What's Up with Tech?

SASE Evolution: Bridging Legacy Systems and AI Innovation in Cybersecurity

Evan Kirstel

Share episode

Interested in being a guest? Email us at admin@evankirstel.com

Cybersecurity is undergoing a fundamental transformation as organizations navigate the complex relationship between zero-trust architectures and the realities of hybrid work environments with Anupam Upadhyaya VP of Products for Prisma SASE at Palo Alto Networks, sheds light on how SASE has evolved beyond its initial promise to become the cornerstone of modern security frameworks.

With browsers becoming the primary workspace for professionals – hosting everything from email and documentation to AI interactions – they've simultaneously become prime targets for cyber attackers. A staggering 95% of organizations have experienced browser-based attacks, highlighting a critical vulnerability in our digital infrastructure. Prisma Access Browser represents a paradigm shift in addressing this challenge, offering both a hardened browser environment and sophisticated last-mile protection against emerging threats.

Perhaps most revolutionary is the solution's approach to encrypted traffic inspection – a longstanding challenge for security teams. By examining traffic before encryption or after decryption, Prisma Access Browser overcomes traditional limitations with protocols like QUIC or certificate-pinned applications. This capability provides comprehensive security across all traffic types without compromising performance or privacy requirements.

As AI adoption accelerates within enterprises, security considerations must evolve accordingly. Palo Alto Networks' newly announced Prisma AIRS framework establishes five essential pillars of AI security: model scanning, posture management, red teaming tools, runtime protection, and agent security. This holistic approach ensures organizations can embrace AI innovation without introducing unacceptable risks.

For organizations struggling with legacy VDI infrastructure while wanting to embrace cloud innovations, Prisma Access Browser offers a compelling path forward – delivering consistent security and superior user experience across internet, SaaS, cloud, and legacy applications without forcing everything through VDI chokepoints. Join us to discover how these technologies are reshaping the cybersecurity landscape and enabling secure digital transformation even in the most complex environments.

#sponsored 

Support the show

More at https://linktr.ee/EvanKirstel

Speaker 1:

And it's Evan Kerstel here. I'm at the big Palo Alto Networks event in San Francisco and I'm really excited to sit down with one of the true industry insiders and VP product management leaders at Palo Alto Networks, Arupam Upadhyaya. How are you, sir?

Speaker 2:

Evan, I am great. Thank you for asking what an exciting week for us.

Speaker 1:

Yeah, you have so much news, so many announcements, demos, hands-on. Everything is going on here in San Francisco. Before that, maybe introduce yourself your role and mission team within Palo Alto Networks. What are you focused on?

Speaker 2:

Yeah, so, evan, I've been at Palo Alto Networks for almost five years. I am VP of products for Prisma SASE. Five years I am VP of products for Prisma SASE. Prisma SASE has Prisma Access, which is our secure services edge, our secure access stack in the cloud. Second part is Prisma SD-WAN, which is our SD-WAN component. Global Protect, our Prisma Access agent, which is our agent that connects us to the Prisma SSE or Prisma Access, and then, last but not the least, prisma Access Browser, which extends our SASE to unmanaged devices and provides that last mile of data protection on all devices.

Speaker 1:

Fantastic. So let's, look at the big picture. Sase has been around for a while now. It's been embraced by the industry, but requirements are changing. Customer needs and expectations are changing. What are some of the most critical capabilities you're seeing right now in regards to SASE?

Speaker 2:

Yeah. So, Evan, if we really take a step back, SASE is a fundamental pillar of zero-trust architecture. And what does zero trust mean? Zero trust means there is no trust between users, applications, devices and data. Applications could be owned by enterprise or could be non-enterprise. Every trust has to be explicit and has to be dictated. That's what Zero Trust is, and SASE is manifestation of Zero Trust in the cloud. If you think about SASE, it's cloud-delivered secure access. Our Prisma SASE runs on top of Google Cloud and AWS and, Evan, we recently announced that now it extends to Oracle Cloud as well. The multi-cloud presence allows us to build a highly resilient secure services edge architecture which gives you five nights of high availability and, beyond that, the few new things that we are seeing, because that was your next question we're definitely seeing an increased buzz around Prisma Access Browser because it extends security to unmanaged devices, provides last mile data protection and, more importantly, gives you full visibility into all traffic.

Speaker 2:

There is some traffic, kevin, that is hard to decrypt, so it gives you full visibility to the entire stack. Then the second part that is exciting, apart from Prisma Access Browser, is our AI and large language power data classification, which gives us unparalleled visibility to shadow data and provide the right data protection policies. Our extension of AI apps catalog to more than 2,000. That's available on our SASE platform, including Prisma Access Browser. And, last but not the least, like I said, we also extended our cloud infrastructure to Oracle Cloud. So that's the most exciting part, evan, as we think about SASE. So much news, really exciting.

Speaker 1:

Let's talk about the secure browser. I mean, the browser has been the focus of our personal lives forever, but it's now really important to our professional lives for hybrid work, remote work and work from anywhere. In particular, Tell us what makes your approach to browsing secure and the specific challenges it solves.

Speaker 2:

Yeah, I mean, if I look at myself, I live my life inside the browser. Whether it's checking emails, looking at documents, looking at spreadsheets or even interacting with my favorite large language model or chatbot or extensions all that is in the browser. So when you're living your life inside the browser, the hackers are also taking notice. In fact, there was a recent survey that said 95% of organizations have experienced a browser-based attack.

