Overseeing a massive, ever-changing estate of assets, data, and users.
- Accenture needed widespread, granular visibility into asset inventory, especially given the company’s numerous acquisitions a year.
- As acquisitions integrated, this requirement was especially critical, specifically in identifying vulnerabilities and risks.
- Reliance on scanning only known inventory was not enough.
Surfacing vulnerabilities to strengthen security.
To keep Accenture secure as it acquires numerous companies each year and looks to mitigate risks from unmanaged assets, the Information Security Technology and Operations team has to continuously take inventory and gain a quick understanding of where its vulnerabilities and risks are. Accenture chose Cortex Xpanse for this purpose, and the results have been significant. Over the past year, Xpanse uncovered 850 exposures that vulnerability scanning tools did not detect. “We rely on Xpanse to detect types of exposures that are less traditional,” explains Nathan Stein, senior manager of Security Consulting. “For example, identifying misconfigured devices, and surfacing identity issues like applications without multi-factor authentication.” Stein also appreciates how quickly Xpanse got to work. “It had a high number of out-of-the-box detections that other ASM platforms didn’t,” he says. “It brought forth exposures that we could remediate right away to reduce risk.”
Path to platformization
Attack surface management
Cortex Xpanse
Cloud security
Prisma Cloud
Network security
Next-Generation Firewalls
CDSS
Secure remote access
Prisma Access
“Cortex Xpanse has enabled us to successfully manage our very dynamic internet surface area. Accenture has a lot of moving parts and does a lot of acquisitions, and Xpanse is our technical backstop that ensures we have a full view of all of our technology that’s visible—and therefore exposed to vulnerability exploits—from the public internet. With that information, we can ensure we remediate vulnerabilities as they arrive and keep Accenture’s technology safe.”
Kris Burkhardt
CISO, Accenture
Tanya Drakhlis, managing director of Information Security for Accenture, points to the real-time capabilities of Xpanse: “Because we’re able to get real-time inventory via APIs, we can identify external threats and exposures much faster.” Ultimately, Accenture’s ASM program has been so successful that the company received a 2024 CSO Award, which honors security projects that demonstrate outstanding thought leadership and business value.
-
New feature, more detections
Accenture took advantage of a new Palo Alto Networks® offering: Attack Surface Testing, which was designed to identify and confirm vulnerabilities with greater confidence than with traditional Xpanse scans. When Accenture enabled Attack Surface Testing, the new capability immediately identified and confirmed three externally facing vulnerabilities. After remediating them, Accenture then used Attack Surface Testing once again to confirm exposures were no longer present.
-
Keeping the cloud compliant
Accenture implemented a cloud-first strategy, and today, Accenture IT infrastructure runs in the hybrid cloud. As it moved on-prem assets to the cloud, the company needed a way to measure compliance—and chose Prisma Cloud for the task. Drakhlis’s team set up an integration between Cortex Xpanse and Prisma Cloud, where Xpanse discovers and tracks exposed, unmanaged cloud assets while Prisma Cloud monitors all managed assets. The integration provides a high level of certainty not only about compliance but also inventory. “When vulnerabilities are detected, we know they’re ours,” Drakhlis says. “We don’t have to go through and verify attribution as we do with some of our other assets.”
“Palo Alto Networks enabled Accenture to go from 20 controls to 330, helping manage our security estate of 70,000 workloads, 13,000 cloud accounts, and 47 million cloud objects.”
Tanya Drakhlis
Managing Director, Information Security, Accenture
-
Command central for firewalls
Accenture also adopted Palo Alto Networks firewalls, with built-in threat detection, malware protection, URL filtering, and application-aware rules. Drakhlis cites Panorama as a major benefit. “Having central management for firewalls has been absolutely instrumental,” she reflects. “At the time of implementation, other vendors didn’t have the same quality of central management systems that allow you to manage policies and implement upgrades.”
-
Closing a network vulnerability
At a massive global company, secure remote access is paramount. Rather than remain with its on-prem remote access system, Accenture made the switch to the cloud-delivered Prisma Access both because it closed a vulnerability gap and because it was simple to onboard with Palo Alto Networks NGFWs already in place. “It gives us a lot of flexibility, having a SaaS provider for a remote access solution,” Drakhlis reports. “Prisma Access comes with a lot less management overhead than having on-prem remote access systems.” Prisma Access also enables a Data Processing Agreement (DPA) use case, which allows Accenture consultants who work on multiple projects to switch personas, provisioning the appropriate security policies and IP address as they do.
-
Building a platform, step-by-step
When Accenture selected Xpanse for attack surface management, the solution’s integration with Prisma Cloud was a key factor. “Other vendors did not have the same integration capabilities,” Drakhlis points out. “Having products from the same company on the same platform is super-important to us.” Standardizing key security solutions on the Palo Alto Networks platform, together with what Burkhardt refers to as the “strong, 360-degree partnership with Palo Alto Networks,” has significantly strengthened Accenture’s security posture.
“Palo Alto Networks is a trusted, reliable partner for our needs. They’ve helped us reduce our security risks due to exposures and unmanaged inventory.”
Nathan Stein
Senior Manager, Security Consulting, Accenture
share this story
