Americans Want to Protect Their Information, But Unsure Where to Start

A brand new paid survey from Palo Alto Systems and YouGov reveals that Americans continue to be unclear about what it really means safe on the web, despite a wish to discover security guidelines. Data demonstrated that 66% of american citizens believe they’re already doing all they are able to to avoid losing their information, yet only 27% always make an effort to verify the identity of the unknown sender when receiving an e-mail - that is generally referred to as top threat vector for attackers.

Palo Alto Systems partnered with YouGov and Dr. Jessica Barker, a specialist within the human instinct of cybersecurity, to poll over 1,300 Americans to understand more about human behavior as it requires cybersecurity. The discrepancy between consumers’ thought that they’re already doing all they are able to to remain safe, despite the absence of security understanding, highlights a significant requirement for companies to complete more to have their customers protected and educated.

Other key findings include:

• Gap between responsibility and action: 62% of american citizens feel they must be accountable for the safety of the private data, yet only 24% indicated they operate a computer scan his or her first reaction after getting together with a hyperlink they feel to become malicious.
• Insufficient security education: 28% of american citizens say they've never took part in cybersecurity training, and 16% admit to participating only annually.
• Readiness to understand: 47% of american citizens think learning more about the things they can perform to safeguard their and themselves families online will make them feel safer.

“The fact we have made tremendous strides when it comes to cybersecurity technology today, when compared with once the internet was youthful, doesn't get people free for general online safety,” stated Ron Howard, chief security guard at Palo Alto Systems. “This idea is much like vehicle safety. Technologies have improved mightily to enhance the security of driving modern cars, but motorists still need to stick to the posted speed limit and put on their safety belts. For cybersecurity, individuals are unsure how you can put on their cyber safety belts, and companies should dedicate sources to educating and training their workforce in security guidelines.”

The internet study also polled individuals EMEA, South america, and Canada.

Typically, approximately one fourth (26%) from the greater than 10,000 EMEA adults surveyed prefer their cybersecurity to become managed by AI as opposed to a human. Italia has got the most confidence in counting on AI (38%), whilst in the United kingdom only 21% of individuals prefer AI over humans to safeguard their digital method of existence.

Inside a poll in excess of 1,000 Brazilian adults, 52% prefer cybersecurity to become managed by artificial intelligence (AI) as opposed to a human. Furthermore, 62% cut back time fretting about their data security because of cybersecurity technology.

Inside a poll in excess of 1,000 Canadian adults, greater than two-thirds (66%) stated they use the same degree of security across all their personal devices (e.g., Computers, laptops, smartphones, tablets), and most half (56%) feel they’re doing all they are able to to avoid losing their information.

“Trust is really essential in cybersecurity. People wish to be positively involved in better protecting themselves online, plus they embrace technology that supports them within this. The understanding acquired may then be used in other parts of their lives, most significantly, work,” stated Dr. Jessica Barker.

At any given time when cybersecurity and privacy are in the centre of crucial technological, economic, and political debates, it's more essential than ever before that customers learn to stay secure. Companies everywhere happen to be walking up efforts to leverage artificial intelligence and machine understanding how to automate their security processes, but humans remain a vital vulnerability. For consumers and companies to remain secure, organizations overall have to step-up and educate their workers in cybersecurity.

A More Secure Everywhere. From Containers to Serverless and Beyond

Today is definitely an exciting day for Palo Alto Systems and it is customers once we complete our purchase of Twistlock. Adding Twistlock further strengthens our abilities in cloud security and can help customers accelerate their journey towards the cloud with consistent and comprehensive security across public, private and hybrid cloud deployments. This really is hot from the heels in our purchase of PureSec, an innovator in protecting serverless applications.

Most contemporary applications utilize a mixture of platform like a service (PaaS), VMs, serverless along with other sources provided by cloud providers. The acquisitions of Twistlock and PureSec further advance Prisma leadership in cloud security by supplying customers having a comprehensive group of security protections over the entire continuum of cloud workloads.

