ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI
Silent Skimmer Gets Loud (Again)
Automatically Detecting DNS Hijacking in Passive DNS
See all Unit 42 Threat Research

Repsol Powers Visibility into Data and AI With Prisma Cloud DSPM and AI-SPM

SUMMARY

Repsol, a Spanish-based global multi-energy provider with 24 million customers in over 90 countries and 25,000 employees, has more than its share of data to protect. In addition, the multinational giant needs to comply with various regulations, including GDPR and PCI DSS, while securing data related to internal financial control policies, IP, and other sensitive areas. Given Repsol’s cloud-first strategy, its security teams had to ensure that access to the company’s sensitive data assets stored in cloud environments be granted on a need-to-know basis. As such, Repsol needed a cloud-native tool focused on data security. At the same time, like most enterprises, Repsol has been exploring the development of AI-powered applications and wanted to gain visibility into their deployed AI models and connected assets.

RESULTS

1

minute automated detection of new risk

5

minute alert to SOC team for rapid response

100%

data asset coverage across AWS and Azure
CHALLENGE

Repsol sought to enhance its data security posture and gain deeper insights into its AI landscape. Repsol needed to achieve granular visibility into its data assets, accurately classify sensitive information, and identify and remediate misconfigurations.

  • Gain visibility into data assets and how they move across different environments
  • Classify and label sensitive assets with relevant compliance frameworks, including GDPR and PCI DSS
  • Identify misconfigured sensitive assets that are “open to the world” and remove all unnecessary access
  • Obtain visibility into the AI ecosystem to identify their deployed AI assets and related

"It was imperative for us to understand what sensitive assets are open to public access and to prioritize these risks to close our security gap.”

– Guillermo Ramos Valverde

Security Architect, Repsol

SOLUTION

Automating discovery and classification to maintain control over data

After migrating its data to AWS and Azure cloud environments, Repsol quickly discovered it was difficult to maintain a clear inventory of its data, including where it resides and who has access to it. The company searched for a cloud-native data security tool to complement its Prisma Cloud CSPM solution and deployed Prisma Cloud DSPM.

Adapted to meet Repsol’s stringent internal data policies, the DSPM solution enables automated discovery and classification of the company’s data assets, while identifying which, if any, sensitive assets are accessible through the internet.

Prisma Cloud DSPM automatically classifies and labels Repsol’s data with relevant compliance frameworks, including GDPR and PCI DSS, for simpler auditing, reporting, and remediation. And with over 120 out-of-the-box classifiers, Prisma Cloud DSPM enables Repsol to locate and catalog sensitive data across different cloud locations to ensure continuous compliance with internal and external regulatory standards.

Identifying sensitive data “open to the world”

Repsol leverages Prisma Cloud DSPM to identify sensitive data across its cloud environments. The solution’s automated risk identification capabilities – including risks associated with sensitive data exposure, compliance violations, access governance, and data residency issues – enable Repsol to maintain control over its data assets.

“The solution covers all our data assets stored in AWS and Azure environments, to identify whether any assets are open to the world,” Guillermo says.

Moreover, Repsol uses Prisma Cloud DDR capabilities to ensure that any new exposure of a sensitive asset is handled immediately, The solution evaluates data activity against an evolving threat model of cloud data stores, using predefined policies to detect data exfiltration attempts, compliance breaches, and data misuse.

Offering unprecedented data security, Prisma Cloud DSPM also provides Repsol with automated malware detection in data uploaded to cloud storage.

Securing AI-powered applications

AI-SPM enables Repsol to gain visibility over AI models used in their environment, ensuring that only sanctioned models are being deployed. The solution automates the discovery of the models and associated datasets used for training and inference, which reduces the risks of sensitive data leaking through these applications.

"The solution ensures enforcement of our DSPM policies, and eventually will remediate security findings related to data exposure through our AI-powered applications."

Results

Improve visibility and control of sensitive and regulated data across cloud environments

Prisma Cloud DSPM tracks and monitors Repsol’s public data assets to give the company’s Big Data team full data visibility. Meanwhile, Repsol’s Database Security team establishes data security and governance by applying least-privilege access policies. This limits exposure to sensitive data and reduces the risk of potential data breaches.

Prioritize remediation and reduce data exposure

Incorporating both content and context of data, Prisma Cloud DSPM allows Repsol’s Control and Compliance team to streamline the approval of prioritized issues for remediation to align with the needs of the business. “The solution not only ensures enforcement of our DSPM policies, but also automates remediation of our security findings related to data exposure,” Guillermo says.

Address alerts in real time to detect and mitigate potential threats quickly

Repsol’s Incident Response team leverages the solution to automatically receive alerts related to risky data interactions and address them immediately. Featuring DDR capabilities, Prisma Cloud DSPM enables the company to mitigate potential threats quickly.

Increase visibility of AI-powered application ecosystem and reduce data exposure risk

AI-SPM enables Repsol to create an inventory of its managed AI assets, including model endpoints, models, and plug-ins, as well as datasets used for model training and inference. This will eventually give its security teams the ability to ensure that internal policies are enforced, that only sanctioned models are being used, and that associated datasets are not posing any risk to the application and the organization’s data. As Repsol moves ahead in developing AI applications, AI-SPM is helping the company gain visibility into the various AI resources deployed in their environments.

With the combined Prisma Cloud DSPM and AI-SPM now in place, Repsol knows where its data and AI assets are and what data is potentially at risk. This enables the company to deliver energy to customers worldwide with the peace of mind that the business is secure.

Conclusion

Guillermo is extremely satisfied with all aspects of Repsol’s engagement with Palo Alto Networks. “We’re very happy with Prisma Cloud DSPM and AI-SPM, from rapid discovery of our public data assets to the generation of great insights. And the Palo Alto Networks team has closely accompanied us from the outset, helping us with deployment and making itself available for any issues that come up. We’re on a really good track right now, and are anticipating the addition of new features and capabilities over time.”

"We’re extremely impressed with the capabilities of Prisma Cloud DSPM and AI-SPM. The combined solution gives us great data insights that were previously unavailable to us. We look forward to deriving more benefits as we continue moving our data to the cloud."

– Guillermo Ramos Valverde

Security Architect, Repsol

Download article

CUSTOMER DETAILS

Energy

Spain

repsol.com

Products USED

AI Security Posture Management

Data Security Posture Management

Download article

Join the Champions Program

Become an advocate for Palo Alto Networks and gain exposure for your organization.

Get the latest news, invites to events, and threat alerts