Sam can finally finish his building block sets thanks to Prisma Cloud, and Danielle learns all about where all the time savings came from.  Learn how to seamlessly maintain a robust security posture across a multi-cloud architecture. For more information about Palo Alto Networks’ Cloud Security Posture Management, visit us here.  https://www.paloaltonetworks.com/prisma/cloud/cloud-security-posture-management    Transcript:  SAM: Hello hello my good friend.  DANIELLE: Hello, what’s with the good attitude…? Finally finish that LEGO set?  SAM: Well, yeah, but it’s because I've been able to put all my work stress behind me and just focus on the bricks.  DANIELLE: You’re like a whole new you! All because of Prisma Cloud?  SAM: All because of Prisma Cloud. It’s made work so easy. Our hybrid cloud security posture management is so smooth and functional…like two 2x2 bricks slotting on top of a 2x4.  DANIELLE: In the spirit of DevSecOps partnership, could you walk me through what's happening? I bet it'll be easier for me to code if I know what's going on behind the screens.  SAM: Wow, I’ve never heard that term before. Security and developers. DevSec. DevSecOps. I like it…yeah, let's go through this together.  DANIELLE: I'm ready when you are.  SAM: So our problem was maintaining security and compliance posture of all of our cloud resources. It's always a moving target because threats get smarter and we have to respond.  DANIELLE: Right, sounds like a lot.  SAM: It is! And we have more than one cloud environment, so we have to track so much across so many places. It was so much to manage, and nothing we tried in the past could handle all the environments we used at once. It turned into a patchwork of security features.  DANIELLE: No wonder you were so stressed all the time. And irritable. And moody…  SAM: My Burj Khalifa LEGO set sat in the box for months. Months!  DANIELLE: So what did you need to do to wrap it all up?  SAM: We focused on four key aspects. One: visibility/compliance/governance. Two: threat detection. Three: integrated data security. And four: automation for remediation.  DANIELLE: You lost me. Can you explain the security engineer talk?   SAM: Most definitely. Basically we have to monitor everything, detect anomalies and correlate them to types of threats with contextualized data, build that security info back into our cloud system, and automate small actions so the security engineering teams can focus on bigger issues.  DANIELLE: Hm…I guess I just don't understand why things weren't working before then. We had those other services, right? What changed?  SAM: Not all cloud service providers mesh with other services. But Prisma Cloud swooped in and organized everything for us across all of our clouds——with more automation and smarter rules, too, so we could be even more hands off.  DANIELLE: Okay, yeah, that makes sense.  SAM: When we added a new cloud service provider on top of our old one, I just added our new cloud to our existing Prisma Cloud configuration and let the system handle the rest. Before I would've had to find new security management software, troubleshoot it, bug chase—  DANIELLE: And stay late while the LEGOs collected dust.  SAM: They don't collect dust when they're in the box, Danielle.  DANIELLE: It's a figure of speech.  SAM: Irregardless, Prisma Cloud's central dash lets me and the security engineering team monitor everything all at once, and the automated remediations and dynamic baseline formation across every cloud environment let us sit back until something really pressing comes through.  DANIELLE: You must be really satisfied with it; this is the most I've ever heard you talk about anything.  SAM: Yeah I really do love it. We're going to keep this going as long as I can.  NARRATOR: Palo Alto Networks. We’ve got next.