Speaker 2:

So browser is becoming the new venue where we are interacting with applications, but hackers are also coming in. So when you think about browser, when you think about commercial browsers, they're not really equipped to handle that secure infrastructure or provide that security. When you think about security, it's two pillars. One is make part in the browser, so the browser is protected, and the second is, as bad guys come in to implant malware or steal your data from the browser, the ability to protect against that as well. And that's what Prisma Access Browser provides giving you a harder browser and giving you that last-minute protection against all kinds of attacks that are happening in the browser.

Speaker 1:

Interesting. So let's talk. You know, usual big picture challenge, encrypted traffic. It's always been a challenge for this industry, and yet a secure browser, you know, offers another way to do threat inspection. How does that work exactly?

Speaker 2:

Yeah, look, a lot of times traffic is hard to decrypt because of technology or business reasons. Let's start with business reasons. Right, you might have a valid business reason that you don't want to decrypt specific traffic like Microsoft Office, because you want to honor their SLAs. That could be one part. Or it could be a technology reason where there are protocols like QUIC that are propagated by Google or championed by Google. Or think about applications that require certificate pinning. They are very hard to decrypt, evan, and when they become hard to decrypt, traditional network security inspection mechanisms will find it very hard to detect malware. That's happening inside that.

Speaker 2:

There's one more aspect, evan. It's just not the lack of decryption or the ability to decrypt. A lot of attacks are actually being assembled in the browser and those attacks get delivered, or malware gets delivered in chunks to the browser. And this is where I think Prisma Access Browser shines, because it sees all the data before that gets decrypted or encrypted. So I have the ability to figure out whether the protocol is quick or whether the business application does not allow for decryption to happen. I can run my security, whether it's DNS, whether it's URL filtering, malware or sandboxing, and that is how I can extend security to traffic. That was how to decrypt and that's actually, in a way, game-changing, because we anticipate more and more protocols becoming harder to decrypt in the network and for business and technology reasons, and this is where Prisma Access Browser allows us to serve our customers in a better fashion.

Speaker 1:

Fantastic, well done. So we're all participating in the incitement around Gen AI and LLMs and agentic AI, but up to now security has been a bit of an afterthought, maybe by some. But you're building a kind of bodyguard for the AI and Gen AI world. Maybe describe your announcement around Prisma and some of the new capabilities you're rolling out.

Speaker 2:

Yeah, so Prisma AIRS is the new thing that they have announced, and look what's happening. Evan is, almost all of our customers are dealing with AI tools right, whether they're develop applications or interaction with AI agents, and when that happens, you've got to really first start with AI model scanning making sure that you scan the model to make sure there are no vulnerabilities.

Speaker 2:

That's the first part you want to do, that you have the right model with no vulnerabilities. So that's the first pillar that we reduce AI model scanning. The second is AI posture management making sure that the posture and the security around the posture for your entire ecosystem is not compromised. There are no over permissions in that entire AI ecosystem, because that can lead into security issues. Third thing, when you start thinking about this is okay, that's great, I got my model secured, I got my permission secured.

Speaker 2:

Now, when you start thinking about attackers trying to create vulnerabilities or expose vulnerabilities, that is where red teaming comes in, where we can provide automated AI tools that can do penetration testing against your model to figure out where the weak cracks are or where the weak spots are, so you can go and patch those up, so your model is secure. So now we are done with building, now you deploy the model. Now there'll be runtime issues right, there could be. How do you provide runtime security? So that becomes the fourth pillar giving you runtime, large language model security. And, last but not the least, when you think about AI agents giving them security whether it's about identity impersonation or memory hijacks You've got to make sure your agent is secure as well. So I've been really five pillars right Agent, securing the agent. Second part is making sure that you have the right permissions. Third is making sure that you have the right AI red teaming tools. Fourth is the right runtime security and, last but not the least, securing your AI agent. Fantastic, well, it's quite a foundation you've built.

Speaker 1:

One of the challenges as we head into this next phase, I think, is balancing all of the innovation and opportunities with these new SaaS applications and Gen AI tools with legacy technical debt, older networks, older VDI, et cetera, et cetera, et cetera. How do you see navigating these two worlds of modern, new innovations with the legacy that we're kind of tied to at the moment?

Speaker 2:

Yeah, even if you think about VDI, that was a great concept. When applications are sitting inside the data center and you wanted to provide access to those applications while maintaining the confidentiality of your data and making sure applications are not compromised.

Speaker 1:

But the world has changed on us, evan.

Speaker 2:

In the last 20 years, applications have become decentralized. A lot of apps have moved to the last 20 years. Applications have become decentralized. A lot of apps have moved to the cloud. Internet and SaaS have become more important, and that's where and people are moving a lot of their workloads that historically sat in data center to clouds.

Speaker 2:

Then the question really becomes do you want VDI to be the choke point or do you want to make sure that you provide consistent security and superior experience? And that's the problem. We want to make sure that you provide consistent security and superior experience, and that's the problem we want to tackle. So with Prisma Access Browser, evan, we already can provide you internet and SaaS security. That is a need to go back to the VDI infrastructure. That frees you from the VDI infrastructure superior experience, better security and a better total cost of ownership. And then what we have now recently added to our portfolio as part of this launch is we also support Azure Virtual Desktops. So as customers do their migration from legacy VDI to DAS, we can support that, and if you enable app streaming on your legacy VDI infrastructure, we can support those applications as well. So what?

Speaker 2:

happens now Prisma Access Browser becomes your window into all applications, whether you're sitting in internet, saas, vdi or in the cloud, while providing you a better experience and consistent security Fantastic approach.

Speaker 1:

So one thing I've seen you have great demos here in San Francisco at your big event and you're one of the few vendors that really looks at user experience, ui, ux, that whole world. What are some of the challenges there? Because you're clearly putting a lot of effort into a next generation user experience. Cut for a second.