SANTA CLARA, Calif., Nov. 16, 2021 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced Prisma® Cloud 3.0, the industry's first integrated platform to shift security left — significantly improving organizations' entire cloud security posture by reducing security risk at runtime. With a customer base that already includes 77% of the Fortune 100, the most complete Cloud Native Application Protection Platform (CNAPP) now also offers organizations cloud code security to embed critical protections in the development process, agentless security to complement existing agent-based protection and Cloud Infrastructure Entitlement Management (CIEM) for Microsoft Azure®.

The rate of development and introduction of new cloud applications is increasing exponentially as organizations accelerate cloud adoption. Yet a single misconfiguration in the code templates that development and DevOps teams rely on can lead to thousands of alerts in runtime that security teams must then address. Prisma Cloud 3.0 proactively addresses such misconfigurations by embedding Infrastructure as Code (IaC) security and code fixes directly into developer tools across the development lifecycle.

"We developed Prisma Cloud as a fully integrated platform with best-of-breed capabilities that help our customers stay one step ahead of attackers and threats as their security needs evolve," said Ankur Shah, senior vice president of product management, Prisma Cloud at Palo Alto Networks. "Prisma Cloud 3.0 takes that commitment even further. Our recent Unit 42 Cloud Threat Report shows the extent of emerging cloud code security risks: we found 63% of templates used in building cloud infrastructure contained misconfigurations that can expose environments to vulnerabilities. Prisma Cloud's new capabilities secure cloud environments from development to runtime in a single platform, shifting security left to proactively address issues that begin in development."

Earlier this year, Gartner® created the CNAPP category, stating that "optimal security of cloud-native applications requires an integrated approach that starts in development and extends to runtime protection," and urging organizations to evaluate "cloud-native application protection platforms that provide a complete life cycle approach." With capabilities already representing all five of Gartner's CNAPP categories, we believe Prisma Cloud 3.0 extends its position as the most complete CNAPP with further capabilities, including:

  • Infrastructure as Code Security, enabling developer and security teams to address cloud risk earlier. With Infrastructure as Code Security, IaC scanning and code fixes are embedded directly into developer tools across the development lifecycle.
  • Agentless Scanning, providing visibility into an organization's cloud workload and application risks to complement existing agent-based protection. Prisma Cloud is the industry's only CNAPP to offer both agentless and agent-based security built into the same platform, with rules and results managed from and surfaced in a single UI, combined with the flexibility for customers to mix and match different protection types across their cloud environments.
  • Cloud Infrastructure Entitlement Management for Microsoft Azure, including net effective permissions analysis for Azure and Azure Active Directory integration to ensure over-permissioned cloud accounts, dormant permissions or cloud identity issues are addressed across clouds. This new functionality expands already existing functionality available for Amazon Web Services (AWS®).
  • Automated Policy Generation and Out-of-the-Box Rules for Identity-Based Microsegmentation, including predefined rules and automated policy creation to simplify and accelerate any microsegmentation adoption.
  • Adoption Advisor, helping organizations operationalize Prisma Cloud with a dashboard that provides guidance on how to discover and unleash the power of the product as well as measurement of the implemented value. The initial release of Adoption Advisor covers Cloud Security Posture Management (CSPM) capabilities in Prisma Cloud with plans to expand to other areas of the platform in the future.
  • Rapid Risk Discovery, reducing the time needed to identify and remediate misconfigurations from hours to minutes by detecting event-driven configuration changes as they occur instead of solely relying on the more traditional polling architecture.

"For security to keep up with the velocity of modern software development, it's important to have integrated security controls across the development lifecycle — helping developers release code that is tested and secure, and to quickly correct security issues as they are found in runtime," said Melinda Marks, senior analyst, Cloud and Application Security, Enterprise Strategy Group. "The new capabilities from Prisma Cloud will help customers scale modern development as they can deploy more secure infrastructure and applications in cloud environments."

"Prisma Cloud has helped us rapidly expand our cloud security program to reach the current maturity level," said Birat Niraula, regional co-head, Platform Security Architecture, Goldman Sachs. "We believe the new enhancements to Prisma Cloud will empower us to provide comprehensive coverage and adopt more proactive strategies for securing our multi-cloud environment." 

More Information
More information on Prisma Cloud 3.0 is available here and on the company's blog.

The following capabilities will be available globally: CIEM for Azure users is in general availability as of October, Infrastructure as Code Security in January, Agentless Security in January, and Adoption Advisor is in beta today.

Gartner Disclaimer
Gartner, "Innovation Insight for Cloud-Native Application Platforms" Neil MacDonald, Charlie Winckless, August 25, 2021.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Palo Alto Networks
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit

Palo Alto Networks, Prisma, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.

Forward-Looking Statements
This press release contains forward-looking statements that involve risks and uncertainties, including regarding product introductions and advancements, service offerings, and the benefits to customers of our products and service offerings. These forward-looking statements are not guarantees of future performance, and actual results, developments and business decisions may differ from those envisaged by such forward-looking statements. We identify the principal risks and uncertainties that affect our performance in our Form 10-K and other filings with the Securities and Exchange Commission.  All forward-looking statements in this press release are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

Palo Alto Networks logo (PRNewsFoto/Palo Alto Networks, Inc.) (PRNewsfoto/Palo Alto Networks, Inc.)


SOURCE Palo Alto Networks, Inc.