Ingest Cloud Resources from Prisma Cloud - User Guide - 2 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Expander User Guide

Product
Cortex XPANSE
Version
2
Creation date
2024-08-29
Last date published
2024-11-06
Category
User Guide
Solution
Cloud
Abstract

Cortex Xpanse supports an integration with Prisma Cloud.

The Cortex Xpanse integration with Prisma Cloud enables Xpanse to ingest cloud context through Prisma Cloud from Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Alibaba Cloud.

The Cortex Xpanse integration with Prisma Cloud is a multi-purpose integration that enables you to accomplish the following:

  • Identify rogue cloud and shadow IT instances not covered inside Prisma Cloud.

  • Gain visibility into cloud asset sprawl, irrespective of the provider (for example, assets in IBM, OCI, Rackspace, Digital Ocean, etc.).

  • Bring unmanaged assets under management by consolidating Xpanse-discovered assets within Prisma Cloud

  • Reduce mean time to discovery (MTTD) and mean time to recovery (MTTR) by automatically monitoring accidentally exposed services running on your internet-facing cloud assets.

To set up the integration between Cortex Xpanse and Prisma Cloud, perform the following tasks:

You can use the Prisma Cloud integration to identify your Unmanaged Prisma Cloud, which consists of your cloud assets that were discovered by Xpanse but are not in your Prisma Cloud inventory and Managed Prisma Cloud, which consists of cloud assets that were discovered by Xpanse exclusively and are in your Prisma Cloud inventory. For more information about managing your unmanaged and managed Prisma Cloud inventory in Expander, see Cloud Inventory. For a list of the types of resources that can be ingested into Cortex Xpanse, see Prisma Cloud resource types.