* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Cloud Security](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Native Application Protection Platform](https://origin-researchcenter.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/)
* Disrupt Attack Paths: How...

# Disrupt Attack Paths: How to Prioritize Your Most Harmful Risk

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdisrupt-attack-paths-prioritize-security%2F)  
[](https://twitter.com/share?text=Disrupt+Attack+Paths%3A+How+to+Prioritize+Your+Most+Harmful+Risk&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdisrupt-attack-paths-prioritize-security%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdisrupt-attack-paths-prioritize-security%2F&title=Disrupt+Attack+Paths%3A+How+to+Prioritize+Your+Most+Harmful+Risk&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/disrupt-attack-paths-prioritize-security/&ts=markdown)  
\[\](mailto:?subject=Disrupt Attack Paths: How to Prioritize Your Most Harmful Risk)  
Link copied  
By [Jason Williams](https://www.paloaltonetworks.com/blog/author/jason-williams/?ts=markdown "Posts by Jason Williams")  
Apr 11, 2023  
4 minutes  
[Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown)  
[Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown)  
[Gartner](https://www.paloaltonetworks.com/blog/tag/gartner/?ts=markdown)

Among cloud deployments averaging 1000s of configuration violations, security teams are realizing approximately 1% of their issues involve interconnected misconfigurations that create attack paths for adversaries.

Rapid proliferation of cloud infrastructure and workloads without unified, contextual security results in a dangerous outcome --- enabling adversaries to exploit open attack paths before security teams even notice.

According to our [recent cloud-native security survey](https://www.paloaltonetworks.com/state-of-cloud-native-security), 90% of organizations report an inability to detect, contain, and resolve threats within an hour. What's more, 76% of organizations say their collection of point-product security tools leave blind spots.

## Why Fragmented Security Doesn't Work

Organizations work with an average of [31 security tools](https://start.paloaltonetworks.com/whats-next-in-cyber-report) across 13 security vendors, according to Palo Alto Networks research. But the complexity of managing vendors and point solutions can create security gaps.

Due to lack of integration and data unification across siloed products, security teams can miss context each time they discover a new security issue. Practitioners spend too much time combing through individual signals in a struggle to identify which issues, or combinations of issues, expose their organization to threats.
![Endless alerts about individual signals don’t provide security teams with a comprehensive view of risk](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/04/word-image-182747-1.png)
Endless alerts about individual signals don't provide security teams with a comprehensive view of risk

Security teams are seeking a better way to contextualize risk and identify potential attack paths. In fact, 78% of organizations agree that cloud security needs [more out-of-the-box visibility and risk prioritization filtering](https://www.paloaltonetworks.com/blog/2023/03/cloud-native-security-survey-report).

Addressing attack paths requires a multidimensional approach. First, security teams need a single solution that ingests and consolidates several unique indicators of risk (e.g., misconfigurations, vulnerabilities, suspicious activity).

Next, that solution must contextualize these indicators of risk to identify open attack paths. To be immediately actionable, the solution ideally needs to provide recommendations on how to remediate the risk.

## Dismantling Attack Paths with Prisma Cloud

Palo Alto Networks Prisma Cloud, the CNAPP that secures applications from code to cloud, is engineered from the ground up to solve this problem.

Unlike siloed tools, Prisma Cloud is built with a unified data model that automatically correlates findings across cloud misconfigurations, vulnerabilities, excessive IAM permissions, network exposures, and more to identify harmful combinations that cause impactful risk.
![Prisma Cloud’s contextual engine distinguishes harmful combinations from less urgent issues](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/04/word-image-182747-2.png)
Prisma Cloud's contextual engine distinguishes harmful combinations from less urgent issues

In addition to finding what *could* go wrong in cloud environments, Prisma Cloud applies threat context to identify what *is*going wrong. With Palo Alto Networks Unit 42 threat intelligence, coupled with machine learning (ML) and user and entity behavior analytics (UEBA), security teams can detect exploited attack paths.

