Public Cloud Security and Automated Incident Response - Palo Alto

1 Launch
Solution Overview
Cloud security operations today is a formidable enterprise. Security organizations have invested in many best-of-breed technologies that while having independent value, create silos of visibility and generate too many alerts to manage. These disjointed tools also create complexity and latency in the investigation and response process, making it difficult for analysts to quickly understand context, determine root cause and identify the criticality of an incident. Security analysts must manually correlate data across systems, tools, and teams to respond to threats in their environment, leading to long investigation and response times, not to mention frustrated resources. 

This lab will walk you through a multicloud security management platform from Palo Alto. The Prisma Cloud and Demisto product are highlighted here, demonstrating cloud management and automated incident response.

Cloud security does not have to be complicated. In this lab, we'll walk you through some common scenarios and show you how to create and see a cloud incident all the way to remediation. 

This lab uses the Palo Alto Prisma Cloud and Palo Alto Demisto product lines to accomplish this.

Goals & Objectives

In this lab, your objective is to see how to remediate cloud compliance issues both manually and through automation

You will essentially be kicking off a Terraform script that will build a cloud environment. The cloud environment will have misconfigurations created and have the Palo Alto Prisma Cloud and Demisto products take action on these misconfigurations. 

Hardware & Software

  • AWS Enviroment
  • Terraform
  • Palo Alto Prisma Cloud
  • Palo Alto Demisto