Sam and Danielle write an email to their bosses about the benefits of moving security earlier in the timeline—and Sam gets back to his Rubiks cube.  Keep your workloads secure in the age of cloud-based, scale-out, constantly changing applications and infrastructure. For more information about Palo Alto Networks’ DevSecOps tools, visit us here.  https://www.paloaltonetworks.com/prisma/cloud/devsecops   Transcript:  DANIELLE: Hey Sam, do you have a minute?  SAM: What now? I was getting ready to get ready for lunch.  DANIELLE: We should put some more work in on that email to the higher-ups about shifting security left with Prisma Cloud. I want to send it today.  SAM: Shifting left…yeah, I mean that’s saved me so much time. Okay. I thought we already finished that. Where'd we leave off?  DANIELLE: We did the opener and a draft. Shift left: push part of the process earlier in the timeline.  SAM: What else do we have?  DANIELLE: Uh well…just a draft.  SAM: And you want to send it today???  DANIELLE: Listen, every time I brought up how I wanted to make some more headway on this, you told me you were leaving to practice your 4x4 Rubik’s Cube.  SAM: A man has to have priorities, Danielle.  DANIELLE: Let's prioritize this, then.  SAM: Okay, since shifting security left makes things easier for muah, I’ll do it. We told them what shifting left is, now we need some detail about why for the next part.   DANIELLE: Yep. When you integrate cloud security earlier in the development lifecycle, it’s a consideration at every step of the way. Sound good?  SAM: Yeah…yeah…that's good. I’d also add something about the time saving, since working in security at the beginning of a project streamlines it further down the funnel.  DANIELLE: Got it. Security engineers can fail insecure builds earlier, saving time for everyone. Sound good?  SAM: Yeah, but I think from what we have here, it sounds like the benefits of shifting left are only at the beginning of the process.  DANIELLE: We’re obviously getting to the next part. Can you just stay focused?  SAM: No need to get snippy! Just get there then.   DANIELLE: Okay, jeez, here we go: If code passes the build quality gate and security requirements are not met, Prisma Cloud can stop deployment. How’s that?  SAM: We should say why that’s important—that we can easily stop deployment if something happens. People who aren’t security engineers won’t know that.  DANIELLE: Right. This further restricts potential vulnerabilities.  SAM: Yeah, matches what's been saving me time.  DANIELLE: Cool. For the wrap-up, I pulled in the DevOps angle.  SAM: Surprise surprise, the developer wants to talk about DevOps.  DANIELLE: Am I wrong?  SAM: No.  DANIELLE: Never. And I already nailed this part. Prisma Cloud uses tags and metadata from cloud-native applications to notify the correct developer directly within their development tool when a vulnerability occurs. This way, the problem can be quickly solved by the person with the most relevant knowledge.  SAM: Don’t flatter yourself, it’s always easier writing about what you know.   DANIELLE: Almost as easy as using Prisma Cloud, right?  SAM: Just about. I loved not having to get involved. Prisma Cloud just pinged you when your code was non-compliant.  DANIELLE: Ping, hey, there's a security vulnerability. Code code code, it's done. DevSecOps in one fell swoop.  SAM: Speaking of which, are we good here? Cause uh, I still have to do my pre-pre-lunch ritual.  DANIELLE: Yeah, I think we have a good overview to present. Busy watching old Rubik’s Cube competitions?  SAM: Priorities, Danielle. Priorities.  NARRATOR: Palo Alto Networks. We’ve got next.

Danielle talks an overworked Sam out of quitting, thanks to Prisma Cloud’s automation. Now Sam can get back to practicing with his boomerang.  Take on the unique security and compliance challenges inherent to cloud native development—constant change, diverse environments, and sheer volume. For more information about Palo Alto Networks’ Cloud Workload Protection Platform, visit us here.  https://www.paloaltonetworks.com/prisma/cloud/cloud-workload-protection-platform   Transcript: SAM: DANIELLE!!!!  DANIELLE: Uh…hello?  SAM: I'm putting my two weeks in. I am out of here.  DANIELLE: What??  SAM: I just got a memo from high up saying we're moving our network from a single cloud to a hybrid cloud environment. I'm already barely keeping up with monitoring everything going on, now I have to do it on multiple clouds? It's always shifting and scaling! That's the point of cloud! I can't do this.  DANIELLE: Hey, hey, take a breath. Let's figure this out. I might already have a solution for you, if we can get there.  SAM: I don’t think this is working.  DANIELLE: It is, and it will. Let's get through this together. DevOps and security engineers against the world.  SAM: Okay tell me, wise developer. What’s your idea?  DANIELLE: Let's figure out the main problem first. What exactly is going on?  SAM: Okay, okay. Our cloud network——well, networks, now——dynamically scale with our demand, so I'm always chasing down a baseline.  And if I can find a breach, I have to dig around and figure out how. And why. And when.   And what if it was in an old environment or configuration and nobody saw it? And now I have to do that over multiple networks??  DANIELLE: Let's bring it back down. We'll get through it. We need to use Pr--  SAM: That’s easy for DevOps to say. This is all a mess for security engineers.  DANIELLE: Prisma Cloud from Palo Alto Networks could handle all this! If we put it on our system and enabled their runtime security, we'd be able to let the machines do the work.  SAM: It sounds too good to be true.  DANIELLE: Once we enable its built-in runtime security, it'll use AI and machine learning to model what a healthy environment should look like across our dynamic scaling.  SAM: But I’ll still have to track it.  DANIELLE: Nope, Prisma Cloud will do it—across all of our cloud environments. Even if we add another, it'll all work as one.  SAM: What if something changes, though? I’ll have to stick around after hours whenever we create new containers to fine-tune all these new parameters.  DANIELLE: You can just tell the system to create automatic definitions for different environments. That way, if there is a breach, fallout stays siloed.  SAM: How quick is all of this? I don't want to have to compile big reports—and as you know I'm—  DANIELLE: Practicing for that boomerang competition. Yeah. Prisma Cloud detects it all in real time and we can incorporate it into every layer of our environments. So if you see a problem, you can quickly fix it, then get back to-  SAM: Boomerang throwing techniques! My arm is really loosening up.  DANIELLE: Or…actually doing your job.  SAM: You seem to know enough about security for the both of us, so who knows.  DANIELLE: It's DevSecOps! We work together, remember?  SAM: So if we can get Prisma Cloud on our network, it'll dynamically scan and scale across all our containers, server functions, and cloud services—and tell us about breaches?  DANIELLE: Yep. See? We worked through this.  SAM: Okay, okay…let's get this going.  NARRATOR: Palo Alto Networks. We’ve got next.

