Let me show you how Prisma Cloud does that. So I clicked on the 2,000 security risk. What you see here is a code-to-cloud security graph, where we’re tracing the 2,000 security risk back to the two problems in the code phase. More specifically, these are the two Log4j components that the developers introduced that has the security risk that led to those 2,000 problems. You can see that those 2,000 risks belong to a single application. And like I described, the customer’s using multiple applications. So now the customer has tens of thousands of different risks. With a single click of a button, Prisma Cloud is able to fix the root cause of the issue as you will see that momentarily. We’re able to upgrade the latest version of the Log4j, invoke the pipeline, reduce the risk at each stage of the application life cycle.
And now you see that the 2,000 risks are reduced to zero with a single click option. So that was the first demo. The key thing to remember here is anytime there is a risk in the cloud, you have to trace it back to the cloud, and we’re the only platform that can do that today. The second demo I want to show, and that’s something we’ve been working on, which was with the AI copilot. So let me show you how our AI copilot experience is going to look like is going to show you all the things that it has done for you since you last logged in. The user, this time, I was going to ask the question around how many Log4Shell vulnerabilities do I have in my environment? Through a simple natural language processing, it was able to understand the question, was able to render a similar graph.
As you can see, there are 1,000 cloud risks per Log4Shell, trace it back to the one source problem. The user is able to interact with the copilot, get a little bit more definition of these problems. And finally, just like you saw in the first demo, asked the copilot to go ahead and fix all this problem with a single click. The key thing I want you to remember about the security copilot is that it’s a resource multiplier for you. There are not enough security professionals and the copilot is going to help you burn down the risk, and prevent breaches in cloud. As I wrap this, let me tell you the opportunity ahead of us. The average customer today doubles their credit consumption within a year and quadruples in two years by growing from two to five to eight modules.
We have a natural land-and-expand motion with our existing customers. When you add that with the new customers that we’re going to be adding, and enough headroom that we have with the installed base, the opportunity in front of us is massive. The last thing I’ll leave you with is the market in front of us is huge. Prisma Cloud is the clear leader in this space, and we have the right strategy and the vision to win this market. Thank you all.
Lee Klarich: All right. Thank you, Ankur. Again, clearly, huge opportunity in cloud security with our unique approach and what we’re driving, really excited with where we are and what we’re working on. And now for our third platform, our AI-driven SecOps platform. This is a market that I believe is ready for a fundamental transformation. Most of the technologies that companies use are – or were developed 15, in some cases, 20 years ago. That clearly does not work. They were not designed for an attacker sophistication that we see today. They were not designed for real-time detection, and automation remediation. These tools were not designed for supply chain attacks. These tools were not designed for the advent of attack AI being used by our adversaries.
We have to reimagine security operations from the ground up. And in doing this, leveraging data, leveraging AI, leveraging automation as core tightly integrated foundational aspects to how an entire SecOps platform functions within the SOC. And this is the journey that we’ve been on for the last several years. Building this platform, refining it, developing the capabilities necessary, and then refining it again until we reach the point where we are today, where we have a set of leading products and an incredible platform, delivering incredible outcomes to take advantage of this entire security operations market in front of us. And to share more details I’m joined from our Tel Aviv R&D center by Gonen Fink, who leads our entire Cortex Product Organization.
Gonen?
Gonen Fink: Thank you, Lee. Let’s take a deeper look at why existing SOC architecture doesn’t work. With the growth of sophisticated alerts, multiple tools were created, each one designed to solve a specific problem. This leads to an extremely fragmented SOC, very hard to manage. It is the customer responsibility to integrate those tools into a human-driven workflow. The result of that is bad security outcome, low-confidence alert, energy shortage, unable to resolve those incidents in real time. So what is required to deliver real-time security operation? We need to replace this fragmented architecture with a unified single floor architecture. We need to replace multiple products that collect data with a single data platform and silo detection tools with an AI engine that is trained on a full data center.
And then automation should be natively integrated into the flow rather than being placed as an afterthought. Five years ago, we recognized the criticality of data, AI and automation for the future of cybersecurity. We built three amazing products. Each of them became a leader in its respective category, and we continue to innovate in each of those categories to maintain our leadership. This drove Cortex to become a $1 billion business for us, and it also brought us into thousands of customers’ security operation centers. Cortex XDR extended the EDR market, and it is the best AI tool for endpoint prevention and real-time detection of all security threats. Cortex XSOAR is the best-in-class security tool for automated threat response and Cortex XPAND proactively manage your attack surface and reduce that.