With Twistlock and PureSec area of the Prisma cloud security suite, customers may benefit from all of these abilities:

1. Twistlock, the best choice in container security, brings vulnerability management, compliance and runtime defense for cloud-native applications and workloads.
2. PureSec empowers enterprises to embrace serverless technologies, for example AWS Lambda, Google Cloud Functions, Azure Functions and IBM Cloud Functions, without compromising on security, visibility and governance.

Current Twistlock Customers Still Reap the safety Benefits

If you are a person of Twistlock’s stand-alone offering, you’ll still get the industry’s leading container security abilities for the company with similar concentrate on simplicity, innovation and effectiveness. We’ll continue to purchase this offering, and also the team will stay underneath the direction of Twistlock co-founder and Chief executive officer, Ben Bernstein. With time, you will see more payoff for your investment once we integrate Twistlock into Prisma and supply the largest and many consistent security abilities across private and public clouds.

Prisma™ by Palo Alto Systems - including best-in-class abilities from Twistlock and PureSec - may be the industry’s most satisfactory cloud security offering for today and tomorrow. It offers unparalleled visibility into data, assets and risks within the cloud consistently safeguards access, data and applications without compromises enables agility and speed as organizations embrace the cloud and reduces operational complexity and price having a significantly simple architecture.

It doesn't matter how your company is benefiting from the cloud, Prisma safeguards your finish-to-finish cloud journey:

• Secure Access: Make the most of secure accessibility cloud from branch offices as well as for mobile users in almost any place in the world without compromising the consumer experience.
• Secure SaaS: Gather data protection, governance and compliance to securely enable SaaS application adoption.
• Secure Public Cloud: Get continuous security monitoring, compliance validation and cloud storage security abilities across multi-cloud environments. Plus, simplify security operations through effective threat protections enhanced with comprehensive cloud context.
• VM-Series Virtualized Next-Generation Firewall: Embedding the VM-Series inside your database integration existence cycle to enhance native security services can prevent loss of data and business disruption, allowing your public cloud migration to accelerate.

A Far More Secure Everywhere

We’re excited to include Twistlock’s and PureSec’s technologies to the cloud security suite and welcome two exceptional teams that bring additional cloud expertise to Palo Alto Systems.

How Western Asset Management Is Mitigating Cloud Threats

Banking, investment management and FinTech have constantly committed to technology upgrades, data analytics and differentiated product choices within an more and more competitive and evolving investment landscape. A current Accenture survey found 90% of banking respondents proclaiming that cloud enables and accelerates innovative adoption. Of individuals surveyed, 60% say cloud-based entrants will challenge traditional companies shackled through the limitations of the on-premises agility, storage, and computing abilities.

Western Asset Management (WAM) is presently exceeding expectations regarding innovation inside a highly competitive market. The “active” investment management industry that WAM services involves constantly managed funds and portfolios, time-sensitive transactions and decision-making based on fast-altering market conditions. With a number of options available, clients expect compressed charges with regards to managing their cash.

By embracing an agile development process and moving DevOps towards the cloud, WAM’s application delivery continues to be transformed for application deployment and product. Several years ago, when the risk management team desired to develop and test new risk models or algorithms, groups of hardware, networking also it sources will have to be scheduled. Now, within the cloud, instances could be spun up in the push of the mouse, and sandbox environments for testing purposes could be produced and destroyed instantly before pushing to production.

Managing security, risk and regulatory compliance can be tough within an agile, dynamic cloud atmosphere. Western Asset Management’s DevOps and security teams accepted the competitive challenges, understanding the requirement for a properly-architected, cloud-native security solution.

We lately sitting lower with David Pace, who accounts for Global Information Security at Western Asset Management (WAM), a set-earnings investment firm as well as an independent affiliate of Legg Mason, managing funds exceeding $420 billion across nine offices worldwide. The difficulties they faced being an organization moving towards the cloud were eliminating risks, discovering when users misconfigured cloud sources, and alerting for threats on the network-level within their public cloud atmosphere.

The first deployment of Prisma Public Cloud (formerly RedLock) gave WAM immediate understanding of their environments, for example identifying administrator accounts without multi-factor authentication (MFA) enabled. They could better approach cloud peace of mind in a competent, scalable manner. Rather of counting on outdated manual ways of getting log data into systems to evaluate, they are able to now depend on Prisma Public Cloud to recognize, prioritize and pinpoint where risks exist and mitigate them as quickly as possible.

