• Blog
  • Cloud Native Security

Cloud Native Security

Analyzing CVE-2023-50164: Apache Struts Path Traversal Vulnerability

Analyzing CVE-2023-50164: Apache Struts Path Traversal Vulnerability

On December 7, 2023, Apache released an advisory regarding CVE-2023-50164, a critical vulnerability with a severity of 9.8 that affects Apache Struts 2. The affected versions are Struts 2.0.0 - Struts 2.3.37, Struts 2.5.0 - Struts 2.5.32, Struts 6.0.0 - Struts 6.3.0.

The vulnerability allows an attacker to manipulate file upload parameters to enable path traversal and upload a malicious file the attacker can then u...

Web Application & API Security
Dec 20, 2023
By 

Cloud Native Security

Cloud Native Application Protection Platform
Cloud Workload Protection Platform
Cloud Security Posture Management
Cloud Network Security
Cloud Infrastructure Entitlement Management
DevSecOps
Partners
Master Cloud Computing Risks with a Proactive, End-to-End Approach
Cloud Security, Cloud Security Provider, Partners, Products and Services
Master Cloud Computing Risks with a Proactive, End-to-End Approach
Fast, frictionless, proactive and cost-competitive. These guiding principles have provided a foundation for Accenture’s public cloud security offering...
Dec 07, 2023
By  and
Prisma Cloud Delivered 264% ROI Forrester Consulting TEI Study Finds
Announcement, CNAPP, Research
Prisma Cloud Delivered 264% ROI Forrester Consulting TEI Study Finds
A lot goes into getting cloud security right. Comprehensive, contextual visibility and control are necessary for maintaining security posture. Code security must seamlessly integra...
Dec 12, 2023
By  and
Elevate Cloud Security with the Flexibility and Simplicity of Custom Dashboards
Cloud Computing, CNAPP, Code to Cloud
Elevate Cloud Security with the Flexibility and Simplicity of Custom Dashbo...
For security professionals inundated with alerts and metrics, the one-size-fits-all approach to data monitoring and threat assessment leaves much to b...
Dec 05, 2023
By 
Implement Zero Trust with Just-in-Time Access
Cloud Infrastructure Entitlement Management, Zero Trust Security
Implement Zero Trust with Just-in-Time Access
Rapid migration to cloud services presents organizations with new security challenges. A common issue security teams encounter is the excessive granting of privileges to both user...
Nov 30, 2023
By 
Join Prisma Cloud at AWS re:Invent 2023 in Vegas
Code to Cloud, Partners
Join Prisma Cloud at AWS re:Invent 2023 in Vegas
It’s that time of year again. AWS re:Invent is around the corner, and Prisma Cloud by Palo Alto Networks will be there. Make sure to connect with us at Booth #832 in Las Vegas November 27 through December 1, 20...
Nov 13, 2023
By 
Streamline Risk Management with Context-Based Risk Prioritization
CNAPP, Secure the Cloud
Streamline Risk Management with Context-Based Risk Prioritization
An organization's digital fortress is only as strong as its weakest link. With threat actors probing for opportunities, security teams need to stay ahead of the game — protecting t...
Nov 09, 2023
By 
Classify and Prioritize Risks with Deep Application Context
Cloud Security Posture Management, CNAPP
Classify and Prioritize Risks with Deep Application Context
In complex cloud-native environments, security teams must protect an increasing number of applications. Limited resources make prioritizing and contex...
Nov 07, 2023
By 
Limitless Insights into Your Cloud Security Landscape with the Infinity Graph
Cloud Workload Protection, CNAPP
Limitless Insights into Your Cloud Security Landscape with the Infinity Gra...
Cloud security is a data analysis problem. Security teams are inundated with signals and alerts. As an industry, we’ve traditionally relied on point t...
Nov 02, 2023
By 
Demystifying API Security: A Review of the OWASP Top 10 Risks for 2023
Cloud Computing, Web Application & API Security
Demystifying API Security: A Review of the OWASP Top 10 Risks for 2023
Modern application architecture consists of many components that communicate via APIs, which makes APIs indispensable to streamlining business process...