Examples combinations potentially indicating attack paths:

1. A workload with a critical vulnerability that's exposed to the internet and has excessive access permissions.
2. Azure AD user with Key Vault access performing unusual activity
3. Detected network data exfiltration activity on a publicly accessible workload with a critical, exploitable vulnerability

The context-driven platform delivers insights with actionable feedback to address attack paths.
![A combination of misconfigurations and risky permissions enabling lateral movement](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/04/word-image-182747-3.png)
A combination of misconfigurations and risky permissions enabling lateral movement

### The Value of a Unified CNAPP

Prisma Cloud ingests one trillion cloud events daily and intelligently analyzes signals for groups of interconnected risk. Using Prisma Cloud, our early access users discovered 31 critical risks on average, accounting for 1% of their total cloud violations.

> In addition to finding what *could* go wrong in cloud environments, Prisma Cloud applies threat context to identify what *is*going wrong.

### Benefits of Prisma Cloud

* \*\*Increase SecOps efficiency:\*\*Spend less time chasing low-risk alerts and focus on issues that matter the most.
* \*\*Drive down risk:\*\*Identify security issues that pose the greatest likelihood of compromise and lateral movement, find the root cause, and remediate with actionable findings before attackers can exploit them.
* \*\*Improve the developer experience:\*\*Communicate the most urgent issues with application owners using context and evidence for frictionless remediation.

## How to Defeat Critical Risk with Prisma Cloud

Addressing critical risk is nearly effortless, and organizations can get started right away. If you're new to Palo Alto Networks, Prisma Cloud is a SaaS-delivered platform combining best-of-breed capabilities across:

* [Cloud security posture management (CSPM)](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management)
* [Cloud workload protection (CWP)](https://www.paloaltonetworks.com/cyberpedia/what-is-cwpp-cloud-workload-protection-platform)
* [Cloud infrastructure entitlement management (CIEM)](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem)
* [Code security](https://www.paloaltonetworks.com/cyberpedia/what-is-code-security)
* and [more](https://www.paloaltonetworks.com/resources/datasheets/prisma-cloud-at-a-glance)

Identifying attack paths with Prisma Cloud doesn't require an agent installation. Users simply connect Prisma Cloud to their environments and begin burning down risk.

Want to know more about how Prisma Cloud disrupts attack paths? [Join us](https://start.paloaltonetworks.com/code-to-cloud-summit.html) on the Code to Cloud Security Summit and check out our session on *Securing What's Next in Your Cloud,* where we dive into risk prioritization.

If you'd like to get hands-on experience with code-to-cloud security, then [request a 30-day trial](https://www.paloaltonetworks.com/prisma/request-a-prisma-cloud-trial) of Prisma Cloud.

*** ** * ** ***

## Related Blogs

### [Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown)

[#### See What Gartner® Says About CNAPP in New Market Guide](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/gartner-cnapp-2023-market-guide/)

### [Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown)

[#### Bot Protection for Your Cloud Native Applications](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/bot-protection-cloud-native-apps/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown)

[#### Where Cloud Security Stands Today and Where AI Breaks It](https://origin-researchcenter.paloaltonetworks.com/blog/2025/12/cloud-security-2025-report-insights/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown)

[#### Winning the AI Race Starts with the Right Security Platform](https://origin-researchcenter.paloaltonetworks.com/blog/2025/12/winning-ai-race-starts-with-right-security-platform/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud ASM](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-asm/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [CSPM](https://www.paloaltonetworks.com/blog/cloud-security/category/cspm/?ts=markdown)

[#### Cloud Attack Surface Management: See What Other CNAPPs Miss](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/closing-cloud-gap-attack-surface-management/)

### [CIEM](https://www.paloaltonetworks.com/blog/cloud-security/category/ciem-2/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Data Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/data-security-posture-management/?ts=markdown), [DSPM](https://www.paloaltonetworks.com/blog/cloud-security/category/dspm/?ts=markdown)

[#### Weak Identity Governance Leads to Data Exposure --- 3 Attack Paths Explained](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/identity-goverance-data-exposure/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language