Palo Alto Networks Expands Web App and API Security Options

Palo Alto Networks has added an out-of-band option for securing web applications and application programming interfaces (APIs) to its Prisma Cloud service.

In addition, Palo Alto Networks has added an agentless capability for extending Prisma Cloud to the Microsoft Azure and Google Cloud Platform (GCP) that complements its existing agent-based capabilities. Both the agent and agentless capability are already available on Amazon Web Services (AWS).

In addition, Palo Alto Networks has added a Multicloud Graph View for cloud infrastructure entitlement management (CIEM) tool for discovering overprivileged accounts that increase risks to the business in addition to being able to now prioritize risks and incidents based on the MITRE ATT&CK framework.

Finally, Prisma Cloud can now surface malicious activity and anomalous behavior in domain name system (DNS) traffic using machine learning (ML) algorithms and embedded threat intelligence tools.

Ankur Shah, senior vice president for Prisma Cloud at Palo Alto Networks, said the company is making a concerted effort to provide a lighter-weight option for enforcing security policies that has less of an impact on application performance. The tradeoff, of course, is that agents give cybersecurity teams more control over what actions to take should a threat be detected.

In general, reliance on web application firewalls (WAFs) to protect applications is increasing as microservices-based applications become more distributed across an extended enterprise, said Shah. Those capabilities are also becoming more accessible as more organizations opt to employ cloud-native application protection platforms (CNAPPs) that are consolidating capabilities that once required a dedicated security platform to provide, he noted. That approach also has the added benefit of reducing the total cost of cybersecurity, Shah added.

It’s not clear how quickly organizations are shifting away from legacy approaches to cybersecurity that revolved mainly around network firewalls. However, it’s clear that cybersecurity strategies based on protecting a perimeter are giving way to a more layered approach that can be centrally managed via a cloud platform. As the trend continues to evolve, Palo Alto Networks is betting there will soon also be a corresponding consolidation among providers of cybersecurity tools and platforms, said Shah.

Of course, the biggest single cybersecurity challenge remains the rate at which the defensible attack surface is expanding. Cybersecurity teams that are already short-handed are not able to keep pace with the number of applications and platforms being added to enterprise IT environments using legacy tools and frameworks. Cloud-based approaches to cybersecurity make it possible to take advantage of both higher levels of automation and advancements in artificial intelligence (AI) to defend those assets.

Cybercriminals, meanwhile, are making similar investments; so, in effect, organizations are now locked in a cybersecurity arms race. Organizations can’t win that arms race unless they can find a way to benefit from the collective investments made by a cybersecurity vendor on their behalf. The only thing left to decide is how quickly organizations can make that transition before a breach wreaks havoc across the entire enterprise.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 745 posts and counting.See all posts by mike-vizard