-Session-Presentation.7e95c642838da923e9d66db6fde28eef1554e4b8.pptx

  • 1. W A S H I N G T O N , D C | M A Y 2 3 - 2 5 , 2 0 2 2
  • 2. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure your mission-critical applications with cloud-native security S P O N S O R E D B Y P R I S M A C L O U D B Y P A L O A L T O N E T W O R K S Rajeev Karamchedu S E C 3 0 2 - S Prisma Cloud Security Specialist, National Security Programs Palo Alto Networks
  • 3. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. “Security must be job zero.” Andy Jassy
  • 4. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is fully integrated and best of breed, offering complete protection for AWS FULLY INTEGRATED WITH AWS Network Security Deliver advanced network and threat protection (NGFWs) on AWS Cloud Security Secure any tech stack and any application components running on AWS SOC Security Automate incident response to eliminate manual work and speed response All flagship Palo Alto Networks cloud security products integrate with AWS
  • 5. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is fully integrated and best of breed, offering complete protection for AWS FULLY INTEGRATED WITH AWS Protection Strata NGFWs Findings Cortex XSOAR Security Hub AWS Fargate Embedded Lambda Function Amazon ECS Container Amazon EC2 Kernel Amazon EKS Pod / Node Defenders Amazon EC2 Agentless CNAPP
  • 6. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Palo Alto Networks is an Advanced Technology Partner and ISV Accelerate Partner with AWS PERFECT AWS PARTNER FIT AWS Competencies ●Security ISV Competency ●Containers ISV Competency ●DevOps ISV Competency ●Networking ISV Competency AWS Programs ●APN Customer Engagement ●Marketplace Seller + Containers Anywhere ●Public Sector Partner ●ISV Accelerate ●SaaS Revenue Recognition ●Outpost Ready Validation AWS Service Integrations ●Monitoring ○ GuardDuty ○ Security Hub ○ Amazon Inspector ○ FireLens ○ Amazon S3 ○ Amazon SQS ○ AWS Control Tower ●Compute ○ Amazon EC2 ○ Amazon ECS ○ Amazon EKS ○ Amazon ECR ○ Lambda ○ Fargate ○ Bottlerocket ○ App Mesh ○ VMware Cloud ●CI/CD ○ CodePipeline ○ CodeDeploy ○ CloudFormation ●Incident Response ○ ACM ○ Access Analyzer ○ Athena ○ CloudTrail ○ CloudWatch ○ DynamoDB ○ Detective ○ IAM ○ Network Firewall ○ Route 53
  • 7. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud by Palo Alto Networks is a committed, historical AWS launch partner for security AWS Security Hub security launch partner AWS Lambda layers security launch partner 2018 2018 AWS Control Tower security launch partner 2021 Amazon Inspector security launch partner 2021 Amazon GuardDuty security launch partner 2017 AWS Fargate security launch partner 2017 PERFECT AWS PARTNER FIT
  • 8. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security is a shared responsibility in the cloud 50% of surveyed customers view security as “top concern” slowing journey to cloud State of Cloud Native Security Report, 2022 Responsible for security of the cloud AWS Hubs Switches Routers Hypervisor Data Center Resource Configurations Users & Credentials Networks Hosts, Containers, Functions Data Responsible for security in the cloud Customers
  • 9. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. What do they have in common?
  • 10. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 11. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automated Cloud-Native Security Across Architectures Each technology offers different benefits and different security challenges Virtual Machines Containers Containers as-a-Service On-Demand Containers Serverless AWS Lambda AWS Fargate Amazon EKS Amazon ECS Amazon EC2
  • 12. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud: Defining the Cloud-Native Application Protection Platform (CNAPP) A single user experience to secure cloud infrastructure, apps, identities, networks, and data Centralized policy management, auditing, and protection (no point solutions) Full lifecycle security code to cloud for infrastructure and apps Identify vulnerabilities and misconfigurations, and integrate with code repos, CI tools, CD workflows, and runtime Unified agentless host protection with agent-based protection for hosts, containers, and serverless Vulnerability management, compliance, and runtime protection Integrated with SecOps tools to address issues and alerts Security posture dashboards and results to SIEM, SOAR, or ChatOps
  • 13. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Cloud-Native Application Protection Platform (CNAPP) PURPOSE-BUILT FOR AWS Cloud Security Posture Management Cloud Workload Protection Cloud Network Security Cloud Identity Security Cloud Code Security Monitor and secure cloud networks, enforce micro- segmentation Enforce permissions and secure identities across clouds Secure hosts, containers, and serverless with single agent Monitor posture, detect and respond to threats, maintain compliance Secure app artifacts, analyze code, and fix issues Full Application Lifecycle Secure applications across AWS (build-deploy-run)
