[](https://www.paloaltonetworks.com/?ts=markdown) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Prisma logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/prisma-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [](https://www.paloaltonetworks.com/?ts=markdown)

* 产品  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 产品  
  平台
  
  * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown)  
    从代码到云保护应用程序  
    类别
  
  * [云安全态势管理](https://www.paloaltonetworks.cn/prisma/cloud/cloud-security-posture-management?ts=markdown)  
    在多云环境中实现可视性、合规性和治理能力
  
  * [云工作负载保护](https://www.paloaltonetworks.cn/prisma/cloud/cloud-workload-protection-platform?ts=markdown)  
    保护主机、容器、Kubernetes (K8s) 和无服务器功能
  
  * [应用安全](https://www.paloaltonetworks.com/prisma/cloud/application-security)  
    左移，通过设计确保应用的安全
  
  * [云基础设施授权管理](https://www.paloaltonetworks.cn/prisma/cloud/cloud-infrastructure-entitlement-mgmt?ts=markdown) 对云基础设施实施最低权限访问
  
  * [Web 应用和 API 安全](https://www.paloaltonetworks.cn/prisma/cloud/web-application-API-security?ts=markdown) 保护应用程序和 API 免受基于 Web 的攻击
  
  * [云发现与暴露管理](https://www.paloaltonetworks.cn/prisma/cloud/cloud-discovery-exposure-management?ts=markdown) 打击山寨云部署
  
  * [数据安全态势管理](https://www.paloaltonetworks.cn/prisma/cloud/cloud-data-security?ts=markdown) 对敏感数据进行分类并确保其安全
  
  * [AI Security Posture Management](https://www.paloaltonetworks.cn/prisma/cloud/ai-spm?ts=markdown) 确保人工智能应用程序的安全

* 解决方案  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 解决方案  
  响应用例的过程
  
  * 风险预防
  
  * [通过设计确保代码安全](https://www.paloaltonetworks.cn/prisma/cloud/cloud-code-security?ts=markdown)
  
  * [修复 IaC 中的错误配置](https://www.paloaltonetworks.cn/prisma/cloud/infrastructure-as-code-security?ts=markdown)
  
  * [管理开源软件漏洞 (SCA)](https://www.paloaltonetworks.cn/prisma/cloud/software-composition-analysis?ts=markdown)
  
  * [避免机密暴露](https://www.paloaltonetworks.cn/prisma/cloud/secrets-security?ts=markdown)
  
  * [保护 CI/CD 管道](https://www.paloaltonetworks.cn/prisma/cloud/software-supply-chain-security?ts=markdown)
  
  * 可视性和控制
  
  * [检测错误配置](https://www.paloaltonetworks.cn/prisma/cloud/visibility-compliance-governance#conf-mngmt?ts=markdown)
  
  * [生成合规报告](https://www.paloaltonetworks.cn/prisma/cloud/visibility-compliance-governance?ts=markdown)
  
  * [减少过多权限](https://www.paloaltonetworks.cn/prisma/cloud/cloud-infrastructure-entitlement-mgmt?ts=markdown)
  
  * [防止云数据泄露](https://www.paloaltonetworks.cn/prisma/cloud/cloud-data-security?ts=markdown)
  
  * [管理影子云](https://www.paloaltonetworks.cn/prisma/cloud/cloud-discovery-exposure-management?ts=markdown)
  
  * [漏洞管理](https://www.paloaltonetworks.cn/prisma/cloud/vulnerability-management?ts=markdown)
  
  * 运行时保护
  
  * [检测威胁](https://www.paloaltonetworks.cn/prisma/cloud/cloud-threat-detection?ts=markdown)
  
  * [容器和 Kubernetes 安全](https://www.paloaltonetworks.cn/prisma/cloud/container-security?ts=markdown)
  
  * [保护主机/虚拟机](https://www.paloaltonetworks.cn/prisma/cloud/host-security?ts=markdown)
  
