Web accounts

Palo Alto Adds Out-of-Band Web Application Security Capabilities to Prisma Cloud

Palo Alto Networks announced updates to its Prisma Cloud platform with new out-of-band web application and API (WAAS) security features, as well as new application visibility capabilities. The vendor said the updates are designed to help organizations monitor and secure web applications without affecting performance. The move comes as enterprises continue to expand their use of cloud environments and face demands for managing the complexity of cloud migration, securing applications throughout their lifecycle, and preventing breaches. web application attacks.

Prisma Cloud updates introduce a ‘new approach’ to web application security

In a press release, Palo Alto said the latest version of Prisma Cloud offers a new approach to securing web applications and cloud environments that combines both inline and out-of-band methods. Until now, a primary approach to securing web applications has been to deploy web application firewalls (WAFs) inline, but some organizations are hesitant to introduce WAFs or inline API security solutions to protect web applications. critical or sensitive applications due to performance and scalability issues. said the seller.

“By adding out-of-band WAAS to Prisma Cloud, we’re giving customers flexible security options that meet their evolving application needs,” commented Ankur Shah, senior vice president, Prisma Cloud Products, Palo Alto Networks. . “As more organizations move workloads to the cloud, the features that make up Prisma Cloud help provide simple yet comprehensive protection.”

Deeper Application Visibility Aims to Address Expanding Attack Surface

Palo Alto has also integrated new threat detection, asset inventory and identity management capabilities into its platform to improve application visibility. This is intended to address the expanding attack surface of cloud infrastructure as application usage increases, the company said. These features include:

  • Multi-cloud graphical view for managing cloud infrastructure entitlements across AWS, Microsoft Azure, and Google Cloud for discovering over-privileged accounts and access risks
  • DNS-based threat detection that leverages machine learning and advanced threat intelligence to identify bad actors lurking in DNS traffic
  • MITER ATT&CK alert prioritization to enable security teams to prioritize risks and incidents based on the widely adopted framework

Efficient web application monitoring and business-critical security

With reliance on web applications becoming more prevalent in modern organizations, the ability to monitor and secure them effectively has become essential for businesses. “Web application attacks are the most common cause of breaches, according to Forrester research,” Forrester principal analyst Sandy Carielli told CSO.

“Attackers will pepper web applications with standard application attacks such as the OWASP Top 10, and they will also attempt bot attacks that leverage legitimate business logic. APIs are also subject to a range of attacks. attacks that can lead to data leaks.” Omdia Principal Analyst Rik Turner agrees. “With COVID-19 accelerating digital transformation, organizations’ web applications have become more important than ever. , whether for e-commerce, customer interactions, online education or online administration.As such, they have become even juicier targets than before the pandemic. securing web applications has become a critical capability.

Addressing overprivilege issues in web applications is especially important because many privileges tend to persist even after people leave a company or move on to another project and no longer need access. to a certain asset, Turner adds. The out-of-band approach that Palo Alto introduced also addresses another important element in the web application security equation, he says. “All out-of-band security is designed to minimize the impact of the security tool on the element it protects, i.e. avoiding the additional latency associated with online platforms. This also applies to web applications, as you don’t want to slow down communications between the web front end and the backend servers/applications/databases, so as not to negatively impact the customer experience (CX ).

Security functions must have visibility into application vulnerabilities so that development teams can work to fix them and security teams can protect applications from exploits targeting them until the fix is ​​available, explains Carelli. “No application is perfect and fixes for even the most critical vulnerabilities are not instantaneous. (They require development, testing, etc.). A good example is Log4j. While everyone was working to upgrade their applications’ Log4j libraries, production-side protections were blocking exploit attempts.

Copyright © 2022 IDG Communications, Inc.