A healthcare organization’s journey to securing complex clouds with Prisma Cloud

Vulnerability detection and management

With a vast array of applications and services running, the company needed a reliable system to detect and manage vulnerabilities, especially in Docker images. Vulnerability detection and management were crucial for maintaining the integrity and security of their applications.

Seamless integration with existing systems

The company’s existing DevOps processes and infrastructure demanded a security solution that could integrate seamlessly without disrupting ongoing operations. The integration was a vital requirement for the organization to maintain workflow efficiency and security.

Real-time alerts and rapid response

The ability to receive immediate alerts on security issues and the capacity for quick response and remediation were essential. The company needed a system that could not only identify problems but also facilitate swift resolution.

User-friendly interface and management

Given the scale of the company’s operations, a user-friendly interface for managing the security platform was essential, as it would ensure ease of use and efficiency for the engineering and IT teams.

Scalability and flexibility

As a large enterprise, the healthcare company required a security solution that could scale with its growing and evolving cloud infrastructure. Flexibility in adapting to different environments and requirements was also key.

The company chose Prisma Cloud by Palo Alto Networks for its extensive capabilities in cloud security. The platform was hosted on AWS and supported by a dedicated team, including key personnel like their automation engineer.

Implementation and Impact

Automated monitoring and security

Prisma Cloud enabled the company to monitor the health of its Kubernetes clusters and scan images for vulnerabilities. The platform’s ability to detect and alert on security nonconformances played a crucial role in maintaining the integrity of their cloud infrastructure.

Integration with development processes

Prisma Cloud was integrated into the company’s CI/CD pipelines, enhancing the security of the development process. The CLI tool, a feature of Prisma Cloud, was instrumental in scanning Docker images and identifying vulnerabilities.

Enhanced visibility and control

The company gained improved visibility and control over its cloud environments, regardless of their complexity. Prisma Cloud’s user-friendly interface and easy upgrade process were particularly beneficial.

Efficient alert management

The solution reduced runtime alerts and investigation times, enabling the security team to remediate issues within 20 minutes, down from hours.

Advanced Security Measures

The company uses Prisma Cloud to monitor over 40 AWS accounts for cloud security. Alerts are generated for vulnerabilities, such as unrestricted access to Amazon EC2 instances or publicly enabled AWS EKS cluster endpoints. This proactive approach to security, with alerts based on policy severity, significantly reduces the risk of data breaches.

Container security enhancement

For container security, the company has self-hosted the Prisma Cloud console on the AWS EKS platform. Integrated with their Jenkins pipeline, it scans container images using the CLI utility. This process identifies vulnerabilities against the NVDB database, ensuring secure container images and reducing the risk of breaches.

Measurable outcomes

Prisma Cloud provides full visibility to all cloud assets and simplifies compliance reporting. The alert rules help identify and direct alerts to the appropriate team, saving significant time in segregating alerts and audit reports. The alert remediation steps allow for quick resolution, offering a basic understanding of each alert through detailed descriptions.

User experience and support

The security team found Prisma Cloud to be an effective and user-friendly solution. The technical support from Palo Alto Networks is responsive and helpful, ensuring minimal downtime during issue resolution.