Palo Alto Networks announced new innovations in PrismaSASE that enable customers to identify and remediate misconfigurations in SaaS apps using SaaS Security Posture Management (SSPM) capabilities.
Anand Oswal, Senior Vice President, Network Security at Palo Alto Networks, says, “SaaS apps have given organisations the freedom to have their workforce work from wherever they are most productive.
"The vast amounts of sensitive data being created, held, and shared via SaaS applications, however, expose a serious risk of data breach due to SaaS misconfiguration. Simply put, the world needs a SASE solution that can manage the configuration and security of SaaS applications.
"With today's Prisma SASE updates, we are significantly strengthening the security posture of SaaS apps through the Palo Alto Networks Next-Gen CASB, which allows customers to easily view and configure security settings for multiple SaaS apps in a single place.
In addition to SSPM, the company announced new ZTNA 2.0 security inspection capabilities, including ML-powered Advanced URL Filtering and Advanced Threat Prevention as well as the industry's first natively integrated artificial intelligence for IT operations (AIOps) solution for SASE, simplifying networking and security operations for customers.
The full set of product announcements are:
SaaS Security Posture Management (SSPM): Powered by Palo Alto Networks Next-Gen CASB, the SaaS Security Posture Management capabilities go beyond CIS and NIST compliance checks and move to comprehensive security, allowing customers to configure security settings for multiple SaaS apps in one location.
In an effort to reduce remediation time, SSPM can help fix misconfigurations with a single click and helps prevent configuration drift by allowing users to lock critical security settings in place.
Advanced URL Filtering: Prevents new, highly evasive phishing attacks, ransomware and other web-based attacks through the use of inline deep learning, rather than a URL database preventing 40% more threats and detecting 76% of malicious URLs up to a full day before traditional web filtering solutions.
Advanced Threat Prevention: Provides the only intrusion prevention system (IPS) solution that can stop unknown command-and-control (C2) attacks in real time 48% more than other IPS solutions. New capabilities bring security analysis from offline to inline using machine learning techniques improving detection rates for zero-day threats without sacrificing performance.
AIOps for SASE: Palo Alto Networks natively integrated AIOps into its secure access service edge to significantly reduce manual operations and enable faster troubleshooting. AIOps for SASE provides automated root cause analysis, rapid problem remediation and guided best practice adoption. Predictive analytics enable more efficient capacity planning and anomaly detection, preventing business disruptions. A simple query-based interface empowers the IT service desk with automated troubleshooting and change analysis.
In addition to these software enhancements, Palo Alto Networks is introducing new hardware appliances ION 1200-S and ION 3200 to help organisations modernise their small to midsize branches.
These new appliances include a fully integrated switch and Power over Ethernet (PoE) ports to connect and power endpoints within the local area network. Additionally, integrated WAN capabilities like 5G and LTE on the ION 1200-S and fibre ports on the ION 3200 allow customers to improve WAN availability, performance and speed.
ION 1200-S and ION 3200 can help significantly reduce operational complexity by eliminating multiple point products while providing power redundancy with a built-in dual power supply that ensures network uptime and consistent connectivity.
John Grady, ESG senior analyst, says, “The usage of SaaS applications continues to expand at a faster rate than security teams can keep pace with. As more applications are introduced and ownership becomes distributed across organisations, the risk of misconfigurations grows, which increases the likelihood for security incidents to occur.
"A SASE solution like Prisma SASE by Palo Alto Networks provides a logical consolidation point for all the capabilities needed for complete SaaS security, including SSPM. However, functionality cannot be sacrificed for efficiency."
Palo Alto Networks provides comprehensive SaaS security through its security-focused SSPM capabilities coupled with comprehensive application coverage and a history of analytics-led threat prevention.