Palo Alto Networks has announced an update to its Prisma Cloud Cloud Security Posture Management tool, called True Internet Exposure, which is designed to expand network visibility and help reduce the number of security alerts sent to DevSecOps teams, according to SearchITOperations.
Forwarding all policy violation notifications to DevSecOps, as is commonly done in large enterprises, runs the risk of exhausting the developers and making them less able to respond to urgent requests, said Prisma Cloud Senior Vice President of Products and Engineering Varun Badwhar.
True Internet Exposure attempts to trim down the number of policy violation alerts received by developers to instances that are most likely to be shown as valid threats by taking machine learning evaluation of cloud network paths and comparing them against security policy rules. The update also added several other new features, including an expansion to the scope of the data exfiltration detection feature to cover a larger set of metadata compared to past versions, including audit logs, network flow logs and threat intelligence data, and a feature that allows detection of irregular compute resource provisioning states, which typically signify cryptojacking attempts by Bitcoin miners.
Forwarding all policy violation notifications to DevSecOps, as is commonly done in large enterprises, runs the risk of exhausting the developers and making them less able to respond to urgent requests, said Prisma Cloud Senior Vice President of Products and Engineering Varun Badwhar.
True Internet Exposure attempts to trim down the number of policy violation alerts received by developers to instances that are most likely to be shown as valid threats by taking machine learning evaluation of cloud network paths and comparing them against security policy rules. The update also added several other new features, including an expansion to the scope of the data exfiltration detection feature to cover a larger set of metadata compared to past versions, including audit logs, network flow logs and threat intelligence data, and a feature that allows detection of irregular compute resource provisioning states, which typically signify cryptojacking attempts by Bitcoin miners.
