How To Prevent the 5 Most Common Software Supply Chain Weaknesses
Learn the basics of software supply chain security and 7 best practices to protect yourself against common software supply chain weaknesses.
Palo Alto Networks
IaC
Visualizing Your CI/CD Ecosystem From an Attacker’s Perspective
Discover key CI/CD security insights and challenges our threat researchers uncovered as they explored the interconnected nature of CI/CD ecosystems and engineered CI/CD graphs.
Shift Left Secrets Security: How to Prioritize Secrets Risks
Exposed credentials in your repositories can lead to unauthorized network access. Learn how to detect and remediate your exposed secrets with Checkov....
Top 6 Considerations for Integrating Cloud Security and GitOps
Learn how to leverage GitOps to continuously enforce cloud security guardrails as infrastructure is developed, delivered, and deployed.
The Top 5 Secrets Management Mistakes and How to Avoid Them
Learn 5 common secrets management mistakes developers make while working with passwords, API keys, tokens, and other secrets.
Enhanced Pull Request Comments: Empower Developers to Ship Code That’s Secu...
Discover how pull request comments put security in the hands of developers with Prisma Cloud
Top 5 DevSecOps Tools to Help You Ship Secure Code Fast
Learn the top 5 DevSecOps tools you need to ship secure code fast and discover how to empower your team with frictionless, consolidated security.
How to Think About DevSecOps for a Secure Future
Despite the technological advances of recent years (or perhaps because of them), the number of threats on the internet continues to rise. In fact, a 2022 survey from ThoughtLab found that the number of breaches...
It’s Not All Bad! Using Cloud Drift for Teachable Moments
Stack Overflow’s 2021 Developer Survey found that 54% of developers use AWS, yet only 7% use Terraform. That means that far more developers have adopted provisioning, managing and decommissioning cloud infrastr...
The Key to DevSecOps Success: Cross-Team Knowledge Sharing
A good DevSecOps strategy goes beyond having the right tools and processes in place: it requires consistent and crucially, bi-directional feedback and learning. Both security and e...
From Manifest to Workload: Embedding Kubernetes Security at Each Phase of t...
Part of the answer is to identify and address security risks within the various components of Kubernetes itself as well as their configurations. You can do this by, for example, va...
Exposed Credentials Across the DevSecOps Pipeline: 5 Places Secrets Hide in...
Developers leverage hardcoded credentials to seamlessly access or authenticate the services needed to build and deploy applications. While this practice streamlines development, it...
Crawl, Walk, Run: Operationalizing Your IaC Security Program
Learn how to operationalize your infrastructure as code security program with our rollout timeline and guidance for your first ninety days.
How To Prevent the IaC Misconfiguration Snowball Effect
See why one infrastructure as code (IaC) misconfiguration can snowball into thousands of security alerts, and learn how proactive, embedded IaC security can help you mitigate this problem.
Infrastructure Security Advantages of Leveraging Kubernetes
Kubernetes offers several built-in security features as well as the opportunity to shift infrastructure security left and embrace DevSecOps.
Infrastructure as Code Security and AppSec: Streamlined DevSecOps From App ...
Learn how to get streamlined DevSecOps when you consolidate AppSec and infrastructure as code security.
6 Key Kubernetes DevSecOps Principles: People, Processes, Technology
Learn 6 key principles to keep in mind when developing a Kubernetes DevSecOps strategy—from embedding the right processes across the application lifecycle to measuring the right KP...
9 Essential Infrastructure Security Considerations for Kubernetes
Learn 9 security best practices to keep in mind while building out your Kubernetes architecture with Infrastructure as Code (IaC).
Secure Vulnerable Images Found in IaC Templates With Prisma Cloud
Learn how to proactively identify and scan vulnerable images sourced in IaC and CI/CD files with Prisma Cloud’s new Image Referencer capability.
Full-Stack Code Visibility With Prisma Cloud Software Bill of Materials (SB...
Learn how to get visibility into risk exposure and prevent supply chain attacks with software bill of materials (SBOM) generation capabilities.
AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers
Get tips for leveraging infrastructure as code to maintain cohesive application and infrastructure security for your cloud-native teams.
Subscribe to the Blog!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.