Demisto and Prisma Cloud: Automated Cloud Threat Response and Remediation

Increased cloud adoption has improved organizational agility, reduced product time-to-market, and levelled the playing field. However, cloud adoption has also expanded the threat surface for organizations, creating disparate ecosystems that hamper visibility into security vulnerabilities across the network. In addition, cloud provisioning and usage is often managed by business units outside the purview of the security team. Security teams need both visibility and agility to keep pace with this dynamic and constantly changing cloud environment.

The integration of Prisma Cloud’s comprehensive cloud monitoring and compliance capabilities with Demisto’s security orchestration and automation combines to help security teams unify security functions across cloud and on-premise environments and accelerate detection and response to behavioral anomalies.

  • Ingest and enrich Prisma Cloud alerts by querying other threat intelligence tools and orchestrating response across cloud and on-premise security products.
  • Trigger task-based workflows or playbooks to orchestrate actions across cloud computing platforms and case management products.
  • Leverage hundreds of Demisto product integrations to coordinate response across security, DevOps and IT functions.
  • Run thousands of commands (including for Prisma Cloud) interactively via a ChatOps interface while collaborating with other analysts and Demisto’s chatbot.

Read more about this integration and some of its use cases in this Demisto blog or contact your local Exclusive Networks Account Manager.