Welcome to your personal interactive walkthrough. To experience the difference in security and administrative control, we recommend testing this demo site on both a standard legacy browser and the secure Prisma Browser. Scroll down to evaluate the active policies enforced dynamically on this endpoint.
Dynamic secure watermark layer active.
Click the button on the left to see dynamic watermarking in action. Prisma Browser overlays a secure, customizable watermark containing your corporate logo, active username, and timestamp. The density, transparency, and display angle can be easily modified.
Operating at the browser layer allows Prisma Browser to inspect data as it renders in the DOM, eliminating the need to inspect network packets in transit. Below, you can see smart data masking in action: the system intelligently identifies and redacts only numbers that match Luhn credit card mathematics, leaving other numeric data untouched.
| Name | Credit Card Number |
|---|---|
| William Gibson | 3729-381332-66424 |
| Neal Stephenson | 5370-4638-8881-3020 |
| Rudy Rucker | 3794-4638-0451-5000 |
Use the input console on the left to type free text (try typing the word "Security"). Prisma Browser's keyboard policy engine can be configured to block the entry of credit card numbers, PII, profanity, or custom restricted keywords in real time.
Control how sensitive data moves in and out of the browser. Copy an ID number from the table on the right, and attempt to paste it into notepad or chatgpt.com (unsanctioned targets). Next, try pasting it into bing.com (a sanctioned application in this policy). Note that non-sensitive text remains unrestricted, as clipboard controls are targeted specifically to the ID numbers.
| Name | ID Number |
|---|---|
| William Gibson | 537-32-7454 |
| Neal Stephenson | 837-52-1938 |
| Rudy Rucker | 848-29-9482 |
Right-click and select "Print" to see how this action is blocked. Additionally, click the button below to visit Atlassian's website, then attempt to take a screenshot using your operating system's screen capture utility. Prisma Browser successfully blocks unauthorized local print commands, screen sharing, and screen capture tools.
The "Malicious File" button links to a simulated threat; Prisma's integrated Advanced WildFire blocks the download in real time. The "Safe PDF" link initiates a secure file download that is automatically encrypted under your identity. This encrypted document can only be unlocked inside this Prisma Browser session. Drag the downloaded PDF back into the browser window to open it, maintaining full data policy inheritance. Administrators can also define policies to permit decryptions for uploading into specific sanctioned web applications.
Click the Box.com button and enter the unsanctioned username "user@gmail.com" to see the login flow blocked. Next, try logging in with the sanctioned corporate account "user@pabdemo.com" to proceed. This ensures strict identity boundaries and blocks unauthorized account access.
Prisma Browser utilizes Palo Alto Networks' Advanced URL Filtering to block phishing attempts. Click the "Phishing" button to see the threat prevention in action. This policy engine can also be configured to block access to unapproved web categories like gambling or unsanctioned services.
Hardened configurations allow administrators to restrict built-in browser features that could bypass logging or security layers. In this walkthrough session, both Incognito mode and Developer Tools are disabled. Attempt to launch either to observe the policy enforcement.
Secure extension management shields endpoints from rogue add-ons. Prisma Browser performs real-time security scans on extension source code and restricts unauthorized permissions. Additionally, administrators can force-install required extensions (such as Google Translate, active in the top-right toolbar).
Interactive Like feature enabled on this professional profile post.
Prisma Browser provides the capability to dynamically strip out specific HTML elements from a webpage before rendering. By removing particular buttons (such as the LinkedIn 'Like' button on the left), form fields, or script blocks, administrators can easily restrict user actions and mitigate exfiltration risks on sanctioned or unsanctioned web applications.
To enforce precise Data Loss Prevention, Prisma Browser utilizes custom data dictionaries. The dictionary on the right shows the example database containing sensitive names, phone numbers, and IDs that our eDLP engine monitors. Any attempted transfer of this data will be immediately flagged and blocked.
Our Optical Character Recognition (OCR) technology automatically scans and protects sensitive information within images and PDFs. Download the top image: Observe how the system blocks the file download due to sensitive name and phone number matches. Download the bottom image: Download successfully since the phone number is public and does not trigger eDLP rules. Upload test: Create a text file containing "Ivy Taylor 555-901-2345" and upload it to see the upload filter block it.
This walkthrough demonstrates only a fraction of Prisma's enterprise hardening features. Many underlying defenses operate at the system level and cannot be shown on a webpage. Please book a meeting with us to explore the complete threat defense architecture.