  * [捍卫无服务器功能](https://www.paloaltonetworks.cn/prisma/cloud/serverless-security?ts=markdown)
  
  * [保护 Web 应用程序](https://www.paloaltonetworks.cn/prisma/cloud/web-application-security?ts=markdown)
  
  * [API 安全](https://www.paloaltonetworks.cn/prisma/cloud/api-security?ts=markdown)  
    行业
  
  * [政府](https://www.paloaltonetworks.com/prisma/cloud/government)

* 环境  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 环境  
  我们保护的环境
  
  * 云服务提供商
  
  * [Alibaba Cloud](https://www.paloaltonetworks.cn/prisma/environments/alibaba-cloud?ts=markdown)
  
  * [Amazon Web Services](https://www.paloaltonetworks.cn/prisma/environments/aws?ts=markdown)
  
  * [Google Cloud](https://www.paloaltonetworks.cn/prisma/environments/gcp?ts=markdown)
  
  * [Microsoft Azure](https://www.paloaltonetworks.cn/prisma/environments/azure?ts=markdown)
  
  * [Oracle 云基础架构](https://www.paloaltonetworks.cn/prisma/environments/oci?ts=markdown)
  
  * 应用平台
  
  * [Docker](https://www.paloaltonetworks.cn/prisma/environments/docker?ts=markdown)
  
  * [Kubernetes](https://www.paloaltonetworks.cn/prisma/environments/kubernetes?ts=markdown)
  
  * [Red Hat OpenShift](https://www.paloaltonetworks.cn/prisma/environments/red-hat-openshift?ts=markdown)
  
  * [ServiceNow](https://www.paloaltonetworks.com/prisma/environments/servicenow)
  
  * [VMWare Tanzu](https://www.paloaltonetworks.cn/prisma/environments/vmware-tanzu?ts=markdown)
  
  * 云自动化
  
  * [HashiCorp](https://www.paloaltonetworks.com/prisma/environments/hashicorp)

* [产品导览](https://www.paloaltonetworks.com/prisma/cloud/explore-prisma-cloud)

* 资源  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 资源  
  产品信息
  
  * [数据表](https://www.paloaltonetworks.cn/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Fprisma-cloud&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fdatasheet&ts=markdown)
  * [浏览演示](https://www.paloaltonetworks.com/prisma/demos)
  * [技术文档](https://docs.prismacloud.io/en)
  * [知识库](https://support.paloaltonetworks.com/search#f:@source=[Salesforce%20Knowledge]&f:@objecttype=[KBKnowledge]&f:@panproduct=[Prisma%20Cloud])
  * [支持](https://support.paloaltonetworks.com/Support/Index)
  * [专业服务](https://www.paloaltonetworks.com/prisma/professional-services-for-cloud-native-security)
  * [技术合作伙伴](https://technologypartners.paloaltonetworks.com/English/directory?Integration_Products__cf=Prisma%20Cloud&Integration_Products__cf=Prisma%20Cloud%20Compute)
  * [开源](https://www.paloaltonetworks.com/prisma/cloud/open-source-projects)  
    学习与交流
  * [博客](https://www.paloaltonetworks.com/blog/cloud-security/?lang=zh-hans)
  * [研究](https://www.paloaltonetworks.com/prisma/cloud/research)
  * [DevSecTalks](https://www.paloaltonetworks.com/devsectalks/)
  * [云安全 Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia/cloud-security?ts=markdown)
  * [查看客户成功案例](https://www.paloaltonetworks.cn/prisma/cloud/customer-stories?ts=markdown)
  * [分析师和研究报告](https://www.paloaltonetworks.cn/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Fprisma-cloud&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fresearch&ts=markdown)
  * [白皮书](https://www.paloaltonetworks.cn/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Fprisma-cloud&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fwhitepaper&ts=markdown)
  * [电子书](https://www.paloaltonetworks.cn/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Fprisma-cloud&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fbook&ts=markdown)
  * [视频](https://www.paloaltonetworks.cn/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Fprisma-cloud&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fvideo&ts=markdown)
  * [开发人员资源](https://www.paloaltonetworks.com/prisma/cloud/developer)  
    [![2024 年云原生安全现状报告](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/cloud/prisma-cloud_state-of-cloud-native-security-report-2024_website-nav-card_167x125.jpg)  
    CXO 研究
    2024 年云原生安全现状报告
    获取报告](https://start.paloaltonetworks.cn/state-of-cloud-native-security-2024)  
    [![完整的云安全平台。端到端全面覆盖生命周期。](https://www.paloaltonetworks.com/content/dam/pan/en_US/prisma/cloud-new/promo-card.jpg)  
    点播线上活动
    完整的云安全平台。
    端到端全面覆盖生命周期。
    现在观看](https://start.paloaltonetworks.cn/prisma-cloud-new-innovations-for-the-future-of-cloud-security-webinar-on-demand.html)