Pace and the team discovered three major benefits throughout their look at Prisma Public Cloud:

• Effective security governance abilities
• Out-of-the-box compliance and auditing features
• Unparalleled network visibility

His team presently has visibility to their entire cloud infrastructure, letting them see and recognize threats which are targeting their cloud atmosphere in the outdoors, in addition to threats that could be via inside their cloud atmosphere heading out. Pace presently has a 360° look at his atmosphere in a single centralized interface where he and the team can run reports in addition to issue and process alerts in tangible-time for you to remediate any problems that may arise.

“Our senior IT management has the arrogance now within our cloud team having the ability to leverage Prisma Public Cloud for that compliance, security governance, auditing and network visibility that people get. The Return on investment just been immense - allowing our business to operate faster, and much more efficiently by leveraging new cloud services - that previously we might not have had the ability to secure correctly.” - David Pace, Global Information Security at WAM

WAM’s future plans with Prisma Public Cloud are mainly centered on expanding the combination across multiple cloud platforms. Initially deployed on AWS, WAM’s DevOps teams intend to expand to Microsoft Azure and Google Cloud Platform. Getting the opportunity to leverage Prisma Public Cloud across their multi-cloud atmosphere can give Pace and the team one holistic view regarding what’s happening and assist them to precisely assess risk.

For organizations moving towards the cloud or searching to consider cloud-computing technologies, Pace recommends leveraging an item for example Prisma Public Cloud that gives visibility to their cloud atmosphere for comprehensive user auditing, compliance reporting, and identification of dangerous behaviors or misconfigurations. Considering that, organizations can be assured their public cloud environments feel at ease. With Prisma Public Cloud, users will gain actionable insights, combined with the confidence that any threats that could promote themselves could be pinpointed and remediated rapidly.

Principles to Selecting the Right Cloud Security Solution

I lately had the chance to talk with Palo Alto Systems Senior Director of Worldwide Public Cloud Security SEs, Allan Kristensen, who brings 15  experience building impressive solutions engineering (SE) teams. The Palo Alto Systems SE team has firsthand understanding from the unique and various cloud security challenges that potential customers are searching to resolve.

According to my conversation with Allan, listed here are seven essential concepts to help you while you evaluate and pick the best cloud security offering for the multi-cloud environments, spanning AWS, Azure, and Google Cloud Platform.

Principle One: Multi-cloud support - AWS, Azure, and GCP at least

Within our experience, greater than three-quarters in our customers possess a multi-cloud strategy - not initially, but certainly lower the street. Knowing that, it’s vital that you pick a solution that may span clouds and deliver truly integrated multi-cloud support - having a centralized approach that seamlessly unifies visibility across all of your cloud environments today and later on.

Principle Two: 100% SaaS-based and API driven - no agents or proxies

One HundredPercent API-based SaaS option would be the only method you are able to effectively manage the dynamic, distributed nature of cloud environments. Our experience implies that customers attempting to leverage agent or proxy-based point products introduce considerable friction and finish track of security blind spots. There's way too much overhead, risk, and manual work needed to deploy and keep non-API based products.

Principle Three: Continuous resource discovery

You cannot safeguard that which you can’t see. It’s vital that you pick a solution that continuously monitors and dynamically finds out your cloud sources, for example virtual machines, database instances, storage buckets, users, access keys, security groups, systems, gateways, snapshots, and much more. A centralized and auto-updating inventory that displays the safety and compliance status of each and every deployed resource is foundational for any truly effective cloud security strategy.

