Securing the online retailer of the future with Prisma Cloud Compute

When this European online retailer moved to a decentralised approach of building software to release services faster and at scale, a fundamental problem arose. Without the right combination of visibility and control, security teams were challenged to protect runtime environments and extend security across the full application lifecycle.

Fashion is the core business of this European multichannel retailer, with jewellery, shoes, and lifestyle items complementing the range. The business is rapidly adapting to the furious pace of change in retail. A modern, transformative cloud-native architecture has allowed the business to deliver value faster and innovate more rapidly, more independently, and at a greater scale.

The company’s cloud-native ecosystem is evolving just as fast due to new technologies such as VMs/hosts, containers, and serverless workloads. Each has different security requirements, especially once CI/CD pipelines and tools that DevOps teams use for fast deployments at scale are factored in.

The retailer uses a variety of cloud providers, including Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS). However, according to a company spokesperson, when it came to adopting cloud security, these CSPs (cloud service providers) fell short of what was needed, and it would require additional resources to know each CSP’s cybersecurity tool. “For the new software we’re developing in the cloud, we need transparency on the runtime processes and container clusters. Back then, the CSP tools didn’t offer this,” they explain.

Without the right tooling, operationalisation, and enablement, the retailer’s application development would potentially be delayed, jeopardising the agility so crucial to retail success. Moreover, the security teams would be overwhelmed with manual effort – without making the applications and environments any more secure.

To protect its multicloud and hybrid environments and cloud-native applications, the retailer needed full stack, full lifecycle protection. This meant the solution would be required to:

• Provide 360-degree protection across hosts, containers, and serverless deployments in any cloud.
• Protect all workloads, regardless of underlying compute technology or the cloud they run in.
• Deliver complete transparency in container clusters.
• Integrate security directly into the CI process, fixing problems before production.

The retailer implemented Prisma Cloud Compute to deliver holistic cloud workload protection across its hosts, containers, and serverless deployments in any cloud, throughout the software lifecycle.

Some 20 teams – collectively over 180 product owners, data scientists, user experience experts, and others – rely on Prisma Cloud Compute to maintain full custody of the data. Up to 350 images are in production, and there are approximately 1,200 containers running (700 in production and 500 in preproduction). Almost 100 builds are scanned per day. “The machine learning element is innovative, allowing us to secure environments at scale with both predictive and threat-based active protection,” the spokesperson says.

The organisation began using Prisma Cloud Compute on its e-commerce platform to reimagine the online user experience. It is now used across all of the company’s brands, which operate on the same platform.

From one pane of glass, the retailer has scalable, comprehensive cloud-native security. The benefits include:

• Transformed retail experience: Millions of customers benefit from a richly rewarding service experience. Comprehensive security for cloud-native applications throughout the development lifecycle ensures customers can browse and buy in confidence and at their convenience.
• Agile scalability: The cloud security platform scales seamlessly, without delaying development. New services are launched more quickly and innovation happens faster. “In the five years of using Prisma Cloud Compute, we have not recorded a single incident on the systems running on this platform,” says the company spokesperson. “The best bit for me is still the runtime protection. All events are categorised, and we can easily identify the ones at risk.”
• Reduced time to respond and repair: The mean time to patch has dropped by approximately 35% following the adoption of Prisma Cloud Compute, ensuring agile response to security vulnerabilities.
• Increased visibility: Intuitive visual analytics provide continuous vulnerability intelligence and risk prioritisation across the cloud estate and throughout the software lifecycle.
• Improved agility: According to the spokesperson, “We’re spending less time now on information security, especially vulnerability management, runtime protection, and compliance. Everything is deployed automatically.”

Learn more about Palo Alto Networks on the website where you can also read many more customer stories.