* 

![palo alto networks logo icon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-default.svg) ![white arrow icon pointing left to return to main Palo Alto Networks site](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-white.svg)  
[](https://www.paloaltonetworks.com/?ts=markdown)  
搜索  
Close search modal

*** ** * ** ***

# 云基础设施授权管理

Prisma® Cloud 让您在多云环境中控制权限  
[申请试用](https://www.paloaltonetworks.cn/prisma/request-a-prisma-cloud-trial?ts=markdown)  
![Identity and Access Management Security Front](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Hero-Front-Approach.png)  
![Identity and Access Management Security Back](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Hero-Back-Approach.png)  
![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-white.svg)  
![Identity and Access Management Security Front](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Hero-Front-Approach.png)![Identity and Access Management Security Back](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Hero-Back-Approach.png)  
重要意义我们的方法模块资源

* [重要意义](#why)
* [我们的方法](#approach)
* [模块](#modules)
* [资源](#resources)  
  {#why}

## 角色过度宽松、证书安全性差以及意外的公开暴露都导致企业云环境遭到严重破坏。

### 了解 IAM 控制如何保护您的云免遭侵害。

[下载产品说明](https://www.paloaltonetworks.com/resources/datasheets/prisma-cloud-identity-ams)

### 有效权限计算非常复杂

在公有云中，权限可以在多个位置定义和继承，包括角色、资源、访问控制列表，等等。退一步说，跨云提供商获取净有效权限的可视性也是很复杂的。

### 角色过度宽松会导致影响重大的故障

通过利用身份和访问管理 (IAM) 错误配置（例如过度宽松的角色），攻击者可以建立对整个云环境的控制。拿到这些"进入王国的钥匙"，就很容易入侵所有帐户或者将其用于恶意活动。

### 实施最低特权访问颇具挑战性

虽然最低特权原则是一个直观的概念，但要在高度动态的多云环境中持续维护这种最佳实践，对于每个企业来说终究是一大挑战。  
![Forrester Report](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/environments/Forrester_300x260.svg)

## Forrester 总体经济影响™ 研究：使用 Prisma Cloud 可节省 276% 的成本

[下载研究](https://www.paloaltonetworks.com/prisma/forrester-tei-study-prisma-cloud-2021)

## 监控权限并持续实施最低特权访问

云基础设施授权管理 (CIEM) 为用户提供对有效权限的广泛可视性，持续监控多云环境中是否存在有风险和未使用的授权，并自动提出最低特权建议。用户可以简单而高效地了解哪些身份可以访问关键基础设施，包括那些与 IdP 提供商相关的身份，所有这些都无缝集成到 Prisma® Cloud 中。

