Palo Alto Networks today introduced its Prisma secure access service edge (SASE) 3.0, designed to secure both managed and unmanaged devices, offer artificial intelligence (AI)-powered data security and partner with cloud service enterprise applications providers for application acceleration. The new capabilities are built on technologies from its latest acquisitions including Talon Cyber Security and Zycada Networks.

The security giant argues legacy SASE solutions may not fully cover security risks from contractors, third-party collaborators and bring your own device (BYOD); offer limited data classification capabilities and inconsistent application performance.

Palo Alto Networks in 2022 called on the cybersecurity industry to make the shift to next-generation zero-trust network access (ZTNA), which the vendor calls ZTNA 2.0 — for today’s hybrid work and cloud migration world.

This time, the vendor unveiled the Prisma SASE 3.0 to add an additional layer of security over contractors and third parties, unmanaged devices or BYOD and managed devices.

A recent Forrester report showed that more than half of employees, contractors and third-parties access to corporate data from BYO devices like personal laptops and mobile devices since 2022. Meanwhile, Gartner predicts that by 2030, enterprise browsers will be the key to delivering secure, digital workforce experiences on managed and unmanaged devices.

Anand Oswal, SVP and GM of network security at Palo Alto Networks, told SDxCentral that other recent statistics showed a vast majority of ransomware attacks and data breaches originated from unmanaged devices or browsers.

To address this issue, the vendor extended its SASE to unmanaged devices through its new Prisma Access Browser. The tool embeds security capabilities, including ZTNA, least privilege access, continuous security inspection and protection for all data sets, into the browser.

The Prisma Access Browser is built on technologies from Talon Cyber Security. Palo Alto Networks bought the enterprise browser technology provider last year to enable Prisma SASE to securely connect all users and devices to all applications and apply consistent security no matter who the user is and what device they use for work, according to Palo Alto Networks CPO Lee Klarich.

For example, Oswal explained, organizations can set policies to restrict access to sensitive applications using the Prisma Access Browser, which allows managed and unmanaged devices to access the same data and resources with consistent security policies, unified management and full visibility.

The Prisma SASE 3.0 aims to boost application permanence by up to five times compared toaccessing them directly through the internet by enhancing the network performance, understanding each user's journey inside the application and proactively computes the dynamic content for that user.

Some key technologies of this application acceleration is based on another Palo Alto Networks’ last year acquisition —Zycada Networks, Oswal said. The startup builds an app-aware edge platform, designed to accelerate software-as-a-service (SaaS) applications and boost network bandwidth.

To better understand and optimize the applications, Palo Alto Networks teams up with leading cloud service and enterprise application providers, including Amazon Web Services (AWS), Slack, ServiceNow, Google, Zoom and SAP to enhance application performance.

As traditional data loss prevention (DLP) solutions struggle to keep pace with the volume and variety of sensitive information proliferating across diverse environments, Palo Alto Networks aims to use a large language model (LLM) for data classification, as part of the Prisma SASE 3.0.

Oswal said this LLM-powered data security dramatically improves the accuracy of data classification. “We're using LLMs augmented by AI detection models to increase the accuracy by utilizing this real machine learning behavioral analytics, so we can monitor and protect where the sensitive data is, where it's going, et cetera.”

He added Palo Alto Networks combines open LLM models available in the market and tunes them for its own use cases.