Principle Four: Automated resource monitoring

Essential is the solution’s capability to instantly apply robust security policies and quickly remediate misconfigurations to make sure adherence for your corporate-defined security policies. These abilities must take care of all of the key risk vectors inside your cloud environments, including:

• Configuration checks: Recent research from Unit 42 highlights that 32% of organizations openly uncovered a minumum of one cloud storage service. Configuration checks help ensure any deployed cloud resource is correctly configured and within defined guardrails in addition it's not necessary any configuration drift across your AWS, Azure, and GCP public cloud environments
• Network activities: Exactly the same Unit 42 research also implies that 11% of organizations presently have cryptojacking activities within their environments. To make sure you have total visibility into suspicious network traffic and activities, your selected solution must have the ability to continuously monitor your cloud environments. It isn't enough to simply have configuration and compliance checks in position, since these is only going to let you know so what can fail, not what's going wrong.
• User and access key monitoring: Unit 42 data also signifies 29% of organizations experienced potential account compromises, which could not just result in loss of data but additionally losing control, and eventually confidence inside your cloud environments. User behavior analytics (UBA) along with other machine learning (ML)-based abilities might help identify sneaky activities, for example hijacked credentials. These abilities help customers search for and alert on anomalous activities. Without UBA, it’s extremely difficult to identify sophisticated attacks over time.

Host vulnerability and threat recognition monitoring: It’s vital that you pick a cloud security offering that may correlate and contextualize threat and vulnerability data from organizations.

How to Help SOC Analysts Fight ‘Alert Fatigue’

Palo Alto Systems survey data implies that SOC analysts is only able to handle 14% of alerts generated by security tools. Considering IDC data showing that many alerts are false positives,[1] the outcomes are foreseeable: Alerts get overlooked, analysts spend your time chasing false leads, and actual threats get missed.

Beyond initial prevention, most security tools are made to perform one key function: create and react to alerts. Servers create alerts. Routers create alerts. Firewalls create alerts. Anti-virus tools create alerts. Security teams will frequently setup alert-only policies - instead of block policies - for potentially dangerous processes the company uses regularly.

The hopeful assumption is the fact that analysts will review and catch any suspicious behavior according to individuals alerts. However this strategy falls apart rapidly when analysts begin to receive a large number of low-fidelity alerts each day. It’s worse these alerts originate from siloed security tools that offer little-to-no context about what’s really happening.

Alert fatigue reduction listing

When we eliminate alert-generating sensors and systems, we create security blind spots - yet an excessive amount of details are badly as no information whatsoever. We have to use technology in smarter methods to help solve problems without creating brand new ones. We still alerts, but we want better alerts. What this means is embracing the next concepts when thinking about your tools and procedures:

1. Automation

First, organizations can greatly enhance their alert triage process using automation. Palo Alto Systems believes that Tier 1 (alert triage) security operations can and really should be automated using SOAR technologies, designed to use predefined playbooks to automate response actions. For alert triage, these actions include analyzing a reminder, updating a situation if it is a known issue, opening a situation whether it isn’t a known issue, after which triaging the seriousness of the aware of send it for an analyst. Automating this method greatly reduces the amount of alerts analysts must react to, allowing analysts to invest their energy investigating issues instead of looking at logs.

2. Data stitching

Next, security teams has to start prioritizing integrated tools over siloed ones if they would like to improve visibility. For those who have seven different tools, each searching in a specific slice of the security infrastructure without speaking to one another, the various tools won’t have the ability to provide context that can help with threat hunting and investigations. You will not determine if a number of actions that appear benign by themselves are really being performed inside a sequence that could indicate an foe is in your body. Alternatively, you might spend an hour or so tracking a bit of adware and spyware that snuck past your EPP only to discover it had become blocked from your firewall.

A burglar platform with integrated abilities enables for much greater insight. Cortex Data Lake, for instance, connects endpoint, cloud, and network data together. This integration between security components provides Cortex XDR with the advantage of more enriched telemetry data (for faster analysis and threat hunting) and tainted alerts (to bar actions connected with past malicious behavior).

3. Machine learning

Finally, an EDR tool must have machine learning abilities that let it recognize patterns therefore it can learn and improve. Your EDR should tap into your (hopefully integrated!) data sources to carry on to refine its algorithms for generating high-fidelity, prioritized, specific alerts.

Cortex XDR delivers smarter detections

Cortex XDR has shown it offers the greatest mixture of high-fidelity alerts, what are most helpful for identifying threats, in addition to enriched, correlated telemetry logs for analysis and threat hunting. These kinds of alerts might help organizations stem the ton of false positives so their analysts can concentrate on investigating real threats.

