Quickstart Service for Prisma Cloud CWP: 6 Month Implementation

Palo Alto Networks, Inc.

Prisma Cloud delivers protection across environments, including Microsoft Azure, with Cloud Workload Protection (CWP) for hosts, containers and serverless deployments across the application lifecycle.

Prisma Cloud is a comprehensive Cloud Workload Protection solution that delivers flexible protection to secure cloud VMs, containers and Kubernetes apps, serverless functions and containerized offerings. With Prisma Cloud, DevOps and cloud infrastructure teams can adopt the architecture that fits their needs without worrying about security keeping pace with release cycles or protecting a variety of tech stacks.

Cloud native applications scale dynamically, requiring a modern, automated approach to protection that prevents applications from unwanted activity and threats.Shift left and embed cloud security across the entire development lifecycle on Microsoft Azure, from Build to Deploy to Run. Palo Alto Networks Quickstart Service for Prisma Cloud CWP is a catered offering designed to help speed up your adoption and integration time with Prisma Cloud CSPM. Our expert consultants will remotely configure and integrate with your cloud environment.

Key Deliverables:
  • Planning - Review project requirements (new deployment), discuss milestone timelines, identify the Customer’s project team members, and follow-up action items
  • Configuration - Installation of consoles for self hosted environment or Onboard Prisma Cloud Enterprise Users to access Prisma Cloud Console
  • Deploy defenders within supported platforms or Host Defender on any supported cloud platform
  • Deploy Serverless or App-Embedded Defenders
  • Enable Agentless Scanning
  • Enable Serverless Auto-Defend for Hosts and Serverless
  • Configure Kubernetes auditing and admission control for several clusters
  • Configure Trusted images and VM image scanning
  • Configure scope for serverless functions
  • Configuration Defenders to scan appropriate registries
  • Configuration of RBAC for Roles and User Accounts
  • Configure WAAS applications
  • Configure Cloud Discovery to discover unprotected resources
  • Configure Code Repositories
  • Integration with alert providers
  • Integration with Continuous Integration (CI) tools for image scanning
  • Policy Tuning - Tuning Runtime/Compliance/Vulnerability rules
  • Tune or tighten rules and policies for runtime protection
  • Review and investigate the Compliance/Vulnerability explorer events to build additional Compliance and Vulnerability rules
  • Validation - Review events to build additional Compliance and Vulnerability rules
  • Knowledge Transfer - Palo Alto Networks will provide knowledge transfer and as-built document upon completion of all tasks identified in the Service Description