Palo Alto Networks is pleased to announce the latest release of Prisma Cloud, the industry’s most comprehensive Cloud Native Security Platform. This release offers DevOps and SecOps teams added visibility and security with advanced “shift left” capabilities and central CI/CD policy management, along with several other host security features and architecture improvements. These enhancements empower organizations to implement cloud security across the full DevOps lifecycle on any cloud and any stack, and ultimately unite previously divided lines of business toward a common goal: implementation of a DevSecOps methodology to drive secure business innovation, scalability and growth.
Developer-led organizations are innovating with greater speed and agility than ever before, focusing on investments in software – both as a competency and as a competitive advantage.
Enterprises continue to modernize their software development lifecycles and embrace modern tools and processes, such as DevOps, containers and other cloud native architectures. This growth is happening in conjunction with constantly increasing, diverse cloud footprints, ultimately multiplying the number of entities to protect, both in production and across the application lifecycle.
As organizations move to automate more of their cloud infrastructure build processes, they are adopting and creating new infrastructure as code (IaC) templates. Without the help of the right security tools and processes, these infrastructure building blocks are being crafted with rampant vulnerabilities. The Unit 42 Cloud Threat Report, Spring 2020 found nearly 200,000 insecure IaC templates in use by organizations across the globe. These vulnerabilities create significant security risks.
Disparate approaches to security that lack consistency in controls across applications, data and infrastructure are not effective due to gaps in both visibility and protection. Further compounding the challenge, there’s abstraction layered upon abstraction, and security is no longer limited to security teams.
The growth in both cloud native infrastructure and the ensuing security challenges is what led to Prisma Cloud and our aim to define what it means to be a comprehensive Cloud Native Security Platform (CNSP). Organizations want to ensure they can implement both a Cloud Security Posture Management (CSPM) solution and Cloud Workload Protection Platform (CWPP). With our release of Prisma Cloud in November, we saw this convergence and pioneered this approach with the industry’s first Cloud Native Security Platform.
|Palo Alto Networks was recently listed by Gartner as one of three vendors converging CWPP and CSPM capabilities across development and production, including container/serverless protection.1
Security teams need to continuously monitor cloud configurations, while also protecting the continuum of options – VMs, containers and serverless – running on top of that infrastructure. A consolidated platform helps organizations scale their security efforts, both across the lifecycle and up and down the entire stack.
“As we continue our Digital Transformation, adopting container-based application development strategies and transitioning more and more of our on-premises applications to the public cloud, we needed a third party security solution that could keep up. Prisma Cloud provided ABN AMRO with a piece of the puzzle for securing container workloads. Being able to effectively identify and remediate vulnerabilities and misconfigurations before applications are released into production empowers our security and developer teams to innovate quickly – with the confidence that our business is compliant and our customers’ data is secure.”
“Prisma Cloud helps our company reach the concept of DevSecOps, where we assess security in every phase of development. If any vulnerability or flaw is discovered, we patch it before going into production. Prisma Cloud provides an incredible overall picture of everything developed in our environment. In a single pane of glass, we have everything under control.”
With this latest release, Palo Alto Networks is both extending the Prisma Cloud platform and augmenting its industry-leading cloud native security capabilities. Following are the highlights:
General availability of these new features and capabilities is expected for customers by late April 2020.
To kick-start your cloud native security learning experience, explore our list of resources, “Cloud Native Security 101,” covering topics like best practices for implementing cloud native security, shifting to DevSecOps philosophies, challenges around digital transformations and more.
1 Peter Firstbrook, Neil MacDonald, Lawrence Orans, Mario de Boer, Katell Thielemann, Bart Willemsen, Akif Khan, Michael Kranawetter (2020). Top Security and Risk Management Trends, 27 February 2020. Gartner Research Firm