* 查询用户、计算实例、云资源等的权限
* 监视多余以及未使用的权限
* 自动修复过于宽松的角色
* ![净有效权限](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/Icons/iam-security-net-effective-permissions.svg)
  净有效权限
* ![适当调整权限](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/Icons/iam-security-rightsizing-permissions.svg)
  适当调整权限
* ![IAM 权限调查](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/Icons/iam-security-investigate-Entitlements.svg)
  IAM 权限调查
* ![IdP 集成](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/Icons/iam-security-idp-integration.svg)
  IdP 集成
* ![自动修复](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/Icons/iam-security-automated-remediation.svg)
  自动修复
* ![准时制 (JIT) 访问](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/4-6_JIT-security.svg)
  准时制 (JIT) 访问  
  {#approach}

*** ** * ** ***

Prisma Cloud 解决方案

## 我们的云基础设施授权管理方法

### 净有效权限

全面了解谁可以对哪些资源采取哪些行动。CIEM 专门用于直接解决跨 AWS、Azure 和 GCP 管理权限的难题。Prisma Cloud 可自动计算用户在各云服务提供商之间的有效权限，检测过度宽松的访问，并提出修正建议，以达到最低权限。

* 

#### 用一个解决方案管理多云授权

获得 Prisma Cloud 提供的集成多云功能，将我们为云安全态势管理 (CSPM) 所做的一切扩展到云身份。
\*

#### 实施预建的策略

利用专用的开箱即用型策略检测存在风险的权限并移除不需要的云资源访问权限。
\*

#### 审核权限实现内部合规

使用相关用户数据、服务数据和云帐户快速审核云权限。

[了解更多](https://www.paloaltonetworks.com/blog/prisma-cloud/iam-security-essential-cspm/)  
[![净有效权限](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Hero-Front-Approach.png)](#prismastickyimagecomapproach1_prisma-custom-background_prismacustombackgrou_14379965_cleanParsys_cloud-infrastructure-entitlement-mgmt_cloud_prisma_zh_CN_pan_content_)

### 适当调整权限

专用的开箱即用型策略检测存在风险的权限并帮助移除不需要的云资源访问权限。自动检测过度宽松的用户权限，然后利用自动化建议适当调整权限，以实现最低特权访问。

* 

#### 检测过度宽松的策略

通过自动检测过度宽松的访问策略，移除不需要的云资源访问权限。
\*

#### 实施预建的策略

使用开箱即用型策略检测公开访问、通配符使用、风险权限，等等。
\*

#### 自动化建议

使用自动化建议实现最低特权原则。

[了解更多](https://www.paloaltonetworks.com/blog/prisma-cloud/iam-security-essential-cspm/)  
[![适当调整权限](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Hero-Back-Approach.png)](#prismastickyimagecomapproach2_prisma-custom-background_prismacustombackgrou_14379965_cleanParsys_cloud-infrastructure-entitlement-mgmt_cloud_prisma_zh_CN_pan_content_)

### IAM 权限调查

查询所有相关 IAM 实体，包括不同实体间的所有关系，以及它们在云环境中的有效权限。了解哪个用户可以对哪个云上的哪些资源采取哪些操作。将查询转换为自定义云不可知策略，并定义补救步骤和合规性影响。

* 

#### 调查 IAM 权限

查看实时数据和历史数据，了解 IAM 活动和权限。
\*

#### 查询数据以全面了解用户活动

获取可疑活动的详细视图，以及连接的帐户和资源。
\*

#### 查询特定于身份提供商的数据

发现过度宽松的 IdP 用户角色，并将结果与云身份（例如 IAM 用户和机器身份）相关联。

[了解更多](https://www.paloaltonetworks.com/blog/prisma-cloud/iam-security-controls/)  
[![IAM 权限调查](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Entitlement-Investigation-Table.png)](#prismastickyimagecomapproach4_prisma-custom-background_prismacustombackgrou_14379965_cleanParsys_cloud-infrastructure-entitlement-mgmt_cloud_prisma_zh_CN_pan_content_)

### IdP 集成

与 Okta、Azure AD 和 AWS IAM Identity Center 等身份提供商 (IdP) 服务集成，以提取单点登录 (SSO) 数据。查看有效权限和过度宽松的 IdP 用户角色，并将结果与云身份（例如 IAM 用户和机器身份）相关联。

