Updated: Apr 15, 2021
Enterprise IT is in the midst of massive transformation with the addition of public
cloud services, ephemeral resources and custom applications in distributed
deployments. Work-from-home, mobility, BYOD and edge computing are
fundamentally changing enterprise access. Cloud and mobility reduce visibility,
exposing a much broader attack surface.
Functionally organized security groups are not aligned with enterprise
governance models. The complexity of integrating these groups and their tools
results in blind spots, misconfigurations and lax privileges. Siloed security misses
key connecting events, reports false positives and increases cost.
Application complexity is growing with monolithic applications being
modularized into microservices. These ephemeral microservices have lifespans in
the order of seconds. Securing them requires event-driven discovery, dynamic
policy and instantaneous learning of behaviours.
New data protection and privacy regulations are emerging in response to digital
enterprises capturing personal information. The growing sophistication of actors
and complexity of threats increases the risk to enterprise data and intellectual
property. There is a severe shortage of technical security staff to deal with these
We Need A New Approach
Our Threat Intelligence capability that leverages Prismo Systems stops breaches right where they start. Prismo has developed an industry-first, patented software that provides end-to-end security and breaks the functional silos. Prismo uniquely connects all enterprise events to provide complete visibility across all layers of the IT stack: User, Network, System, Application and Data.
Introducing the Transaction Graph
Transaction Graph links events into an end-to-end transaction, from an access
request to the final response. Related transactions, are further connected to form a
graph. With transaction graphs, formerly challenging security use cases become
trivial to solve. Our platform seamlessly integrates Identity Access Management,
Privileged Access Management, Micro-Segmentation, Application Security
including Assessment, Insider Threat, Vulnerability Management, SOC Automation,
Threat Hunting and Cyber risk management.
Unlike other products that operate on individual events, Prismo Transaction Graph precisely links events into transactions to piece together the complete picture of every request. By constructing and storing entire transactions indefinitely, Prismo cuts across silos to provide the missing pieces of the puzzle to fill security knowledge gaps. Blind spots are thereby eliminated.
Transaction Graph offers a better approach to authorization: “Just-Enough Privileges”. Users don't get complete access to all resources, they only get access to the right resources in the right context to get their job done. Just- Enough Privileges is preventive and shifts the focus away from chasing false alerts. Reliance on reactive detection technologies and human SOCs is reduced.
Transaction Graph enforces security for every request. The product is battle-tested in large F500 implementations and proven to scale to over 100M transactions/sec while adding less than 2% overhead. It provides a multi-year history that can be queried in real-time.
Transaction Graph is easy-to-use. User intent is automatically translated into fine-grained access control, eliminating human error. Armed with the power of enriched and connected data, Transaction Graph greatly simplifies the enterprise security stack.
Prismo's Transaction Graph enables Granular Discovery, Identity & Access Management, Privileged Access Management, Micro-Segmentation, RASP, Automated Penetration Testing, Cyber Risk Management customer benefits Transaction Graph solves the 5biggest security challenges:
1. Attackers cannot propagate laterally. Transactional chain-of-trust prevents the use of stolen admin credentials.
2. Users and APIs cannot exploit application vulnerabilities. Application security logic is validated for misconfigurations and authorization errors.
3. Malware is blocked early at install time. Only fingerprinted accounts can install packages and executables.
4. Insiders cannot exfiltrate data or intellectual property. They have“Just-EnoughPrivileges”.
5. Audit and compliance is effortless. Prismo records every access to enterprise resources.
Transaction Graph unlocks enormous business value and gives peace of mind to various stakeholders: Board, Regulators, Employees, Business Units, IT and Customers
Board, internal audit and external regulators gain transparency from precise and comprehensive transactional visibility. Responding to stakeholder expectations is just a click away.
Employees can be productive and can work from literally anywhere, using the device of their choice. Contractors can be added confidently. Enterprise security posture is not diminished.
Business Units can rapidly innovate and deliver new cloud-native applications using open source code. Their customer-facing platforms can safely extend to include customer and partner plug-ins.
IT can flex seamlessly to scale on-demand or reduce spend when appropriate. On-premise and hybrid-cloud deployments are equally secure.
Customers can be assured that their data is safe and secure. Enterprises can use this competitive advantage to build brand loyalty.
Contact us to see a demonstration of this unique capability