With the Evident Security Platform, Palo Alto Networks customers get a single dashboard to quickly find cloud security vulnerabilities and then see how to correct them. Credit: Thinkstock Businesses are adopting public clouds to enable them to work faster and be more agile, which are both critical to success in the digital era. In fact, many organizations have adopted a “cloud first” approach, where the mandate is to move every new application to the public clouds.Along with the benefits of cloud computing — increased agility, faster time to market, and the ability to scale infrastructure — though, comes increase security challenges.The biggest problem with cloud security is that there’s no single issue. One can’t just slap in the cloud security appliance and know they are secure. With the cloud, it seems almost everything causes more security risk, including the fact that data is often transmitted over the public internet, users often procure their own cloud services, weak passwords are used to protect information, and cloud providers often federate information with the awareness of the company.Even renowned hacker Kevin Mitnick, speaking DigiCert’s recent customer event, says the public cloud is vulnerable. Mitnick, who spends his days doing penetration testing for large organizations, says he almost always goes through public cloud services because it’s the easiest way to get into companies and has been able to break into 100 percent of the companies that have hired him In fact, Mitnick called the cloud the biggest security risk companies face over the next decade.Palo Alto Networks acquires Evident.ioIt’s those such problems that Palo Alto Networks is trying to solve with its security platform. And this week, the company announced the acquisition of Evident.io — a purchase price of $300 million in cash — to add public cloud security functions to its current solution. This comes on the heels of the company’s announcement last month to extend security to the big three public cloud providers. The current Palo Alto solution has an inline component that protects and secures workloads and a host-based one to protect operating systems and apps. Evident is focused on continuous security and compliance, giving Palo Alto the third leg of the cloud security stool. Evident.io/Palo Alto NetworksThe Evident Security Platform dashboardThe Evident Security Platform offers security and compliance for public clouds such as Amazon Web Services (AWS) and Microsoft Azure and displays the information in a single pane of glass where breaches in security policies can be spotted immediately. The product analyzes information to detect things that can cause compliance issues, such as misconfigurations, vulnerabilities, and risk, and it is continually updated via its APIs to ensure the dashboard is up-to-the-minute accurate.The Evident Security Platform also provides the actionable information required to remediate those risks. Further, policy enforcement can be fully automated for security teams that are willing to take that leap. The Evident platform is widely regarded as one of the better cloud compliance tools and has a full range of regulatory and industry coverage to help companies comply with HIPAA, PCI, NIST, ISO, and others. Palo Alto Networks and Evident.io merger good for customersIn any marriage, the goal is to make each other better, and that’s certainly the case here and should be viewed as boon for customers of both companies. The data classification from Palo Alto’s Aperture product will provide a greater source of information to Evident and broaden the compliance and monitoring coverage. And Evident will add new data to Palo Alto’s Application Framework for better analytics. Also, the automated responses will expand the enforcement capabilities in Palo Alto’s platform. Although awareness of the increased complexity in securing public clouds has only been raised recently, Palo Alto has been working on this problem for the better part of five years when it first introduced its ESXi security capabilities and then rapidly expanded that to other virtualization platforms. The acquisition of Evident.io gives customers a fast and easy way to understand where their security risks are coming from and offers a way to fix them before their company makes front-page news. Related content opinion 5 things to look for in an XDR solution The XDR market is hot, with vendors large and small jumping on the bandwagon. Here are 5 key capabilities to look for when evaluating XDR solutions. By Zeus Kerravala Jan 14, 2021 5 mins Intrusion Detection Software Endpoint Protection Security opinion Why it's time to shift to extended validation certificates More than ever, a strong organizational identity is essential for building trust with users. By Zeus Kerravala Aug 27, 2020 4 mins Internet Security Security opinion Securing IoT requires a shift to a security fabric The IoT era and the expectation that everything will be connected, accelerates the need to move away from point products and toward the concept of a security fabric. By Zeus Kerravala May 21, 2020 6 mins Internet of Things Network Security Security opinion 5 standout products from RSA 2020 2020 will be remembered as the year the human element finally came to security. By Zeus Kerravala Mar 02, 2020 5 mins Authentication Cloud Security Endpoint Protection Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe