Palo Alto Networks - Aperture

Secure the business-critical data within your SaaS applications

Fill the SaaS security gaps that put your data at risk The appeal of SaaS applications, such as Office 365®, G Suite™, Box and Salesforce®, is growing, but so are the hidden threats in SaaS offerings: costly data leaks, regulatory noncompliance, malware propagation and so on. Aperture™ SaaS security service complements your existing security tools and delivers data classification, data leakage prevention and threat detection – so you can secure your SaaS applications.


Risk discovery and deep visibility

Aperture provides complete visibility across all user, folder and file activity, generating detailed analysis that helps you transition from a position of speculation to one of full awareness at any given point in time. Deep analytics into day-to-day usage allow you to quickly determine if there are any data risk- or compliance-related policy violations.

Data leak prevention and compliance

Define granular, context-aware policy control to drive enforcement as well as quarantine users and data as soon as violations occur. This enables you to quickly and easily satisfy data risk compliance requirements, such as those related to PCI, PII or PHI data, while still maintaining the benefits of cloud-based applications. Aperture can connect directly to enterprise SaaS applications to provide:

  • Data classification and monitoring
  • Data loss prevention, or DLP, capabilities
  • User activity tracking for anomalies
  • Known and unknown malware prevention
  • Detailed risk and usage reporting

User protection

Heuristic-based user behavior monitoring and alerting enables you to easily identify suspicious behavior, such as logins from unexpected regions, unusually large usage activity or multiple failed login attempts, indicative of credential theft.

Advanced threat prevention

WildFire® malware prevention service, integrated with Aperture, provides advanced threat prevention to block known malware and identify and block unknown malware. You can keep threats from spreading through the sanctioned SaaS applications, preventing a new insertion point for malware. New malware discovered by Aperture is shared with the rest of the Security Operating Platform, strengthening your overall security posture.

Simple to deploy

Aperture is a cloud-delivered service, without the need for any proxies or agents. Because Aperture communicates directly with SaaS applications, it will look at data from any source, regardless of the device or location from which the data originates. Because Aperture isn’t inline, it doesn’t impact latency or bandwidth of applications, and it doesn’t affect the end-user experience. 

Multimode CASB capabilities, cloud-delivered

The Palo Alto Networks Security Operating Platform offers inline and API-based protection technologies that work together to minimize the wide range of cloud risks that can cause breaches. With a fully cloud-delivered approach to a cloud access security broker, or CASB, you can secure your SaaS applications using:

INLINE – an approach with Palo Alto Networks GlobalProtect cloud service to secure inline traffic with deep application visibility, segmentation, secure access and threat prevention. This approach combines user, content and application inspection features within the security service to enable CASB functions.

API-BASED – an approach with Aperture SaaS security service to connect directly to SaaS applications for data classification, DLP and threat detection. Aperture takes an out-of-band API-based approach that enables granular inspection of all data at rest in the cloud application as well as ongoing monitoring of user activity and administrative configurations.