Single cloud environment, alert fatigue, and compliance requirements call for a cloud platform.
At this major finance and insurance company, there was a major push to move to the cloud. The move to the cloud was mainly motivated by a combination of the following: reduction in legacy cost of maintaining conventional data centers, greater mobility of access, and the flexibility of being able to use platform-as-a-service (PaaS) applications on demand. As such, the organization was looking for a tool to monitor the cloud. As there was a range of tools in the market providing various types of monitoring ranging from configuration monitoring, cybersecurity monitoring, alert monitoring, and such, a third party was hired to compare and shortlist the solutions.
What began as a compliance and governance requirement expanded into image and container security management. The customer presented a rare case of an (almost) exclusively single cloud service provider user, and Prisma Cloud was deployed in the face of Azure-supplied native security tooling.
A primary challenge that needed to be addressed was the extensive visibility delivered with Prisma Cloud, which in turn, can produce significant alerting noise. The organization wanted to maintain tight control of its alerting volumes through proactive policy management.
The Cloud security team had the following requirements:
- Deploy a solution for an (almost) exclusively single cloud service provider.
- Reduction of alerting noise.
- Visibility of the entire environment and workloads.
- Support during troubleshooting.
Consolidation of multiple sites; policy management to control alert fatigue with Prisma Cloud.
The customer was an early adopter of Prisma Cloud in the region, using it for CSPM across the ASEAN region. They consolidated multiple sites into a single tenant for a shared single pane of glass across the region.
According to the Cloud Security and Operations Manager, in order to overcome the challenge of alert fatigue, the customer closely worked with the Palo Alto Networks team and set in place strong internal controls defining how the cloud accounts of each account will be adopted into Prisma. With this policy management strategy, they were able to control the flow of alerts and have never had to encounter alert fatigue, allowing them to channel actionable intelligence to their response team.
A refined compliance and governance framework has helped the customer maintain compliance across their Azure workloads. Selective management of policies and workflows has created a smooth internal process for maintaining cloud security posture.
"The biggest value of using Prisma Cloud for us was the birds eye view of our entire environment and the thousands of workloads. From a compliance perspective, we can quickly log in to view everything from a single dashboard, which is pretty difficult to achieve if we use other tools. We have made sure that we maximize the utility we get from the tool."
– Cloud Security and Operations Manager
Eliminated blind spots and facilitated ease of reporting
For this leading finance and insurance company, having visibility of their entire environment in a single dashboard provided the most benefit to them. This enabled them to identify and remediate any configuration or compliance issues in a timely manner. In addition, Prisma Cloud also enables ease of reporting to senior management to reassure them that CSPM is performing to expectations.
Risk prioritization and remediation
By deploying a strict internal control strategy, the organization gained more visibility without alert fatigue. With proactive policy management and Prisma Cloud, the organization was able to maintain tight control of its alerting volumes and channel actionable intelligence to the response team.
Increase in workload protection
The customer has moved from one cloud account monitored for misconfigurations to protecting workloads across SE Asia. These include workloads from 15–20 regional sites in different countries, maintained and reported upon centrally.
Continuous compliance monitoring and ease of configuration management
Prisma Cloud supports more than 70 compliance frameworks out of the box, including PCI DSS and CIS benchmarks. This helped the organization remove the burden of manually mapping cloud configurations to required compliance requirements, which vary depending on the location of various sites. If anything in their cloud environment did not pass compliance checks, then Prisma Cloud provided actionable feedback on how to remediate issues.
Superior compliance and better governance
With Prisma Cloud, the organization has achieved 99.52% compliance, a significant improvement from its previous compliance posture. This is no mean feat, as the Cloud Security and Operations Manager continually reiterates that this is “very difficult to achieve.” The team has confidence that Prisma Cloud will continue to help them achieve and maintain a high level of compliance.
"The support that we have received from the Palo Alto Networks team is unrivaled. Beyond receiving a timely response to any query or issue, the customer success team is also extremely helpful when troubleshooting."
– Cloud Security and Operations Manager
The partnership between the customer and Palo Alto Networks is one of collaboration. The organization and Palo Alto Networks are continually working together to gather feedback in order to drive feature upgrades that are requested by existing clients. As such, the client values the relationship and collaboration and regards Palo Alto Networks as one of its trusted partners.
Share this story
