Global telco chooses Palo Alto Networks code-to-cloud security across any cloud

This global telecommunications provider is developing new services at pace in a multicloud architecture. Prisma Cloud provides the organisation with unified cloud security visibility into every configuration – across almost 80 modern telco services.

This connected visibility and monitoring delivers immediate clarity on any critical security issues reported to the respective development teams. By preventing insecure configurations from reaching production, the telco is delivering breakthrough services faster and at scale, supporting business growth.

Digital innovation is shaping the connected future of this global telco. New services – spanning everything from 5G and artificial intelligence (AI) to broadcast services and more – are being developed at a rapid, relentless pace, creating significant new business opportunities.

The challenge that this global telco faces is ensuring these new services are safeguarded from threats and free of vulnerabilities. Its continuous integration and continuous delivery (CI/CD) pipeline is the heartbeat of new services development, serving as the foundation for developers to store, compile, and deploy code. And CI/CD pipeline weaknesses are common targets for bad actors looking to instigate an attack.

“The attack surface has changed considerably in recent years, owing to trends like DevOps and automation,” explains Ezequiel Angel Alonso von Semasco, Security Architect at the global telco. “As the volume and sophistication of attacks increases, we need to protect the delivery pipeline to remain secure in the cloud.”

This cloud security also needs to be managed efficiently. Point cloud security tools – or the native tools provided by different cloud services providers – lack the functionality and integration the Security Architecture team needs to drive agile, low-risk monitoring.

“We wanted a single, unified approach to cloud security across our Azure, AWS, and Google Cloud environments. Prisma Cloud gives us that complete visibility and control, reduces risk across the application lifecycle, and meets our goal for lean operations,” says Ezequiel.

The telco’s Security Architecture team uses the Prisma Cloud cloud-native application protection platform (CNAPP) to monitor and protect its Azure, AWS, and Google Cloud environments. Unlike a collection of point products, Prisma Cloud integrates a broad set of security capabilities into a single platform to deliver unified, best-in-class security.

The platform is used in a monitoring capacity, whereby architecture misconfigurations and potential vulnerability alerts are reported to the respective development teams for remediation. Altogether, almost 80 services are monitored, including broadcast video services, translation services, internal website development, and blockchain services.

“Prisma Cloud provides continuous visibility and control over cloud misconfigurations, identity and access, data, and vulnerabilities. It gives us a fast, accurate way to resolve the issues and identify the resources impacted,” says Ezequiel.

Prisma Cloud is predominantly used to scan container images and enforce policies as part of the telco’s CI/ CD workflows and to monitor code in repositories (GitHub) and registries. For example, the telco has deployed Prisma Cloud in the air-gapped Red Hat OpenShift environment to discover compliance issues and vulnerabilities on the deployed workloads.

Palo Alto Networks Customer Success has been instrumental in this success. Ezequiel comments, “The Customer Success team are with us at every step. They are an extension to our team, providing consistently engaging and responsive interactions. They also understand our business, our goals, and the technology.”

Prisma Cloud addresses the organisation’s vulnerability management, compliance, and network security requirements for its containerised applications. The benefits include:

• Increased business agility: Improved cloud security enables services to be deployed and maintained more quickly, allowing the telco to pivot faster, capitalise on new business opportunities, and grow revenues.
• Lean, efficient multicloud security: The Security Architecture team, comprising just three people, is tasked with the management of circa 80 services. Multicloud integration, coupled with an intuitive, unified interface, enhances user experience and increases security productivity.
• Code-to-cloud intelligence: Prisma Cloud connects insights from the developer environment, providing contextualised alerts, prioritising critical risks, and offering remediation guidance.
• Reduced attack surface: Prisma Cloud hardens the telco’s CI/CD pipelines and helps resolve coding issues, reducing the attack surface and protecting multicloud application development environments.
• Attack path analysis: Prisma Cloud enables the team to find interrelated weaknesses and isolate exploitable attack vectors.
• Creation of remediation solutions: Prisma Cloud helps trace risk back to source code so it can be fixed by the various development teams.

Because of this success, other teams within the organisation – based in other countries – are eager to adopt Prisma Cloud. Ezequiel concludes, “The telecommunications industry is changing at incredible speed. We can’t have barriers in the way of agile development. With Prisma Cloud, we can continuously monitor our services in support of faster service development. That’s good for our customers – and for our business.”

Learn more about Palo Alto Networks on their website, where you can also read many more customer stories.