Danielle and Sam check out the Forrester Consulting Total Economic Impact study about Prisma Cloud, even though Sam would rather be memeing. Address cloud security challenges head on and learn how to save 276% with Prisma Cloud. For more information about Palo Alto Networks’ Cloud Security Posture Management, visit us here. https://www.paloaltonetworks.com/prisma/cloud/cloud-security-posture-management   Transcript:  DANIELLE: Wow, wow wow wow. Big day for the Dev team. The Forrester Consulting study just released.  The Total Economic Impact of Palo Alto Networks Prisma Cloud.  SAM: That was that study about our security, right?  DANIELLE: Yeah. They talked to five companies for their research—companies similar to ours! Oh—Forrester does research and consulting for tech and marketing companies, so Palo Alto Networks commissioned them to conduct the total—  SAM: Yeah yeah yeah, that Total Economic Impact study. See the data for companies that use Prisma Cloud. Why did they do that? Seems like it takes a lot of time.  DANIELLE: It was worth it, Sam. Just take a look at the study.  SAM: What am I looking at.  DANIELLE: It's the rundown of everything they analyzed. So there's a summary first, then details about cloud security for big companies just like ours.  SAM: Obviously, that's how it would work, but I don't understand what all these numbers actually mean for us.  DANIELLE: Okay, I'll run us through it…if you could just…hand those back…  SAM: I could've figured it out…  DANIELLE: Since you didn't, let's take it from the top. So they start by saying that this study was to figure out the financial impact Prisma Cloud might have, so—  SAM: If it's worth the initial investment?  DANIELLE: Exactly. The paper says that organizations that enabled Prisma Cloud can get a 276% return on investment over three years!   SAM: So almost three times as much back—that’s wild!  DANIELLE: Mhm, it definitely streamlined my dev processes too. It says DevOps efforts to fix vulnerabilities and misconfigurations improved by 60%.  SAM: It really let me not have to be on guard all the time if errors popped up. I got to go home earlier and create a bunch of memes.  DANIELLE: What kind of memes?  SAM: The hilarious kind. So you think it all worked out huh?  DANIELLE: I know it definitely did for me. It was a lot smoother to get security guidance at the same time I was developing, instead of waiting for everything to be compiled.  SAM: It did give us in security a lot more control over the data, so we didn't have as many surprises.  DANIELLE: It was shorter when something did need investigation too, right?  SAM: Way shorter. We could sort through all the data with Prisma instead of having to audit it ourselves.  DANIELLE: Did you have to do a lot to get it going?  SAM: It all happened right out of the box. We set some security parameters and just let it do its thing.   DANIELLE: All these amazing stats geez. I don’t know why we took so long to get Prisma Cloud.   SAM: I didn't think a program could come in that would be smarter than what I was already doing.  DANIELLE: You think you're smarter than a lot of things.  SAM: Because I am Danielle! But when we set up Prisma Cloud, I thought it was crazy that they had 680 security rules right out of the box. Even I couldn't think of that many, so I'm sure even just the default rules caught a lot of stuff we might have missed otherwise.  DANIELLE: On my end in Dev, we could see if we were breaking the rules in real time and adjust accordingly. Just so simple. It was all right there for us.  SAM: So…we just turn it on and let it run?  DANIELLE: Yeah, and keep pumping our work out. I don’t want to go back to how we did things before. My workflow is so much simpler now.  SAM: What about all the data?  DANIELLE: We keep it in our pockets. If anybody asks us why we want to keep things how we're doing them, we can back it up with all these numbers.  SAM: So, what's next? Besides me blowing up social media later?  NARRATOR: Palo Alto Networks. We've got next.