Palo Alto Networks Extends SASE Reach to Unmanaged Devices – Security Boulevard

Home » Editorial Calendar » Zero-Trust » Palo Alto Networks Extends SASE Reach to Unmanaged Devices

Palo Alto Networks this week extended its secure access service edge (SASE) platform to make it possible to apply cybersecurity policies to unmanaged devices.

Anand Oswal, senior vice president and general manager for network security for Palo Alto Networks, said Prisma SASE 3.0 will make it simpler to broadly apply zero-trust policies in minutes using a Prisma Access Browser.

In addition, Prisma SASE 3.0 is also taking advantage of large language models (LLMs) to enable organizations to classify data more accurately and ensure the right cybersecurity policies are applied.

Finally, Palo Alto Networks is working with cloud service providers and enterprise applications to accelerate the performance of specific applications hosted on either cloud services or via specific providers such as Slack, ServiceNow, Zoom and SAP by a factor of five.

It’s not clear at what rate organizations are adopting SASE as an alternative to virtual private networks. However, as more companies embrace zero-trust as a cybersecurity philosophy, the need for a method to better secure endpoints becomes increasingly apparent, especially as cybercriminals become more adept at exploiting VPN weaknesses.

The challenge is that, given the level of investment required to adopt SASE, progress has been relatively slow. However, in the last year, the pace of SASE adoption has significantly increased, thanks in part to a greater emphasis on implementing a zero-trust framework to secure endpoints, said Oswal.

No one knows for certain how many unmanaged devices are used to access corporate networks, but cybercriminals certainly are getting more adept at identifying vulnerable devices.

Less clear is the degree to which the management of security operations is shifting toward IT operations or whether cybersecurity teams are assuming more responsibility for managing IT. At the very least, IT leaders need to work more closely with CISOs as organizations implement zero-trust IT policies.

Each organization needs to define what zero-trust precisely means, as well as the best ways to enforce policies without impeding productivity. The expectation is that cybersecurity and IT teams can ensure cybersecurity without adversely impacting employees’ productivity. Given the level of risk from, for example, ransomware attacks, there’s more tolerance for some level of friction that might be created by the tools and platform being used to ensure cybersecurity — but only to a point.  Of course, in the event of a breach it’s still the cybersecurity team that is held largely accountable.

In the meantime, the time interval that cybersecurity teams are expected to be able to respond to an attack is dwindling. Once a cyberattack is detected, organizations expect cybersecurity teams to respond in almost near real-time to contain it. Preventing breaches is more critical than ever if cybersecurity teams are to focus limited resources to meet containment expectations. Otherwise, it’s simply too easy for cybersecurity teams to be overwhelmed by multiple sophisticated cyberattacks.

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

Secure Coding Practices

Step 1 of 7

14%

Does your organization currently implement secure guardrails in the software development process?(Required)

Yes, extensively across all projects

Yes, but only in specific projects or teams

In the process of implementation

No, but planning to in the near future

No, and no plans to implement

What are the biggest challenges you face in implementing secure guardrails within your development processes? (Select all that apply)(Required)

Lack of awareness or understanding

Technical difficulties in integration

Resistance from development teams

Lack of suitable tools

Cost constraints

Other
Other, tell us more:

How effective do you find secure guardrails in preventing security vulnerabilities in your projects? Rate on a scale from 1 (Not effective) to 5 (Highly effective)(Required)

1

2

3

4

5

To what extent are your secure guardrails automated?(Required)

Fully automated

Mostly automated with some manual processes

Equally automated and manual

Mostly manual with some automation

Entirely manual

What features do you prioritize in a secure guardrail solution? (Rank in order of importance)Ease of integration into existing workflowsComprehensive coverage of security vulnerabilitiesCustomizability for specific project needsMinimal impact on development speedActionable insights and recommendationsSupport for a wide range of programming languages and frameworks

What are your organization’s plans regarding the adoption or enhancement of secure guardrails within the next 12 months?(Required)

Expand the use of secure guardrails to more projects

Enhance the capabilities of existing secure guardrails

Maintain current level of secure guardrail use without changes

Reduce reliance on secure guardrails

No plans related to secure guardrails

What best describes your primary role?(Required)

Security Engineer

DevOps Engineer

Platform Engineer

Security champion on the development team

Software Developer

CISO (or equivalent)

Sr. Management (CEO, CTO, CIO, CPO, VP)

Manager, Director

Other

Δ