Palo Alto Networks Brings Out-Of-Band Web Security To Cloud
Your first thought after reading that headline was probably my very first question. What exactly is “Out-of-Band” security? In general, it is an immediate security update in the event of an emergency that is a zero-day catastrophe. For instance, when Microsoft takes a step back and announces a non-Patch-Day fix.
However, it was when Palo Alto Networks (PANW) which is a cloud security service provider announced the inclusion of out-of-band web application security and API security to Prisma Cloud. They’re talking about securing web applications and APIs for security issues that aren’t hosted on their infrastructure. The result? Secure service delivery with no poor performance.
This is huge. One of the web service’s most shady secrets is that when given the option between scalability, performance, as well as security features, security is chosen last or not considered completely External attacks on Web services are a major threat and quite widespread. According to a recent Forrester analysis, 39% of external attacks involve web exploits of applications. This is the most frequent type of attack from outside.
Ankur Shah, PANW Prisma Cloud’s senior vice president, says that, with the Out-of-Band WAAS, “Companies no longer need to choose between performance and security of their applications. We empower customers with a variety of security options that can be adapted to their changing needs for the application.”
This will be done by substituting the inline Web Application Firewalls (WAF) and point API Security tools by Out-of-Band WAAS. It also provides bot protection as well as denial of service (DoS) security. It functions by providing an external service to swiftly check your critical web services without slowing your website performance.
Prisma Cloud also provides enhanced visibility of your infrastructure and workloads, identities, and applications. The goal is to get rid of the security blind spots that exist in multi-cloud and public cloud environments.
It achieves this through the following characteristics:
- Multicloud graph view for Cloud infrastructure Entitlement Management (CIEM): Learn about over-privileged accounts and how to manage the risks of accessing multi-cloud environments. Prisma Cloud now provides a graph of the internet’s permissible permissions that are in place across AWS, Microsoft Azure, and Google Cloud.
- Multicloud Agentless Cloud Workload Protection: Increase insight into cloud workloads as well as the risks associated with applications throughout Azure as well as Google Cloud as well as to AWS and Google Cloud, to enhance existing agent-based security.
- DNS-based Threat Detection: Find a suspicious activity and unusual behavior on cloud platforms. Prisma Cloud Threat Detection now makes use of the power of machine learning (ML) and advanced threat intelligence to find malicious actors hidden inside DNS communications.
- MITRE ATT&CK Alert Prioritization: Security teams can prioritize incidents and risks using the most widely-used industry framework.
Out-of-band WAAS is now available in the Prisma Cloud Compute Edition. It will be available as the Enterprise Edition over the next month.