With hybrid work well established as the norm for today’s workforce and vast amounts of sensitive data now stored in SaaS apps, the risk of SaaS misconfiguration poses a serious security threat to businesses. Quoting figures from Statista, Palo Alto Networks said that as of 2021 the average business now has over 110 SaaS applications (apps) that must be secured.

Misconfigurations in SaaS (Software-as-a-Service) apps are a common problem. To address this, Palo Alto Networks has released its new innovations in Prisma SASE that enable customers to identify and remediate misconfigurations in SaaS apps using SaaS Security Posture Management (SSPM) capabilities.

“SaaS apps have given organizations the freedom to have their workforce work from wherever they are most productive,” said Anand Oswal, senior vice president, Network Security at Palo Alto Networks. “The vast amounts of sensitive data being created, held, and shared via SaaS applications, however, expose a serious risk of a data breach due to SaaS misconfiguration.”

Palo Alto Networks powers PLDT-Smart’s child protection platform
New ransomware ‘BlackCat’ targets key sectors in PH — Palo Alto Networks

In addition to SSPM, the company announced new ZTNA 2.0 security inspection capabilities, including ML-powered Advanced URL Filtering and Advanced Threat Prevention as well as the industry’s first natively integrated artificial intelligence for IT operations (AIOps) solution for SASE, simplifying networking and security operations for customers.

Powered by Palo Alto Networks Next-Gen CASB, the SaaS Security Posture Management capabilities go beyond CIS and NIST compliance checks and move to comprehensive security, allowing customers to configure security settings for multiple SaaS apps in one location. In an effort to reduce remediation time, SSPM can help fix misconfigurations with a single click and helps prevent configuration drift by allowing users to lock critical security settings in place.

Web-based attacks

The Advanced URL Filtering prevents new, highly evasive phishing attacks, ransomware, and other web-based attacks through inline deep learning, rather than a URL database — preventing 40% more threats and detecting 76% of malicious URLs up to a full day before traditional web filtering solutions.

Provides the only intrusion prevention system (IPS) solution that can stop unknown command-and-control (C2) attacks in real-time — 48% more than other IPS solutions. New capabilities bring security analysis from “offline” to “inline” using machine learning techniques — improving detection rates for zero-day threats without sacrificing performance.

Palo Alto Networks natively integrated AIOps into its secure access service edge to significantly reduce manual operations and enable faster troubleshooting. AIOps for SASE provides automated root cause analysis, rapid problem remediation, and guided best practice adoption. Predictive analytics enable more efficient capacity planning and anomaly detection, preventing business disruptions. A simple query-based interface empowers the IT service desk with automated troubleshooting and changes analysis.

“The world needs a SASE solution that can manage the configuration and security of SaaS applications,” Oswal said. “With today’s Prisma SASE updates, we are significantly strengthening the security posture of SaaS apps through the Palo Alto Networks Next-Gen CASB, which allows customers to easily view and configure security settings for multiple SaaS apps in a single place.”