An evaluation of EDR tools using realistic attack emulations in the APT 3 group with the MITRE ATT&CK lately discovered that Cortex XDR and Traps detected probably the most attack techniques of 10 endpoint recognition and response vendors. This evaluation provided among the industry’s first open and objective assessments from the true function and gratifaction from the EDR marketplace.

Using its default configuration throughout the MITRE test, Cortex XDR generated 20 realtime, specific alerts and 82 enriched telemetry logs. Inside a real deployment, customers can provide Cortex XDR much more visibility and context in to the behavior of potential threat actors by connecting additional network and cloud sensors into Cortex Data Lake. Which will further reduce false positives and improve identification of malicious behavior that could otherwise appear benign.

Three Tips for Breaking into the Cybersecurity Industry

There is a perception you need to have a lot of cybersecurity experience and know-ways to get into this industry. However, the truth is different, which perception could be release. After experience within the tech industry, I began my which you may in cybersecurity captured. Here’s what I’ve learned on my small journey to date.

#1: Be curious and a balanced view

I've dual levels in financial aspects and biochemistry, and my career continues to be largely centered on business planning and technique for products. While Palo Alto Systems have been on my small radar for a while, I had been unsure if it might be a healthy because cybersecurity would be a new frontier for me personally. Being curious and keeping a balanced view are concepts I’ve resided by, and just what I learned throughout the procedure is the fact that cybersecurity isn’t just for individuals well experienced within the field. Rather, diversity of understanding, disciplines, and skills is welcomed and needed!

I met a wide variety of individuals from a wide variety of backgrounds. Speaking together helped me understand that this can be a mission-driven company and when you question the established order and are curious about making the planet a much safer place, there's an chance for you.

#2: Be bold and consider the worldwide impact

Standing on the InfoSec team at Palo Alto Systems has gave me a distinctive experience because I’m personally driven by our pursuit to improve our way of life within the digital age. Nowadays, this news highlights cybercrimes every day. With two youthful kids, I constantly consider how you can encourage myself along with other parents to educate their children to become safer online. At Palo Alto Systems, our mission impacts everyday lives. It’s not only about protecting companies and our digital information. Cybersecurity surrounds us. Working at Palo Alto Systems, many of us are linked to this mission and every action we take - each job we all do aligns towards the problem of “why.” It’s a unifying mission that builds a more powerful company, from both an item perspective along with a team perspective.

Being a member of the larger picture using the ultimate objective of helping people is exactly what drives me.

#3: Embrace change and also the chance ahead

As our digital lives be complex, the difficulties we're searching to resolve are altering. Every facet of our lives, and exactly how we communicate, has changed a lot in the last couple of many continuously achieve this. It’s becoming clearer that there's a substantial and legit requirement for cybersecurity to maintain. That’s why is seo so dynamic and the like a distinctive chance.

Cybersecurity continues to be a comparatively new and greenfield space. The difficulties are continually evolving, and also the solutions to those complex challenges are waiting to become discovered by experts within and outdoors of the profession. It’s likely to have a diverse group of backgrounds to tackle this. This market is ripe for chance.

Two Weapons to Help U.S. Govt Combat Cyberthreats

Federal agencies face a conundrum: Those are the targets of relentless cyberattacks yet lack enough skilled personnel to combat them. Condition-affiliated actors, responsible in excess of 1 / 2 of public administration data breaches1 combine never-before-seen adware and spyware along with other strategies to infiltrate agencies and steal data or disrupt operations. With lots of a large number of new threats produced every single day,2 agencies have a problem maintaining.

Advanced threat prevention (ATP) products were designed to combat new threats. Regrettably, procuring, installing, configuring, and managing additional hardware introduces additional time and operational overhead. As threats rise in number and variety, agencies must undertake pricey, time-consuming deployments making architectural or operational changes to help keep pace.

