A CIEM Leader and Outperformer

Mar 20, 2024
4 minutes
... views

GigaOm named Prisma Cloud a Leader in Cloud Security Posture Management (CSPM), Container Security, and now Cloud Infrastructure Entitlement Management (CIEM).

Identity and access management (IAM) in the cloud is challenging. Especially as organizations deal with entitlement sprawl and managing machine identities. GigaOm notes: “CIEM solutions enable organizations to efficiently manage and secure their cloud infrastructure as well as endpoints (devices) that connect to it.”

The CIEM Market is Evolving

CIEM as a category is relatively new, first appearing in 2020 to address the new challenges of managing identities in the cloud. CIEM has become essential for organizations looking to optimize their cloud operations, enhance their security posture and ensure compliance with regulations.

Identities have become a huge attack vector in the cloud and nearly every attack involves a compromised identity. Managing identities in silos however, limits security teams’ ability to see the full breadth of the attack surface and how identity risk can contribute to the larger picture. However, GigaOm notes: “The trend could increasingly move toward platform propositions having CIEM as a component that contributes to a 360° vision of cloud security.” Integrating CIEM into security platforms allows organizations to connect risk across the application lifecycle that form attack paths.

A CIEM Leader and Outperformer

In the inaugural GigaOm Radar for CIEM, Palo Alto Networks was named a Leader for excellent product offering and an Outperformer for strong vision and roadmap. This recognition comes just months after GigaOm named Palo Alto Networks a Leader and Outperformer in the CSPM and container security product categories.

In particular, GigaOm praised Prisma Cloud's Least-Privilege Access Enforcement feature as a standout element that enforces strict access controls to minimize the risk of unauthorized access to sensitive data and resources. This feature helps organizations adhere to the principle of least privilege, a crucial security practice in the world of cloud computing.

Prisma Cloud excelled in the evaluation, receiving "Exceptional" scores (five out of five stars) in three key areas:

  1. Least-Privilege Access Enforcement
  2. Compliance Automation
  3. JIT Privilege Access Management

Five out of five stars in these areas reflect the platform's ability to effectively enforce access controls, automate compliance processes, and grant access privileges only when necessary.

What’s more, Prisma Cloud scored "Superior" ratings (four out of five stars) in seven additional categories, including AI Runtime Policy Enforcement, Advanced Entitlement Detection, Entitlement Policy Definition, Ease of Use, Scalability, Cost, and Ecosystem. These ratings showcase the strength of Prisma Cloud's comprehensive capabilities in securing cloud infrastructures and managing entitlements across the evaluation criteria.

This recognition by GigaOm emphasizes the superiority of Prisma Cloud in the cloud security space and highlights its commitment to providing organizations with robust tools for managing cloud infrastructure entitlements and enhancing their security posture in a rapidly evolving cloud landscape.

Prisma Cloud: The Code to CloudTM CNAPP 

Prisma Cloud: The Code to CloudTM CNAPP

A misconfigured or overly permissive identity by itself doesn’t always represent application risk. CIEM is seamlessly integrated into the Prisma Cloud platform, enabling security teams to correlate findings to prioritize and understand critical risks. Prisma Cloud analyzes misconfigurations, vulnerabilities, public exposures, excessive permissions, exposed secrets, sensitive data, incidents, and more. The platform combines multiple risk factors across identities and cloud assets to visualize interconnected risks and prioritize alerts, helping security teams understand how several configuration mistakes form attack paths.

As the industry’s most comprehensive, cloud-native application protection platform (CNAPP), Prisma Cloud has the broadest security and compliance coverage—for applications, data, and the entire cloud-native technology stack—throughout the development lifecycle and across hybrid and multicloud environments. Our integrated approach enables security operations and DevOps teams to stay agile, collaborate effectively, and accelerate secure cloud-native application development.

Get the Report

If you’d like to learn more, get full access to the 2024 GigaOM Radar for Cloud Infrastructure Entitlement Management.

 

 

 


Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.