Nov 01, 2023
By 
Show Risk Burndown with the Code to Cloud Dashboard
Cloud Computing, CNAPP
Show Risk Burndown with the Code to Cloud Dashboard
The barrage of high-priority alerts keeps security teams focused on the frontlines. Meanwhile, at the strategic level, CISOs and board members require a comprehensive view of their organization's risk posture a...
Oct 31, 2023
By 
Code to Cloud Vulnerability Management
Cloud Native Application Protection Platform, CNAPP
Code to Cloud Vulnerability Management
Identifying and remediating vulnerabilities across applications, workloads and systems is important to protect against cyberattacks and keep data safe. This comes as no surprise, considering that 80% of open-source software packages contain...
Oct 26, 2023
By  and
Checkov 3.0: Upgraded Open-Source Infrastructure-as-Code Security
Code Security, DevSecOps
Checkov 3.0: Upgraded Open-Source Infrastructure-as-Code Security
Version 3.0 of Checkov — Prisma Cloud’s open-source infrastructure-as-code (IaC) security scanner — is now available. Checkov 3.0 is a result of over 11 thousand new commits since...
Oct 25, 2023
By 
GigaOm Names Prisma Cloud a CSPM Leader, Second Consecutive Year
Announcement, CNAPP, Uncategorized
GigaOm Names Prisma Cloud a CSPM Leader, Second Consecutive Year
Moving to the cloud comes with technical complexities — security being one. Addressing the misconfigurations and risks contributes to this complexity,...
Aug 31, 2023
By 
Fixing Issues from Code to Cloud in One Place
Cloud Native Application Protection Platform, DevSecOps
Fixing Issues from Code to Cloud in One Place
Having pivoted away from traditional monolithic application models, today’s DevOps teams routinely leverage technologies like containers and serverless architectures to build microservices-based applications di...
Oct 19, 2023
By 
LLM in the Cloud — Advantages and Risks
Cloud Security, Code Security, Company & Culture, Points of View
LLM in the Cloud — Advantages and Risks
Let’s explore the relationship between LLMs and cloud security, discussing how these advanced models can be dangerous, as well as leveraged to improve the overall security posture...
Jul 20, 2023
By  and
Agentless Secrets Scanning with Prisma Cloud
Application Security, AppSec, Cloud Workload Protection
Agentless Secrets Scanning with Prisma Cloud
Passwords, encryption keys, API tokens — protecting any confidential data that grants access to systems, applications, or data is paramount. All too commonly, though, access credentials are embedded in code or...
Oct 10, 2023
By 
Cloud Discovery and Exposure Management: Unveiling the Hidden Landscape
Cloud Discovery and Exposure Management, Cloud Security Posture Management
Cloud Discovery and Exposure Management: Unveiling the Hidden Landscape
Identify shadow cloud assets, assess internet-accessible exposure risks, and remediate previously unmanaged risks with Prisma Cloud.
Oct 24, 2023
By  and
The Evolution of Cloud-Native Application Security
Application Security, AppSec
The Evolution of Cloud-Native Application Security
Application security refers to the practices and strategies that protect software applications from vulnerabilities, threats and unauthorized access so that organizations can ensure the confidentiality, integri...
Aug 09, 2023
By 
Zero Trust Security Model in Cloud Environments
CIEM, Cloud Network Security, Zero Trust Security
Zero Trust Security Model in Cloud Environments
The traditional network security model has long relied on a simple yet increasingly outdated concept — the secure perimeter. The secure perimeter approach assumes everything inside a network is inherently trust...
Sep 21, 2023
By 
Code to Cloud Vulnerability Management
Cloud Native Application Protection Platform, CNAPP
Code to Cloud Vulnerability Management
Identifying and remediating vulnerabilities across applications, workloads and systems is important to protect against cyberattacks and keep data safe. This comes as no surprise, considering that 80% of open-source software packages contain...
Oct 26, 2023
By  and

Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links