This is where the very first weapon, cloud-delivered services, might help. Cloud-delivered adware and spyware analysis and prevention offers quick deployment, easy configuration, global visibility, and auto-scaling as threats increase. Palo Alto Systems just announced the foremost and only cloud-delivered adware and spyware prevention service approved to be used for that U.S. government. WildFire adware and spyware prevention service, offered like a subscription with Palo Alto Systems next-generation firewalls, has become Federal Risk and Authorization Management Program (FedRAMP) approved. What this means is U.S. federal agencies can release capital and operating expenses formerly employed for purchasing, deploying, and managing on-premises threat recognition and analysis hardware while making certain data privacy and availability through security controls that meet stringent needs.

WildFire combines cloud delivery having a second weapon-automation-to identify and stop both highly targeted and blanket attacks from impacting agencies. U.S. government departments take advantage of:

Quick prevention: WildFire leverages real-time data in the industry’s largest global threat discussing community and keep agency information private. A collection of complementary analysis engines uses machine learning along with other advanced abilities to uncover never-before-seen threats. If WildFire identifies a brand new threat, it instantly creates and delivers protections against that threat to network, endpoint, and cloud sensors in as couple of as 5 minutes after discovey all over the world. Cloud-based detonation chambers scale with demand, supplying faster identification and distribution of recent countermeasures.

Efficient security operations: WildFire constantly and instantly creates and delivers protections to counter the most recent threats-no humans needed. These automated protections lead to less occasions per analyst hour (EPAH) for brief-staffed InfoSec and network teams. WildFire also saves SOC teams time with detailed understanding of identified threats, indicators of compromise, and just how these were blocked across traffic and protocols.

Reduced cyber risk: Using more than 29,000 customers all over the world adding sample files and URLs, WildFire can safeguard agencies from threats prior to the agencies ever discover their whereabouts. Agencies may also never miss an update or exhaust analysis capacity.

4 Practical Steps for ‘Shift Left’ Security

Forever of contemporary computing, security has largely been divorced from software development. Recent vulnerability research confirms this. Take into account that in the last 5 years, in the printed vulnerabilities, 76% were from applications. With all this radical transfer of attacker focus, it’s time for you to embed security with development. The easiest method to have this done would be to implement a shift-left security strategy.

Defining shift-left security

In the simplest terms, “shift left” security is moving security towards the earliest possible reason for the event process. Modern CI/CD typically involves an eight-step process as proven in Figure 1 below. Many security teams only become active in the concluding steps of operations and monitoring. Take into account that shift-left security will work for reducing not just cyber risk but additionally cost. The Machine Sciences Institute at IBM discovered that addressing security issues in design was six occasions less expensive than during implementation. Exactly the same study also discovered that addressing security issues during testing might be 15 occasions costlier.

Being intentional about embedding peace of mind in all these steps begins with a clearly defined strategy.

Step One: Define your shift-left security strategy

The initial step associated with a journey would be to define where you want to go. Don't underestimate the strength of a concisely (ideally one-page) written strategy document. It is advisable to define what shift-left means inside your organization. This really is about painting probably the most vivid picture feasible for your teams so that they understand what success appears like. Key products to incorporate in this document are vision, possession/responsibility, milestones, and metrics. Expect the process document to mature with time out on another spend over our limits time attempting to perfect it. Iteration with time is important.

Step Two: Understand how and where software programs are produced inside your organization

Possibly probably the most challenging facets of shifting security left is first obtaining a handle on where and how software programs are produced inside your organization. With respect to the size your organization, this might vary wildly from simple to very challenging. This task is important since the finish outcome is what enables the safety team to know where they are able to really move security nearer to development. Large organizations which have not carried out this method will probably spend a couple of several weeks digging and taking development teams to lunch (food always appears to operate) when geography permits. Oftentimes, development is outsourced to multiple vendors, that will require additional work and often contract reviews. Medium and small-sized organizations will discover this task relatively straightforward but equally rewarding.

The aim of this task would be to start looking organization-wide and document the general flow of software inside your company. Medium to large organizations may wish to start in the macro level after which drill into individual sections. It's highly likely that every business unit may have its very own software development process and tools. Key products to recognize within this phase include who's developing code (people), the way it flows from development laptops to production (process), and which systems they're using to allow the procedure (technology). It can possibly be known as the CI/CD toolchain. Unquestionably, your main software development has been completed in the general public cloud.

