- Cloud Security Platform
- By Use Case
Prisma is Palo Alto Network’s broad code-to-cloud platform designed for securing workloads from their creation in the development pipeline onwards. Strategically, it extends their original network perimeter security approach, emphasizing perimeter defense, behavior monitoring, and workload vulnerability patching. Prisma integrates seamlessly with Palo Alto’s portfolio of products, making it a viable option for existing Palo Alto customers.
In contrast, Sonrai Security’s solution is purpose-built for the running cloud, emphasizing remediation of attack paths to sensitive data. Sonrai treats identity as the main medium of lateral movement, with an “inside-out” approach to protect sensitive data first and then build security strategy outwards towards the perimeter.
Effective cloud security starts with understanding what sensitive data and applications are most critical to your business. The Sonrai Cloud Security Platform starts with data discovery, classification and segmentation of environments (sandbox vs. production) and builds a robust security program for your entire running cloud – focused on securing the attack paths to your business-critical sensitive data and applications.
In contrast, Prisma Cloud lacks visibility into your sensitive data beyond base services like AWS S3 and Azure Blob, and treats all applications the same – regardless of environment. As a result, much of your valuable assets in the cloud go unclassified, and therefore, are not prioritized for risk identification and mitigation based on their level of business criticality.
The Sonrai Solution has patented analytics that dig deep into your cloud to fully understand effective permissions – who really has access to what. Looking beyond directly attached permissions, Sonrai’s analysis includes boundary conditions, privilege escalation and cross-account access.
In comparison, Prisma Cloud focuses only on directly attached permissions – significantly limiting visibility and resulting in false
positives/negatives when determining identity access permissions.
Risk prioritization and contextual understanding is core to the Sonrai Solution. All findings are centrally prioritized based on the criticality of the risk, sensitivity of the data, and environment. The integrated solution then provides the context for remediation – allowing security teams to focus on maximizing cloud risk reduction with limited time.
Prisma Cloud is a broad solution consisting of several siloed products, which makes centralized prioritization difficult, and results in numerous alerts all of equal importance – leaving security teams challenged to focus on what matters.
|Public Cloud Environments||Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure||Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure|
|Identity, Access and Permissions Visibility||More than 40,000 permissions analyzed including boundary conditions and nested groups||Directly attached permissions|
|Identification of Identity Cloud Risks||Overprivileged identities, privilege escalation (e.g. sandbox to prod), cross-account and cross-cloud access.||Overprivileged identities|
|Detection of Threats||Detection of unusual access, change in permissions & potential access, unusual behavior and changes in risky configurations||Unusual identity activity based on pattern matching from activity history|
|Remediation Automation||Automated prevention and remediation bots, escalations, CLI and console instructions||CLI and console instructions|
|Centralized Platform||One integrated platform with tools for security platform configuration, workloads, data and identities||A multi-product solution with separate tools for platform configuration, vulnerabilities and identities lacking a unified view of cloud risk|
|Deployment||Agentless, read-only access deployment||Agents required for full visibility and risk analysis|
“Sonrai is one of the leaders in this space, both from a product maturity perspective, and the thought leadership.”
“Sonrai offers full visibility into effective permissions and the identity chain – giving my team value insight to identify, root cause and remediate identity risks.”
See the Sonrai technology in action with a comprehensive view of where your cloud identity
risks are - delivered in just 24 hours. This comprehensive report includes specific next steps
and is a valuable opportunity to compare findings from other solutions.