* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Cloud Security](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Network Security](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/)
* Secure Cloud Express 2.0 ...

# Secure Cloud Express 2.0 - Trends and Outcomes

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fsecure-cloud-express-2-0%2F)  
[](https://twitter.com/share?text=Secure+Cloud+Express+2.0+-+Trends+and+Outcomes&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fsecure-cloud-express-2-0%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fsecure-cloud-express-2-0%2F&title=Secure+Cloud+Express+2.0+-+Trends+and+Outcomes&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/secure-cloud-express-2-0/&ts=markdown)  
\[\](mailto:?subject=Secure Cloud Express 2.0 - Trends and Outcomes)  
Link copied  
By [Joe Rogalski](https://www.paloaltonetworks.com/blog/author/joe-rogalski/?ts=markdown "Posts by Joe Rogalski")  
Dec 20, 2022  
4 minutes  
[Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown)  
[Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown)  
[Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)  
[CSPM](https://www.paloaltonetworks.com/blog/tag/cspm/?ts=markdown)  
[secure the cloud](https://www.paloaltonetworks.com/blog/tag/secure-the-cloud/?ts=markdown)

In partnership with Palo Alto Networks, Accenture has launched Secure Cloud Express, an evaluation of the client's cloud estate, both internally and externally. Palo Alto Networks Xpanse powers the external attack surface evaluation --- with Prisma Cloud providing insight for the cloud infrastructure environment and Accenture delivering subject matter expertise. When combined with Accenture Cloud expertise, Secure Cloud Express 2.0 produces actionable insight for our clients. Through this partnership, in more than 50 evaluations of client cloud estates, we have seen many findings, with a few overriding themes.

Companies often don't have an accurate understanding or inventory of their cloud estate and lead clients to be unaware of many resources listed, perpetuating the assumption that resources were decommissioned. Several issues are driving this misconception, including:

**Shadow IT.** Departments go rogue and spin up cloud resources because IT is too slow or it's easier to bypass the IT administration. This puts the company at risk, as the compliance and security tools that protect and monitor aren't in place to guard these unmanaged assets.

**Compliance and best practices are often disregarded**. Many companies implement disparate protections across their cloud estate, and the controls implemented on Azure are vastly different from those on AWS. When we inquired about this, the clients mentioned that implementing similar rule sets and compliance policies across multicloud is difficult. Clients also mentioned that implementing and reporting on compliance policies is time-consuming.

## What Can Be Done

![Prisma Cloud Compliance Dashboard](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/12/word-image-39.png "Prisma_cloud_dashboard")

Clients need to accurately understand their complete cloud estate, both internally and externally. To address the external, attack surface management is key. Cortex Xpanse from Palo Alto Networks is an ASM tool that provides the outside-in view of the cloud estate, including shadow IT. Xpanse automatically identifies the public-facing assets, providing the client with a map of their attack surface from an attacker's view. Xpanse commonly identifies 30% or more corporate assets to better inform vulnerability management and finds RDP and Netbios exposures for remote desktops.

Clients can't manage the unknown, which makes it essential that they accurately inventory their cloud assets. Prisma Cloud provides continuous visibility across all deployed assets from a single, unified console with over 1.5B assets monitored across customers. With automated workload and application classification across 100+ services and full lifecycle asset change attribution, cloud assets are managed and protected, reducing the risk for the company and potentially decreasing costs. ![Cortex Xpanse Attack Surface Management console](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/12/word-image-40.png "Cortex_Xpanse_Attack_Surface_Management")

Compliance and best practices should be implemented holistically across the entire cloud estate, including multicloud environments. Prisma Cloud provides continuous compliance posture monitoring and 1-click reporting across multicloud environments, reducing human error. It supports over 26 compliance policies today and has comprehensive coverage (CIS, GDPR, HIPAA, ISO-27001, NIST-800, PCI-DSS, SOC 2, etc.) and support for custom reporting. Prisma Cloud makes it easy to investigate and auto-remediate compliance violations.

Enforcing best practices and remediating misconfigurations before an incident is key to an effective cloud security program. With Prisma Cloud, clients can enforce configuration guardrails for compliance and best practices with 600+ policies built-in across 120+ cloud services. Common misconfigurations can be auto-remediated before they lead to security incidents, and custom policies can be built once and span across multicloud environments. These are a few of the first steps needed to implement a comprehensive cloud security program.

## What's Next for Secure Cloud Express?

With the launch of Secure Cloud Express 2.0, we have added two additional modules: Agentless Scanning and Security as Code. With Security as Code, we scan infrastructure as code repositories to identify configuration risks, common vulnerabilities, and exposures introduced every time a template is used. We ensure that the public access level is set to private for blob containers and that RDP access is restricted from the internet. Agentless scanning gives the team the ability to assess vulnerabilities in hosts, containers, and images on hosts. In scope are compliance assessments for K8S clusters across CSPs, including Openshift clusters. Oracle cloud is also supported for host scanning.

If you're curious about what shadow IT exists in your organization and how well compliance and controls are implemented across your cloud environments, the [Accenture and Palo Alto Networks](https://www.accenture.com/us-en/services/security/alliance-palo-alto-networks) partnership can help.

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Security Provider](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-provider/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

[#### Prisma Cloud Supports Amazon GuardDuty Malware Protection](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/amazon-guardduty-malware-protection/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown), [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown)

[#### Prisma Cloud Now Detects Threats Using the TOR Network](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/threat-detection-using-tor-networks/)

### [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### 6 Common Kubernetes and Container Attack Techniques and How to Prevent Them](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/6-common-kubernetes-attacks/)

### [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/category/cloud-security-posture-management/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### The Role of Zero Trust for Cloud Identities and Infrastructure](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/identities-and-infrastructure/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### What Does the Latest Linux Kernel Vulnerability Mean for Kubernetes Users and How Prisma Cloud Protects Against it?](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/linux-kernel-vulnerabilities/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-security-platform/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### Prisma Cloud at Ignite '21: What to Know](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/prisma-cloud-ignite-21/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language