Step Three: Identify and implement security quality guardrails

Quality assurance happens to be area of the software development lifecycle. However, software quality hasn't in the past incorporated security. This must change, and also the work done in the last steps will arm you to get this done. All the software development process is definitely an chance to provide feedback to check out security issues. The very best security teams begin small. They arm development teams with easy and effective tools that end up part of the daily development routine. One particular tool was lately open-sourced by Palo Alto Systems, meaning it's free of charge.

Step Four: Assess and continuously train development teams in secure coding

Developers clearly understand how to code, but will they understand how to get it done safely? A part of your trip to shifting security left is to make sure that individuals that do nearly all your coding create secure code to begin with. This really is hard to do for those who have no objective way of measuring where their skills stand today with no intend to improve them constantly with time. Considering that in a single survey, 19% of developers stated these were not really acquainted with the OWASP Top Ten, it is really an area that shouldn't be overlooked. Further underscoring this time would be a recent survey printed by DevOps company GitLab, which discovered that 70% of programmers are anticipated to create secure code, only 25% think their organization’s security practices are “good.” If perhaps 25% of developers feel by doing this, security teams have lots of try to do in this region.

What shift-left security appears like

Let’s take a look at two scenarios where we’ve simplified development into build, deploy, and run phases. In Scenario No. 1, development starts without security. Software quality is just checked during runtime. This frequently leads to an uneasy conversation between security and development when vulnerabilities are located.

Applying Zero Trust to Google Cloud Environments

At Palo Alto Networks, we’ve been helping our customers make a dramatic, transformative shift on how they approach security. This journey is not just about the implementation of technologies, but rather a change in the very philosophy on what security is and how it should be designed across the enterprise.

In the past, the traditional perimeter model for security was based on fortifying the demarcation between trusted and untrusted areas of your network. The convention presumed that your users and applications were in the trusted parts, and the internet and threats were in the untrusted parts. This model is fundamentally broken today. Mobile workforces and cloud applications are not inside the trusted part of the network. The model is also broken because it cannot stop a threat actor that is operating within the trusted network. Furthermore, even with the separation between network boundaries in place, conventional port and protocol security lacks the granularity to enable applications and stop attacks from passing back and forth anyway.

The right philosophy should challenge the notion of trust in the first place, and implement the necessary controls to enforce least-privileged access – in other words, Zero Trust. For example, never presume something to be trustworthy. Build enabling policies based on the context of the user and application, rather than trying to block everything you don’t want. Don’t presume a file is safe just because it’s not known to be bad. With Zero Trust, we drive policy to enable what is allowed, rather than try to identify every possible permutation of what isn’t.

Toward this end, we have developed a tremendous number of important technologies to establish complete visibility, reduce the attack surface, prevent known attacks, and detect and prevent unknown attacks. Four real-time capabilities at the core of the Palo Alto Networks Security Operating Platform are App-ID, which classifies and identifies applications and functions; User-ID, which automatically assigns identity to otherwise anonymous network flows; Host Protection, which provides device posture and exploit and malware prevention; and Content-ID, which performs inspection of content, in order to detect and prevent malicious actions. All of this rich context is made available to be leveraged in our customers’ security policy and decision-making process.

As part of our customers’ journey to the cloud, we believe that the same Zero Trust philosophy toward security is mandatory, whether that means building their own applications in the cloud with IaaS and PaaS services or consuming pre-built cloud applications through SaaS. Google shares many of the same beliefs, as implemented in BeyondCorp, a framework for securing apps and infrastructure based on the principles of Zero Trust.

We are announcing our commitment to work together with Google to develop integration that makes the implementation of secure cloud applications easier. With respect to BeyondCorp, we believe that our mutual customers will benefit from the integration to address implementation challenges with identifying users, maintaining consistent policy, protecting data and enforcing threat prevention across a diverse landscape of users, workloads and devices.

How does this help secure Google Cloud APIs?

The various DevOps teams within your organization are building Google Cloud applications and interacting with a number of Google Cloud APIs. You want to have the granularity to make sure that every team member has access to the APIs that they need, without having to provide unnecessary levels of access to the most sensitive APIs if it isn’t necessary. Contextual information helps drive policy because the level of access that a person needs may be driven by their individual responsibilities, their role in the organization, or even the device that they use. This is the classic least-privilege problem because you can reduce the attack surface area by limiting access based on context, as long as that context information is available.