  • 14. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Delivering cloud security at the largest scale SECURITY AT SCALE 4B+ Assets protected 2M+ Workloads protected 700B+ Weekly cloud events processed 1 G2000 is the Forbes Global 2000 Companies; 2 Customers active per Q1 FY22 Earnings Call 3Forrester Wave for Cloud Workload Security; 4 2021 GigaOm Radar for Vulnerability Management; 5 2021 GigaOm Radar for Developer Security Tools 6 Gartner Hype Cycle for Cloud Security, 2021 SECURING GLOBAL CUSTOMERS 1800+ Total customers RECOGNIZED BY OUR USERS TOP ANALYST VALIDATIONS ●Forrester Wave™ for CWS3 Leader in Cloud Workload Security ●GigaOm Vulnerability Management Radar4 Leader and Outperformer ●GigaOm Developer Security Tools Radar5 Leader and Fast Mover ●Gartner 2021 Hype Cycle6 Included 7 market categories PeerSpot #1 Rank ∙ Cloud Workload Security ∙ Microsegmentation ∙ CSPM ∙ CNAPP
  • 15. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Software Ecosystem SoniKube Hill AFB, UT ● F-16 Kessel Run Boston, MA ● AOC ● F-35 ● ABMS Blue Sky Warner Robins, GA ● 402nd SWEG BESPIN Montgomery, AL ● PEO BES LevelUP San Antonio, TX ● Unified Platform Thunder CAMP Oklahoma City, OK ● 76th SWEG Rogue Blue Omaha, NE ● STRATCOM Space CAMP Colorado Springs, CO ● Space Force Platform One Colorado Springs, CO ● JAIC ● Army Cyber ● AEGIS ● F-35 ● ABMS Ski CAMP Hill AFB, UT ● GBSD Kobayashi Maru Los Angeles, CA ● SMC Corsair Ranch Tuscon, AZ TRON Oahu, HI ● PACOM Conjure Scott AFB, IL ● 375th Scorpion CAMP Oklahoma City, OK Hangar 18 Dayton, OH Red 5 Langley, VA N2X Pathfinder Colorado Springs, CO ● NORAD
  • 16. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud DoD Use Case Examples USAF Platform One ● Prisma Cloud prominent security component in DoD Enterprise DevSecOps (DSOP) Platform One initiative ● Prisma Cloud images available for any DoD entity inside the Iron Bank (DoD Centralized Artifacts Repository ~ DCAR) ● Prisma Cloud secures cloud apps for Navy onboard NAVSEA’s Cloud In a Box Initiative (fully functional on-ship cloud) JAIC (Joint Artificial Intelligence Center) ● Prisma Cloud secures the entire DevSecOps process for JAIC and the DoD AI Center of Excellence which builds AI and ML for DoD. DISA (Defense Information Systems Agency) – Joint Regional Security Stacks ● Prisma Cloud delivers compliance, vulnerability, and malware scans in Defense Container DoD central artifact repository (DCARS)
  • 17. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud Continuous Authority to Operate (cATO) DOD cATO memo dated 2/3/2022: “cATO represents a challenging but necessary enhancement of our cyber risk approach in order to accelerate innovation while outpacing expanding cybersecurity threats.” Authorizing Official (AO) requires demonstration of three competencies: 1. On-going visibility of key cybersecurity activities inside of the system boundary with a robust continuous monitoring of RMF controls 2. Ability to conduct active cyber defense in response to cyber threats in real time 3. Adoption and use of an approved DevSecOps reference design
  • 18. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies “On-going visibility of key cybersecurity activities inside of the system boundary with a robust continuous monitoring of RMF controls.” ● Continuous monitoring for “drift” in ATO-identified controls, non-compliance alerting, and anomaly detection at runtime ● Events mapped to ATT&CK framework in ATT&CK Explorer for threat context ● Machine learning and heuristics help to efficiently analyze events ● Option to analyze within Incident Explorer ● Live Forensic details to help threat remediation
  • 19. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies (Active Cyber Defense) ● Intelligence Stream (IS) Real-time vulnerability & threat data ● Advanced Threat Protection (ATP) Runtime defense ● App-Specific Intelligence Detect runtime anomalies ● ATT&CK Explorer Correlated real-time view of TTPs ● Vulnerability Explorer Correlation and prioritization ● Machine Learning & Heuristics Automated detection & analysis ● WAAS & Virtual Patching Rapid response “Ability to conduct active cyber defense in order to respond to cyber threats in real time.”
  • 20. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud cATO Competencies (Supply Chain Security) ● IaC Security Embed security into popular IDEs, version control systems, and CI/CD tools ● Container Vulnerability Assessments Protect against misconfigurations in containers and ensure image integrity ● Image Analysis Sandbox Dynamically analyze runtime behavior of images before deployment ● Identity & Access Management (IAM) Govern identity and access to your supply chain and source code “Adoption and use of an approved DevSecOps reference design.”
  • 21. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prisma Cloud by Palo Alto Networks: Resources ● Visit The Palo Alto Networks Showcase Booth Live product demonstrations and answers ● Prisma Cloud Datasheet for AWS paloaltonetworks.com/prisma/environments/aws ● Prisma Cloud for AWS Demo youtube.com/watch?v=rTH8y3fiW5s ● Forrester: Total Economic Impact of Prisma Cloud paloaltonetworks.com/prisma/forrester-tei-study-prisma-cloud-2021 ● Visit Palo Alto Networks in the AWS Marketplace
  • 22. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Any questions? We have answers!
  • 23. Thank you! © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Rajeev Karamchedu rkaramchedu@paloaltonetworks.com Matt Lamb mlamb@paloaltonetworks.com
  • 24. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please complete the session survey in the mobile app Android iOS