Dig Security Rounds Out Palo Alto Networks’ Prisma Cloud Strategy

Dig Security Rounds Out Palo Alto Networks’ Prisma Cloud Strategy

Palo Alto Networks was represented by Vinayak Shastri, Product Line Manager, and Mohit Bhasin, Sr. Product Marketing Manager, at Security Field Day 11. Bhasin and Shastri introduced Palo Alto Networks Prisma Cloud as a cloud-native platform for securing applications, data, and infrastructure. Specifically, core functions include obtaining visibility and control, including identifying and remediating misconfigurations and other vulnerabilities, detecting threats by using machine learning (ML)/artificial intelligence (AI), and ensuring compliance. The vision spans “code to cloud”—that is, security across the application lifecycle, including building, deploying, and running applications.

The objective is to reduce and prevent breaches and to provide insight that IT and security teams can then act on. For example, the solution can identify not only that an EC2 instance is considered vulnerable but also the owner and packet that the EC2 instance came from as well as who is responsible for addressing the vulnerability. It is relevant to note that cloud hosting creates particular challenges when it comes to obtaining visibility into vulnerabilities because it causes data proliferation, increases abstraction of application and infrastructure stacks, and often introduces new microservices-based architectures. Additionally, there are a variety of touchpoints into the data, beyond applications themselves. Another issue is so-called “orphaned snapshots” that are created and subsequently not deleted when they are no longer needed. Identifying who is using valuable and sensitive data, and as a result uncovering if there is a misuse occurring, becomes opaque and challenging.

In support of its efforts to address this challenge, Palo Alto Networks acquired Data Security Posture Management (DSPM) provider Dig Security last year, in 2023. Key capabilities that Dig brings to Palo Alto and its Prisma Cloud include data discovery and classification, and risk assessment. The Dig solution is agentless and proxy-less, and it analyzes cloud logs, backups, and snapshots to discover and classify data.

The Dig technology adds value to Prisma Cloud by providing insight into knowing how to protect the data based on what type of data it is. For example, in addition to uncovering a vulnerability such as misconfigured, overly permissive access controls for an EC2 instance that is exposed to the internet, it could identify whether that EC2 instance is connected to an RDS database containing sensitive data. It also could provide granular visibility into not only whether a web application firewall is connected to sensitive data but specifically whether it has access to the sensitive data. Given that lateral movement, and as a result the spread of attacks, happens via the network, this is important. It is also important because security and IT operations teams are strapped with time, and at the same time face the onslaught of increasingly sophisticated cyberattacks. Anything to help them optimize their time and efforts by pinpointing the most critical vulnerabilities will be invaluable.

Customers should know that the Dig platform historically has focused on cloud-hosted resources, including Amazon Web Services (AWS), Azure, Google Cloud Platform, and Microsoft 365. However, on-premises sources – specifically, NFS arrays – are beginning to be supported, as well. Data classification occurs within the source environment, so that customers do not need to incur egress fees as a part of the data classification process. More than 100 data classifiers are supported, and the customer can create their own, as well.

DSPM is garnering attention and investment. In other notable announcements joining Palo Alto Networks’ acquisition of Dig, data protection and security provider Rubrik acquired Laminar last year, and CrowdStrike, provider of a variety of security solutions including Extended Detection and Response (XDR), announced last month its intention to acquire Flow Security. This activity underscores the business criticality of data, and how much attackers are targeting organizations’ most valuable and sensitive data – creating the need for a more proactive and preventative approach. For its part, Palo Alto Networks will differentiate its approach in the space by emphasizing the ability to protect the entire cloud environment, extending from data and infrastructure to also include code and applications themselves, via its “code to cloud” approach.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other Insights from The Futurum Group:

Rubrik Enhances Protection for Amazon S3 and EKS

Rubrik Files S-1 To Go Public

Rubrik’s AI-Powered Cyber Recovery Minimizes Data Loss and Downtime

Author Information

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately a decade of experience providing research and advisory services and creating thought leadership content, with a focus on IT infrastructure and data management and protection. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data center practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

Krista holds a Bachelor of Arts in English Journalism with a minor in Business Administration from the University of New Hampshire.


Latest Insights:

Kate Woolley, General Manager, Ecosystem at IBM, joins Daniel Newman and Patrick Moorhead on Six Five On The Road to share her insights on the growth of IBM's Partner Plus program and the strategic importance of partnerships in the AI landscape.
Dr. Darío Gil and Rob Thomas from IBM join Daniel Newman and Patrick Moorhead on the Six Five On The Road to share their insights on how IBM's AI initiatives are driving significant transformations and value for enterprises across the globe.
Tina Tarquinio, VP at IBM, joins Steven Dickens to share her insights on leveraging AI with the mainframe to enhance productivity and modernize applications, charting the course for future innovations in IT infrastructure.
New Catchpoint Capability Transforms Internet Performance Monitoring with Its Real-Time, Comprehensive Internet Stack Visualization
Paul Nashawaty, Practice Lead, and Sam Holschuh, Analyst, at The Futurum Group share their insight on how Catchpoint's Internet Stack Map affects IPM by enhancing real-time, comprehensive monitoring capabilities.