The intersection of identity (based on user/device characteristics) and the enforcement of access control policy has traditionally been done at the time of authentication. We believe that working together, we can do better than that. If we can limit access so that unauthorized users never get the chance to make an unauthorized API request in the first place, we can cut the attack surface area, mitigate the risk of credential abuse, and reduce the security alerts for failed authentication. This is possible by working together to integrate our identity/device technologies, and we believe it will significantly improve the overall security of the operating environment.

How does this help secure G Suite?

At Palo Alto Networks, we have been relentlessly focused on building protections for applications and data in the cloud. We have taken innovative approaches toward SaaS applications, in particular, being at the forefront of integrating CASB API protections for data security with our platform for inline security. Our customers are using our platform to identify risks, mitigate threats and protect data across the broad landscape of SaaS applications in use in the enterprise today.

Productivity applications such as G Suite are used by nearly everyone within the organization, and as such, they are accessed by an extremely diverse spectrum of employees and contractors, using a mix of devices that may or may not be owned by the organization. By integrating Palo Alto Networks protections for SaaS applications with G Suite, we can build out the user/device context that drives BeyondCorp policy decisions for access. Employees with managed devices get immediate, full access to their applications, while contractors on non-compliant devices receive different levels of access. Again, by working together so that we can exchange context, while also incorporating our threat and data protection, we can help our customers deploy G Suite securely to all employees.

How does this help secure apps on GCP?

The principles of using contextual access and threat prevention together should be consistently applied from the data center to the cloud, without skipping a beat. We know that different app developers and organizations have different ideas about how they approach security, and that consistent, contextual protection is often hard to achieve. By working together with Google, we want to make sure that, as organizations move their applications from the data center to the cloud, the user experience remains the same and consistently safe, regardless of where the user is located. For users on managed devices, only the authorized user with a compliant device can access the application (whether in the data center, cloud or SaaS). For users on unmanaged devices, we enable access to the application without bringing the device on network, thus maintaining a least-privileged architecture without disrupting business.

Palo Alto Networks Completes Acquisition of RedLock

Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, announced today that it has completed its acquisition of RedLock Inc., a cloud threat defense company. For Palo Alto Networks, the transaction will extend its cloud security leadership.  

"With the combination of RedLock and our existing cloud security offerings, we are well-positioned to solve our customers' most difficult challenges of securing a mobile workforce, protecting the public cloud and stopping advanced threats," said Nikesh Arora, CEO of Palo Alto Networks. "Since announcing the transaction, our integration planning teams have been working to combine the strengths of both companies in an effort to bring an integrated offering to market quickly."

Palo Alto Networks already provides a broad security offering for multi-cloud environments with inline, host-based and API-based security, bolstered by the acquisition of Evident.io in March 2018. The company currently serves more than 6,000 cloud customers globally with its cloud security portfolio that includes VM-Series next-generation firewall, Aperture, Evident, and GlobalProtect cloud service.

Palo Alto Networks will combine the Evident and RedLock technologies to provide customers with cloud security analytics, advanced threat detection, continuous security, and compliance monitoring in a single offering anticipated early next year. The company expects that the new offering will allow security teams to respond faster to the most critical threats by replacing manual investigations with automated, real-time remediation and reports that highlight an organization's cloud risks.

Palo Alto Networks paid approximately $173 million in cash, excluding purchase price adjustments, to acquire RedLock.

About Palo Alto Networks

We are the global cybersecurity leader, known for always challenging the security status quo. Our mission is to protect our way of life in the digital age by preventing successful cyberattacks. This has given us the privilege of safely enabling tens of thousands of organizations and their customers. Our pioneering Security Operating Platform emboldens their digital transformation with continuous innovation that seizes the latest breakthroughs in security, automation, and analytics. By delivering a true platform and empowering a growing ecosystem of change-makers like us, we provide highly effective and innovative cybersecurity across clouds, networks, and mobile devices.

Palo Alto Networks and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.