With the Evident Security Platform, Palo Alto Networks customers get a single dashboard to quickly find cloud security vulnerabilities and then see how to correct them. Credit: Thinkstock Businesses are adopting public clouds to enable them to work faster and be more agile, which are both critical to success in the digital era. In fact, many organizations have adopted a “cloud first” approach, where the mandate is to move every new application to the public clouds.Along with the benefits of cloud computing — increased agility, faster time to market, and the ability to scale infrastructure — though, comes increase security challenges.The biggest problem with cloud security is that there’s no single issue. One can’t just slap in the cloud security appliance and know they are secure. With the cloud, it seems almost everything causes more security risk, including the fact that data is often transmitted over the public internet, users often procure their own cloud services, weak passwords are used to protect information, and cloud providers often federate information with the awareness of the company. Even renowned hacker Kevin Mitnick, speaking DigiCert’s recent customer event, says the public cloud is vulnerable. Mitnick, who spends his days doing penetration testing for large organizations, says he almost always goes through public cloud services because it’s the easiest way to get into companies and has been able to break into 100 percent of the companies that have hired him In fact, Mitnick called the cloud the biggest security risk companies face over the next decade.Palo Alto Networks acquires Evident.ioIt’s those such problems that Palo Alto Networks is trying to solve with its security platform. And this week, the company announced the acquisition of Evident.io — a purchase price of $300 million in cash — to add public cloud security functions to its current solution. This comes on the heels of the company’s announcement last month to extend security to the big three public cloud providers. The current Palo Alto solution has an inline component that protects and secures workloads and a host-based one to protect operating systems and apps. Evident is focused on continuous security and compliance, giving Palo Alto the third leg of the cloud security stool. Evident.io/Palo Alto NetworksThe Evident Security Platform dashboardThe Evident Security Platform offers security and compliance for public clouds such as Amazon Web Services (AWS) and Microsoft Azure and displays the information in a single pane of glass where breaches in security policies can be spotted immediately. The product analyzes information to detect things that can cause compliance issues, such as misconfigurations, vulnerabilities, and risk, and it is continually updated via its APIs to ensure the dashboard is up-to-the-minute accurate.The Evident Security Platform also provides the actionable information required to remediate those risks. Further, policy enforcement can be fully automated for security teams that are willing to take that leap. The Evident platform is widely regarded as one of the better cloud compliance tools and has a full range of regulatory and industry coverage to help companies comply with HIPAA, PCI, NIST, ISO, and others. Palo Alto Networks and Evident.io merger good for customersIn any marriage, the goal is to make each other better, and that’s certainly the case here and should be viewed as boon for customers of both companies. The data classification from Palo Alto’s Aperture product will provide a greater source of information to Evident and broaden the compliance and monitoring coverage. And Evident will add new data to Palo Alto’s Application Framework for better analytics. Also, the automated responses will expand the enforcement capabilities in Palo Alto’s platform. Although awareness of the increased complexity in securing public clouds has only been raised recently, Palo Alto has been working on this problem for the better part of five years when it first introduced its ESXi security capabilities and then rapidly expanded that to other virtualization platforms. The acquisition of Evident.io gives customers a fast and easy way to understand where their security risks are coming from and offers a way to fix them before their company makes front-page news. Related content feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff 30 Aug 2024 8 mins Technology Industry IT Skills Events news F5, Intel team up to boost AI delivery, security F5 and Intel are working together to combine security and traffic-management capabilities from F5’s NGINX Plus suite with Intel’s OpenVINO open-source toolkit for optimizing AI inference and Intel IPU hardware accelerators. By Michael Cooney 29 Aug 2024 1 min Network Security Artificial Intelligence Security news Cisco snaps up AI security player Robust Intelligence Plans call for integrating Robust Intelligence's AI security platform with Cisco Security Cloud to streamline threat protection for AI applications and models and increase visibility into AI traffic. By Ann Bednarz 28 Aug 2024 1 min Mergers and Acquisitions Artificial Intelligence Security feature What is OWASP? A standard bearer for better web application security The Open Web Application Security Project (OWASP) is an international nonprofit dedicated to providing free documentation, tools, videos, and forums for anyone interested in improving the security of their web applications. By Linda Rosencrance 28 Aug 2024 8 mins Internet Security IT Skills Application Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe