Again, here going through all the enforcement points, hardware firewalls, software firewalls and SASE, we can give a summarized view of all the six risky applications in this case. Now once you know the risky applications, the next step would be, what is the policy I need to apply to block access to risky application. And using best practices, we’re able to give them the right policy configuration ask the customer to review the policy changes or apply them. And once they apply them, it’s applied across all the enforcement points, making sure the customer is now protected. As you can see, with the power of unified management with the power of the copilot by changing the way network security is deployed operated on a managed on an ongoing basis.
Super exciting. To wrap things up, we have over 1,700 customers today using our platform. And over the next few years, we expect many more customers to use the platform to get the power of Zero Trust, to get the power of ensuring that they have consistency across the entire security estate to get unprecedented visibility. At the same time, we’ve seen customers use and adopt more of our security services. In the last two years that number has increased, and we continue to see a trend. Customers consolidating their point products onto the platform. To make sure that they get the network effect of data and simplify their operations. In summary, Zero Trust can only be delivered for platform centric approach. It’s very hard to do it with point products and disparate solutions.
Customers will continue to integrate more and more of the services onto the platform, and we’ll continue to give a delightful experience to our customers the power of AI. With that, back over to you, Lee.
Lee Klarich: Thank you, Anand. So clearly, huge opportunity in network security Zero Trust platform. Now turn your attention to the Cloud. Cloud is just absolutely gone through an incredible transformation. Today, there’s over 500 million cloud native applications deployed. There’s 33 million developers that are constantly pushing new capabilities in new applications. Nearly all enterprises are multi-cloud. That is just an amazing starting point when you think about what is going on. And at the same time, there’s a, tremendous amount of innovation happening, because of the cloud. And a lot of this is being driven through the ability to leverage open source. That’s being combined with custom code. That’s being combined with infrastructure as code.
All of that just enables the speed, this dynamic nature of the cloud, and it all needs to be secured. And very much like the rest of enterprise cyber security, the industry approach has been a whole bunch of point product that customers are somehow expected to stitch together. We have a different approach. We believe that all of these capabilities should be modules natively integrated and delivered in the platform. And when we get this right, we can not only secure in real time, but we can then fix at source. So, the issue doesn’t happen again. And to go into more details on how we’re able to achieve that is Ankur Shah, leader of our Prisma Cloud code-to-cloud platform. Ankur?
Ankur Shah: Thanks, Lee. Like Lee mentioned, we live in an app economy. The average enterprise today uses over 100 applications, some for commercial and some for internal use. With AI-led code development, I expect this trend to continue. Before we talk about securing the apps, first, let’s talk about how these applications are assembled in the code phase, there are some custom code, a whole bunch of open source code gets deployed using infrastructure as code. And ultimately, it moves through the pipeline goes into the run time and construct what we call the application. The key thing to note here is, that everything that happens in code phase gets multiplied in cloud, a single infrastructure as code or open source component can get deployed across hundreds of thousands of workloads and application component.
What is true for infrastructure and the application layer is also true for the security risk. A risk, like an open source vulnerability, secret, pipeline risk introduced in the code phase, gets multiplied in the run time where – now you have hundreds of thousands of containers and application components running that risk. The attackers has more ways than ever before to exploit this risk and cause a data breach. Now there are two approaches to solving this problem. One approach is what the industry has always done, which is to have a point product per problem. In the code phase, there are about half a dozen different tools to scan security posture. In the infrastructure layer, you have yet another set of tools. And finally, in the run time, you have tools for cloud workload protection, network security and application security.
Now this is not the right approach to solving this problem for two reasons: number one, each of those tools lack the context. So the customers have to stitch all of that together. And the second thing is, like Lee described, there are 33 million developers and a really few security professionals who understand code and cloud. This is a battle that the security team simply can’t win with this specific approach. We believe there is a better approach. And that’s the approach that we have been steadfast in executing over the last four years, and that is an integrated code-to-cloud platform approach that can help customers prevent risks, and breaches in near real time. Prisma Cloud does that today by scanning security vulnerabilities at each phase of the application life cycle and also have runtime protection to prevent breaches in runtime.
Our strategy is resonating well with the customers and analyst community across different component parts as well as the entirety of the platform. Typical customers start their journey in the infrastructure layer, where we have now 68% of the customers where we’re securing over 4 billion cloud assets. Then they shift left, where they want to prevent the risk from happening to begin with, where we have today 20% of our customers, and we are today scanning millions of code assets. And finally, customers want defense in depth, and they want active prevention, and protection technology in the cloud runtime should a bad actor cause a data breach, where today, we have 54% of the customers where we’re scanning 13 million-plus containers. Let’s see the entirety of the Prisma Cloud platform with a quick demo.
What you see here is a code-to-cloud dashboard that gives the security practitioners visibility across the entire application pipeline. What you see here is as the code assets, and the cloud assets are growing, so are the security risk. For example in the code phase, you’re seeing a whole bunch of security risk that Prisma Cloud has already scanned. The typical enterprise uses multiple tools just to do the security of the code. And on the cloud phase, you’re seeing a whole bunch of security scans that Prisma Cloud has done should things fall through the crack and go into production. The key thing to remember here is that risk introduced in the code phase gets multiplied in the cloud, 20 risk in the code got to be 2,000 in cloud. Now typically, the security practitioner, it takes months and months to resolve these 2,000 issues, because they don’t have the context, don’t have the traceability to fix the root cause of the problem.