* 

#### 利用 IdP 服务的集成支持

提取单点登录 (SSO) 数据以进行权限映射，并计算多云帐户中 IdP 用户的有效权限。
\*

#### 查询特定于身份提供商的数据

发现过度宽松的 IdP 用户角色，并将结果与云身份（例如 IAM 用户和机器身份）相关联。
\*

#### 将查询转换为云不可知策略

将 RQL 查询转换为具有特定合规性和修复影响的 IAM 安全策略，轻松为 IdP 用户构建自定义护栏。

[了解更多](https://www.paloaltonetworks.com/blog/prisma-cloud/IAM-security-controls/)  
[![IdP 集成](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/IdP-Integration.png)](#prismastickyimagecomapproach3_prisma-custom-background_prismacustombackgrou_14379965_cleanParsys_cloud-infrastructure-entitlement-mgmt_cloud_prisma_zh_CN_pan_content_)

### 自动修复

自动调整权限并持续实施最低特权访问。向 14 个第三方工具发送提醒通知，包括电子邮件、AWS Lambda 和 Security Hub、PagerDuty®、ServiceNow® 以及 Slack®。

* 

#### 为权限过高的用户激活自动补救

针对任意云用户，从 Prisma Cloud 获取有关理想权限级别的建议。
\*

#### 对 14 个常见集成的支持

将 Prisma Cloud 警报与您现有的警报管理工具无缝集成，其中内置对 14 种第三方工具的支持。
\*

#### 修复剧本

将自定义 Cortex® XSOAR 剧本用于 Prisma Cloud，并轻松实施高级安全编排功能。

[了解更多](https://www.paloaltonetworks.com/blog/prisma-cloud/IAM-security-controls/)  
[![自动修复](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Auto-Remediation.png)](#prismastickyimagecomapproach5_prisma-custom-background_prismacustombackgrou_14379965_cleanParsys_cloud-infrastructure-entitlement-mgmt_cloud_prisma_zh_CN_pan_content_)

### 准时制 (JIT) 访问

通过根据特定的限时权限限制对资源的访问，提供零信任的权限管理方法。用户和机器身份只有在需要时才能在有限的时间内被授予访问权限，从而减少了整体攻击面和关键资源对潜在威胁的暴露。

* 

#### 利用零常设特权：

允许身份根据需要请求临时访问资源，从而降低拥有长期未使用的权限的风险。
\*

#### 自动或手动批准访问：

根据企业配置，实现自动和手动批准。
\*

#### 活跃监控：

对活跃会话的可视性 - 能够实时终结不需要的会话。
\*

#### 与开发人员工具无缝集成：

与 ServiceNow 和 Slack 集成，因此可在原生工具中请求访问。这使得 JIT 访问很容易实现，而且不会中断工作流程。  
[![准时制 (JIT) 访问](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/usecases/ciem/Just-in-time-Access.png)](#prismastickyimagecom_prisma-custom-background_prismacustombackgrou_14379965_cleanParsys_cloud-infrastructure-entitlement-mgmt_cloud_prisma_zh_CN_pan_content_)  
![Prisma Cloud](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma-refresh/prisma-laptop-1.svg)  
Prisma Cloud  
Prisma^®^ Cloud 是业界最完善的云原生应用保护平台 (CNAPP)，在整个开发生命周期以及混合和多云环境中为基础架构、工作负载和应用提供业界最广泛的安全性和合规性覆盖范围，涵盖整个云原生技术堆栈。  
[了解更多](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown)  
{#modules}

## 云身份安全模块

### 云基础设施授权管理

集中管理身份并管理跨云访问。  
[了解更多](https://www.paloaltonetworks.com/blog/prisma-cloud/iam-security-controls/)  
{#resources} 特色资源

