When analyzing network traffic, identifying anomalies and incidents becomes faster and easier by using the new Prisma Cloud network capability.
Network investigation is a vital component of a security monitoring and investigation platform, as it provides valuable insights into how assets communicate with each other.
By analyzing the network traffic, security teams can get a better understanding of what’s happening within the existing boundaries and identify what kind of traffic leaves the network. This intel helps teams to gain an understanding of the risks involved and take necessary steps to mitigate them.
Configuration and vulnerability data, on their own, can’t provide a complete view of what's happening in a cloud environment. VPC Flow Logs are crucial, as they capture detailed information about sources and destinations.
To support network traffic analysis, Prisma Cloud ingests VPC Flow Logs from cloud service providers and studies them for network incident and anomaly detection, such as cryptomining and port scan activities.
Prisma Cloud then uses this information to detect and alert potential security incidents that can’t otherwise be identified. Through the use of VPC Flow Logs, organizations can identify malicious activity and quickly respond to security incidents. This, in turn, can help them to improve their overall security posture and ensure that they’re well-prepared for any potential incidents.
While building the capability to analyze network traffic using VPC Flow Logs, we discovered that how the data is presented and correlated is inextricable to security outcomes. Users can’t afford to spend time on irrelevant events. Their roles require them to quickly pinpoint issues and root causes for incidents that affect their organization.
Addressing the paramount need to visually simplify network analysis and investigation for greater speed, we built a new visualization solution into Prisma Cloud, which combines network and configuration data to bring context into network traffic.
With the newly released Intelligent Network Graph, Prisma Cloud users can immediately answer questions that would otherwise consume valuable time, such as:
The Intelligent Graph connects network traffic with asset configuration to automatically build a two-dimensional view that divides traffic into external (traffic coming from/going to IP addresses outside of your cloud accounts) and internal.
The Intelligent Graph also creates a hierarchical structure that puts assets into context of the infrastructure they belong to, which makes it easier for users to pinpoint events happening on important cloud accounts, regions, and VPCs.
Using VPC Flow Logs combined with the Intelligent Graph to investigate network traffic greatly enhances security outcomes. The many benefits include:
With the new Intelligent Graph, users can expand their investigations without the complexity that most advanced capabilities come with.
If you’re not a Prisma Cloud user and would like to test drive best-in-class code-to-cloud security, we’d love for you to take a 30-day Prisma Cloud trial.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.