BlueApp for Palo Alto Networks Prisma Access

Secure access and data with best-in-class capabilities

Palo Alto Networks
  • Prisma Access
  • sase
  • Detection
  • Response

See All BlueApps + Plug-ins >
BlueApps extend USM Anywhere’s threat detection and orchestration capabilities to other security tools at no additional cost.
Learn more ›

The BlueApp for Palo Alto Networks Prisma Access streamlines incident response by delivering advanced security orchestration, automation, and response (SOAR) capabilities. The BlueApp integrates with the Palo Alto Networks Prisma Access Cloud to give customers rich actions to use in response to threats detected in the environment. It provides several different mechanisms to modify security policy and as well as the ability to block files and change alert status.

With this BlueApp, you can:

  • View Prisma Access events and alarms through a consolidated dashboard
  • Quickly capture, analyze, and visualize threats with data enrichment and analytics
  • Perform automated response actions to easily contain threats
  • Add and remove IP addresses, URLs, and tags to block lists, address groups, and other policy constructs

How it works

The BlueApp for Palo Alto Networks Prisma Access gives customers the power to use the Prisma application programming interface (API) to update details about the security policy directly from the USM Anywhere console. Specifically, the app facilitates updating items such as external block lists and policy objects. For example, it can be used to manipulate tags and address groups that allow the analyst to block or unblock specific IP addresses, URLs, and domains. These controls can also be incorporated into orchestration rules and playbooks, allowing the incident to be addressed automatically, i.e., before an analyst reviews it.

Why you’ll love it

  • Lets you secure the network without having to pivot into another security tool
  • Allows automatic response to threats, reducing the time it takes to address incidents
  • Provides more than 30 response actions, including a rich set of actions that can be used to change firewall policy to respond to security incidents
Get price Free trial