## 详细了解 Prisma Cloud 可为您的业务提供的帮助

[查看所有资源](https://www.paloaltonetworks.cn/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Fprisma-cloud&ts=markdown)  
信息图表

#### CIEM：身份是新的边界

[阅读更多](https://www.paloaltonetworks.com/resources/infographics/ciem-identity-is-the-new-perimeter)  
指南

### 帮助了解云基础设施授权管理的 5 分钟指南

[阅读更多](https://www.paloaltonetworks.cn/resources/guides/5-min-cloud-infrastructure-entitlement-management?ts=markdown)  
研究报告

### Unit 42 云威胁报告，第 6 卷：IAM：第一道防线

[阅读完整报告](https://www.paloaltonetworks.com/resources/research/unit-42-cloud-threat-report-volume-6)  
产品说明

### 使用 Prisma Cloud 的云身份授权管理 (CIEM)

[下载](https://www.paloaltonetworks.com/resources/datasheets/prisma-cloud-identity-ams)  
博客

### 为什么 IAM 安全必须是 CSPM 的一个重要组成部分

[阅读博客](https://www.paloaltonetworks.com/blog/prisma-cloud/iam-security-essential-cspm/)  
PreviousNext  
[### 客户案例
了解 Pokemon、Sabre 和 ElevenPaths 如何利用 Prisma Cloud 的完整生命周期安全性和全栈保护。](https://www.paloaltonetworks.cn/prisma/cloud/customer-stories?ts=markdown)  
[### 云安全基础知识
了解 DevSecOp 趋势，并从开发人员、行业领导者和安全专业人员处获得实用技巧。](https://www.paloaltonetworks.com/devsectalks/)  
[### 最新博客更新
首先阅读一篇文章，该文章着重介绍具有 Kubernetes 集群意识的容器安全性，然后深入研究其余内容。](https://www.paloaltonetworks.com/blog/prisma-cloud/)  
{#footer}

## 产品和服务

* [实时人工智能驱动的网络安全](https://www.paloaltonetworks.cn/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown)

* [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown)

* [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown)

* [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-iot-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown)

* [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)

* [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown)

* [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown)

* [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown)

* [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown)

* [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown)

* [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)

* [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown)

* [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown)

* [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown)

* [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown)

* [主动评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown)

* [事故响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown)

* [安全策略转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown)

* [发现威胁情报](https://www.paloaltonetworks.cn/unit42/threat-intelligence-partners?ts=markdown)

## 公司

* [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown)
* [人才招聘](https://jobs.paloaltonetworks.com/en/)
* [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown)
* [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility)
* [客户](https://www.paloaltonetworks.cn/customers?ts=markdown)
* [投资者关系](https://investors.paloaltonetworks.com/)
* [位置](https://www.paloaltonetworks.com/about-us/locations)
* [新闻资讯](https://www.paloaltonetworks.cn/company/newsroom?ts=markdown)

## 热门链接

* [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans)
* [社区](https://www.paloaltonetworks.com/communities)
* [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown)
* [网络百科](https://www.paloaltonetworks.com/cyberpedia)
* [事件中心](https://events.paloaltonetworks.com/)
* [管理电子邮件首选项](https://start.paloaltonetworks.com/preference-center)
* [产品清单](https://www.paloaltonetworks.cn/products/products-a-z?ts=markdown)
* [产品认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance)
* [报告漏洞](https://www.paloaltonetworks.com/security-disclosure)
* [网站地图](https://www.paloaltonetworks.cn/sitemap?ts=markdown)
* [技术文档](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [请勿出售或分享我的个人信息](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [隐私](https://www.paloaltonetworks.com/legal-notices/privacy)
* [信任中心](https://www.paloaltonetworks.com/legal-notices/trust-center)
* [使用条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use)
* [文档](https://www.paloaltonetworks.com/legal)

版权所有 © 2025 Palo Alto Networks。保留所有权利

* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)
* CN  
  Select your language