Trends such as infrastructure as code and containerization create the opportunity for unprecedented velocity and digital transformation. This makes it all the more challenging for understaffed security teams to keep pace. The scalability enabled by these paradigms also multiplies the impact of a vulnerability or misconfiguration, compounding the number of build time issues by the number of deployed resources.
These new paradigms also offer a new opportunity for developers to take part in application and infrastructure security. With DevSecOps, developers are informed about the security risks their new code introduces and are provided feedback to fix issues throughout the development lifecycle. Integrating security into existing development tools amplifies security efforts and scales out the security team by the number of developers, saving on the cost to remediate security issues.
A 2021 GigaOm Leader in Developer Security Tools
In GigaOm’s Developer Security Tools Radar Report, the firm evaluated 12 vendors, including diversified developer tools and pure-play security vendors for their ability to provide security feedback and guardrails to developers across the software development lifecycle (SDLC).
We’re proud to have Prisma® Cloud by Palo Alto Networks be recognized as a Leader in the 2021 Report.
Palo Alto Networks was the only Cloud Native Application Protection Platform to be named a leader in the report. This leadership position is a recognition of our best-in-class infrastructure as code scanning and container image scanning capabilities built into the platform.
According to GigaOm, Prisma Cloud offers the following strengths:
“Strong IaC and cloud infrastructure scanning and policy enforcement, with an enticing “full security platform” approach, makes this solution an attractive one-stop shop for larger customers. The collaborative automated code-review capabilities are very useful for educating developers and reducing security friction.”
Prisma Cloud received top marks for the following key criteria: Repository-Level Protection, SOAR and SIEM Integration, and Integration with Development Planning Tools. Additionally, Prisma Cloud was given Exceptional ratings, the highest, for Scalability, Governance by Design, Flexibility and Usability, Solution Ecosystem, and Overall ROI/TCO.
Prisma Cloud: Developer Friendly Cloud Native Security
As the report states, developers outnumber security professionals and along with the momentum of modern development, this leads to overwhelmed security teams. Secure cloud native development is only possible by scaling out security with automation across the entire software development lifecycle. This only works if security tools are both embedded in DevOps tools and if they provide actionable feedback.
Prisma Cloud provides this security feedback directly to developers for container images and infrastructure as code. Feedback comes in the form of automated pull request comments and code comments in integrated development environments (IDEs) and version control systems. All this is reinforced with a central platform that completes the DevOps cycle with best-in-class runtime posture management and protection.
GigaOm shared this about Prisma Cloud by Palo Alto Networks:
“Prisma Cloud, a robust cloud-native security solution, has added some fantastic developer security features to its platform with the acquisition of Bridgecrew and its open source project, Checkov. This acquisition acknowledges that developers are also writing infrastructure code, and provides security capabilities in a collaborative and developer-centric manner.”
Download the Report
If you are interested in learning more, download a complimentary copy of the 2021 GigaOm Radar for Developer Security Tools.