Prisma Cloud Secures Containers with ServiceNow Vulnerability Response

Apr 06, 2022
4 minutes
... views


Prisma Cloud by Palo Alto Networks is certified to support ServiceNow Vulnerability Response with automated container vulnerability scanning and alerting for accelerated remediation on the Now Platform.

Prisma Cloud is excited to announce our certified integration with ServiceNow Vulnerability Response to help organizations identify and rapidly respond to container vulnerabilities as part of ServiceNow Security Operations.

Container vulnerabilities are constantly being targeted in the cloud and the attack surface is always expanding. Gartner estimates that “90% of global organizations will be running containerized applications in production by 2026—up from 40% in 2020”. Protecting deployed containers today and responding effectively to the container security issues of tomorrow requires integrated, consistent vulnerability scanning and rapid automation of remediation tasks to ensure protection. And this is exactly what Prisma Cloud by Palo Alto Networks, together with ServiceNow, is delivering for our customers.

Purpose-built to help security teams respond faster and more efficiently to container security incidents and vulnerabilities, Prisma Cloud integrated container scanning for ServiceNow enhances detection, remediation response, and prevention while supporting more simplified security operations for teams.

“Customers are always on the lookout for effective ways to increase their ability to find, manage, and remediate container vulnerabilities across their business,” says Matthew Scott, Senior Director of Prisma Cloud Technology Partnerships at Palo Alto Networks. “We are excited as a launch partner to be integrating the capabilities of market-leading Prisma Cloud container  security with ServiceNow Vulnerability Response. Our shared customers can now view and address container vulnerabilities in ServiceNow workflows more easily.”

Integrated Prisma Cloud Vulnerability Scanning for Containers on ServiceNow

With this certified Prisma Cloud integration, ServiceNow customers can get full visibility on container vulnerabilities and metadata for a complete and consistent picture of their container risk. Combined with your own ServiceNow environment data, Prisma Cloud vulnerability scanning enables a powerful way to find, prioritize, and fix vulnerabilities through ServiceNow Vulnerability Response.


Figure 1. ServiceNow view of Container Vulnerable Items from Prisma Cloud vulnerability scans
Figure 1. ServiceNow view of Container Vulnerable Items from Prisma Cloud vulnerability scans


Armed with highly contextual information from Prisma Cloud—like for instance whether a container vulnerability is located within a base image layer or within a container, or knowing where exactly a container is running and also all its vulnerability metadata—ServiceNow customers can rapidly identify critical container risks, group and assign container vulnerabilities to appropriate teams for follow-up, and ensure remediation.

Simplified and Accelerated Remediation Outcomes

Acting as a container-scanner plugin for ServiceNow customers, the Prisma Cloud integration delivers confidence to security teams through our comprehensive visibility and analysis of container vulnerabilities. Teams can significantly accelerate management of their remediation response and better perform issue prioritization in ServiceNow with our contextualized findings.

Prisma Cloud container scan data and alerting are viewable in the ServiceNow console and are aligned with ServiceNow vulnerability management capabilities for viewing container issues, defining assignment rules, and defining remediation targets.

Prisma Cloud by Palo Alto Networks will scan for any CVEs in containers—like for example Log4Shell vulnerability (CVE-2021-44228)—then gather all container metadata and share alerting with context to the ServiceNow console for remediation activities.


Figure 2. Prisma Cloud vulnerability scanning for container environments with ServiceNow
Figure 2. Prisma Cloud vulnerability scanning for container environments with ServiceNow


When ServiceNow Security Operations are ingesting alerts from the Prisma Cloud integration, teams will automatically see container security incidents in ServiceNow Vulnerability Response, enabling them to manage, prioritize, and respond from directly within the Now Platform.

Compliance Visibility Coming Next

Soon, Prisma Cloud will also share configuration and compliance data for continuous monitoring on ServiceNow. Discover misconfiguration risk and guide container security governance and policy enforcement with Prisma Cloud to even further reduce threats in ServiceNow environments.


Get Started with Integrated Prisma Cloud and ServiceNow Today

If you are using ServiceNow and ready to add comprehensive container scanning for all vulnerabilities to your security tooling, try our ServiceNow-certified Prisma Cloud integration for Vulnerability Response for Containers in the ServiceNow Store today and enhance your container security and remediation operations. Additionally, learn more about our integration with ServiceNow.


Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.