In the previous post, Data Loss Prevention (DLP) was introduced as a core network security capability for identifying sensitive information and enforcing policy to prevent exposure. AI introduces a new access pattern that challenges traditional application-centric controls. AI-driven interactions span browsers, APIs, SaaS integrations, and internal data sources, often occurring
Data Loss Prevention (DLP) is a core network security capability focused on identifying sensitive information and enforcing policy to prevent exposure. This post examines the role of DLP within the NetSec platform, and how content-aware inspection enables consistent protection across the modern workforce. As organisations increasingly adopt AI-powered tools, the
The NetSec platform reference model defines 3 layers: management, inspection, and enforcement. These layers must operate as a coherent system rather than as independent components. This post focuses on the management layer – the control plane responsible for policy, visibility, and operational workflows. Most organisations already operate security across multiple domains
In the previous posts, Prisma Access was positioned as the distributed enforcement layer of the NetSec platform, with Strata Cloud Manager (SCM) operating as the central control plane for policy and visibility. This post explains Cloud-Delivered Security Services (CDSS) - the shared inspection layer that provides detection and prevention capabilities
In the previous post, I described Prisma Access as the distributed enforcement layer within the NetSec platform - steering user and branch traffic into regional enforcement points under a unified control plane. If you are new to the discussion, it is worth reviewing that post before continuing. This article builds
At a high level, Prisma Access is a distributed security enforcement layer. The key concept is that security enforcement happens in a cloud-delivered security edge, close to users and applications, rather than a single physical location (like a data centre firewall). Prisma Access provides consistent controls for: * Remote users * Branch
Zero Trust is an approach to network security that removes implicit or assumed trust. It isn't a product and it isn't owned by any one vendor. At a high level, Zero Trust is built on a simple idea: Never trust by default, always verify. Apply least
A well implemented NetSec platform will give centralised intent and control, distributed enforcement, and shared visibility - consistently applied wherever your users and applications are active. In this post I'll outline a simple reference model with example building blocks. It's intentionally pragmatic, the goal is to
When it comes to network security the majority of organisations I have worked with have a visibility problem, or they have a scale problem. Some have both. As workflows and systems have become digital most organisations have had organic growth in their software usage and supporting infrastructure. While lines of