Connect with us

Hi, what are you looking for?

SOFTWARE

Prisma Cloud delivers context-aware software composition

Palo Alto Networks, the global cybersecurity leader, recently introduced the industry’s first context-aware software composition analysis (SCA) solution to help developers safely use open-source software components. The integration of SCA into Prisma Cloud further demonstrates why Palo Alto Networks is the leading provider of cloud-native security.

Open-source software is a critical component of cloud-native applications, allowing developers greater speed and modularity without having to reinvent the wheel each time they code. However, as the Unit 42 Cloud Threat Report, 2H 2021 found, open-source software can often contain known vulnerabilities, which can open organizations up to significant risk.

Palo Alto Networks, the global cybersecurity leader, recently introduced the industry’s first context-aware software composition analysis (SCA) solution to help developers safely use open-source software components. The integration of SCA into Prisma Cloud further demonstrates why Palo Alto Networks is the leading provider of cloud-native security.

Traditional SCA solutions are standalone products that can produce a large number of alerts but lack the runtime context to help fix vulnerabilities. With the addition of SCA to the Prisma Cloud platform, developers and security teams can proactively surface and prioritize known vulnerabilities that impact the application lifecycle (i.e., code, build, deploy and run). Prisma Cloud SCA delivers deep dependency detection and remediation of vulnerabilities in open-source software before applications reach production. It can also help developers prioritize remediation based on software components that are already in use. These capabilities are not possible when SCA solutions are deployed as single-point products.

“Developers leveraging open source software should be able to build applications with the confidence they aren’t opening the organization up to risk,” said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. “With the average application consisting of 75% open source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build with speed.”

Advertisement. Scroll to continue reading.

As a complete cloud-native application protection platform (CNAPP), Prisma Cloud is context-aware at every stage of the application lifecycle to provide a unified view of risk across organizations’ cloud environments. Where current approaches to cloud security rely on siloed products that provide intermittent visibility without remediation, Prisma Cloud approaches cloud security with a comprehensive, prevention-first framework. With 188% increase in cloud incident response cases over the past three years, this shift in approach has become mandatory. 

A complete code-to-cloud CNAPP needs to incorporate the following five key principles in order to keep organizations safe:

  • Security from code to cloud — protects applications at every stage of the development lifecycle — from code, build, deploy and run.
  • Continuous, real-time visibility — uses real-time and contextual security analysis of cloud environments to help prevent misconfigurations, vulnerabilities, and threats.
  • Prevention-first protection — stopping attacks and defending against zero-day vulnerabilities to drive down mean time to remediation.
  • Choice for every cloud journey — aligning security needs with current and future cloud priorities by supporting a breadth of cloud service providers, workload architectures, continuous integration and continuous delivery (CI/CD) pipelines, integrated development environments (IDEs), and repositories with a unified platform
  • Cloud scale security — consistently secures applications as cloud environments scale.

In addition to SCA and to further increase the safety of cloud-native applications, Prisma Cloud introduced a software bill of materials (SBOM) among other capabilities for developers to easily maintain and reference a complete codebase inventory of every application component used across cloud environments. Implementing SCA and SBOM ensures Prisma Cloud aligns with these principles.

“Buyers looking for cloud-native security solutions need to keep the requirements of microservices security protection in mind. The ‘bolted-on’ and ‘whack-a-mole’ approaches are a thing of the past,” said Frank Dickson, program vice president, Security, and Trust at IDC. “Security should be embedded throughout the application development life cycle. This means that buyers need to fundamentally change their approach to security, although they need to continue to protect their run-time environments, they must also embrace solutions that embed security in the application development process, an approach referred to as ‘shift left.’ Shift left requires one to think less about security products and more about continuous security processes.”

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

ey findings presented how pivotal changes in the digital ecosystem are transforming the way marketers optimize for advertising effectiveness.

HEADLINES

This is the third loan credit facility extended by BPI to HCPH, following a P1 billion facility in December 2022, P4 billion in August...

HEADLINES

Established in 2007, the program has provided significant assistance to over 260 graduates, facilitating access to education for aspiring scholars in the region.

HEADLINES

Under the agreement, GCash will continue to collaborate with CICC, leverage their capabilities, synergize efforts in combating cybercrime activities, and improve cyber capabilities and...

HEADLINES

The NVIDIA Grace Hopper Superchip — which combines the NVIDIA Grace CPU and Hopper GPU architectures — provides extreme performance to run high-fidelity and...

HEADLINES

As part of the project of the Special Committee on Nuclear Energy by the House of Representatives, the consultation focused on the decade-long energy...

HEADLINES

Simply book your tickets via www.smtickets.com from February 14 to 21, 2024 and use the first six (6) digits of your card as the promo code.

HEADLINES

The role of digital technology in this goal is central as the Department of Education (DepEd) recognizes the requirement for learners and educators to...

Advertisement