Industry’s First Shift-Left Data Protection for SaaS
We closed the acquisition and integration of Gamma.AI to bring real-time ML-powered data protection to our NG-CASB and DLP portfolio.
We are excited to announce the completion of the integration of Gamma.AI's technology (acquired late August) into Palo Alto Networks Next-Gen CASB (NG-CASB). With this integration and additional engineering investments, NG-CASB has quickly increased its coverage across new age cloud collaboration applications and shifted further left by offering real-time ML-powered data protection capabilities. We continue to invest and move toward our vision of making Palo Alto Networks NG-CASB the simplest, yet most powerful product across the industry.
Gamma.AI had set out on a mission to completely transform the Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP) markets for good. After interviewing over a hundred security teams across fortune 1000 customers, they learnt that it took customers over nine months to derive value from traditional CASB and DLP products currently in the market. This involved over three months to deploy agents and configure proxies; over three months to configure DLP patterns and regular expressions; and over three months with a large team to sift through all the false alerts that were generated. Gamma.AI developed an AI-powered cloud DLP that could connect across all cloud collaboration applications in one click, prepackaged with out-of-the-box ML-powered data classification profiles and offering the industry’s best data detection accuracy. Gamma.AI thereby reduced the time to derive value from over nine months to two weeks.
With this integration, Palo Alto Networks NG-CASB has added many new critical capabilities in the last six months:
- Enhanced our coverage to keep pace with the SaaS app explosion by building semi-automated signature discovery capabilities, cataloging SaaS applications with near zero manual intervention.
- Instituted rapid, real-time detection and remediation with webhooks in place of a polling-based framework.
- Increased our coverage for sanctioned SaaS applications to 26 and also reduced our average time to launch integrations from over three months to less than two weeks.
- Launched the industry's most powerful optical character recognition (OCR) engine for classifying sensitive unstructured data in images, screenshots or handwritten notes with maximum accuracy.
- Built natural language processing (NLP) technology to help solve detection and accuracy challenges in hard-to-detect media, like collaboration applications where sensitive information is largely present as unstructured text (i.e. chats or comments).
- Delivered real-time, end-user coaching with Slack and/or Microsoft Team bots that enable scalable incident remediation when employees inadvertently share corporate sensitive data.
- Launched deep learning models for over 30% of our data classification use cases that improved detection accuracy and reduced risk multifold.
- Expanded our machine learning (ML) and NLP technologies to detect new age sensitive data sharing constructs, like passwords, tokens, keys, merger and acquisition (M&A) secrets, etc, which are especially hard to identify using regular expression patterns.
We are on an aggressive road to bring many promised capabilities to our platform in the next few months, getting closer toward achieving our vision of a complete shift-left data protection for SaaS. We are unifying our CASB, DLP and other security services into a single management console, bringing ease of deployment and use for our security administrators. Additionally, we are simplifying our DLP policy and configuration framework to significantly reduce time for our customers. We are enhancing our digital end-user engagement experience via Slack / Microsoft Teams bots to gather more context and help auto-eliminate false positives. We are continuing our investment toward ML powered DLP with the goal of achieving industry-leading accuracy. And finally, we are bringing comprehensive risk management via dynamic visibility around user activity, advanced threats, configuration drifts, identity access and malware exposure across all sanctioned and unsanctioned SaaS applications.
These capabilities are quickly bringing us several steps closer to delivering our vision on becoming the industry's first shift-left comprehensive SaaS security platform. To learn more, download the datasheet and request a demo.