Host Security

Securing cloud VMs for any public or private cloud with Prisma® Cloud.

Linux and Windows® hosts make up the backbone of many cloud native applications, from cloud instances to Kubernetes® nodes. Applications that run on unprotected, insecure hosts introduce risk and are susceptible to attack.

Read Gartner’s report on cloud workload protection platforms.

Secure cloud hosts across any environment

Prisma Cloud offers a unified platform for securing cloud VMs. Automatically detect and protect cloud hosts with vulnerability management, compliance, runtime protection and anti-malware capabilities. Secure your virtual machines across clouds and environments. Protect Linux and Windows® hosts from malicious processes and applications. Leverage a single agent to protect the host and the containers running on the host.
  • Support for Linux and Windows in public and private clouds
  • Continuous vulnerability management and compliance
  • Full stack runtime protection with a single agent
  • Vulnerability management
    Vulnerability management
  • Host compliance
    Host compliance
  • Runtime defense
    Runtime defense
  • Image scanning
    Image scanning
  • Auto-discovery


Our approach to Host Security

Vulnerability management

Improve your hygiene and reduce the risk of exposure in your cloud environments by identifying vulnerabilities continuously before and after deployment. Prisma Cloud finds, prioritizes and protects against vulnerabilities in real time from a centralized dashboard.

  • Build golden pipelines by identifying vulnerable machine images

    Scan VM images prior to deployment to alert on or block vulnerabilities from being deployed.

  • Rank vulnerabilities by risk for prioritization

    Prioritize vulnerabilities based on risk score and risk factors based on your applications’ configurations.

  • Gain a real-time view into vulnerabilities

    Scan running hosts continuously, with minimal increased load, against the latest vulnerability databases.

  • Gain a consolidated view into risk across your stack from one agent and console

    View risks across your hosts, containers and serverless applications from one agent and console.

  • Protect against unpatched vulnerabilities

    Leveraging our WAAS module, you can block attempted exploits of vulnerabilities prior to patching the operating system.