Protect Against Russia-Ukraine Cyber Activity
  • Sign In
    • Research
    • Partner
    • Customer
    • Employee
  • Create Account
  • EN
  • magnifying glass search icon to open search field
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
Palo Alto Networks logo
  • Network Security
  • Secure Access Service Edge
  • Cloud-Native Security
  • Security Operations
  • Threat Intel & Incident Response
  • More
  • Sign In
    Sign In
    • Research
    • Partner
    • Customer
    • Employee
  • Create Account
  • EN
    Language
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
  • Get Started

Prisma Cloud Adds Multi-Cloud Drift Detection to Bridgecrew to Help Organizations Keep Cloud Infrastructure Aligned and Secure

Palo Alto Networks Santa Clara, CA Aug 31, 2021 at 05:15 AM

SANTA CLARA, Calif., Aug. 31, 2021 /PRNewswire/ -- Palo Alto Networks (NYSE: PANW) today announced that Bridgecrew by Prisma® Cloud has added Multi-Cloud Drift Detection to identify and flag discrepancies between how cloud resources were defined in infrastructure as code (IaC) and how they are currently configured in runtime. With misconfigurations a leading cause of cloud breaches, Drift Detection helps improve cloud security posture and enables teams to effectively manage IT infrastructure (GitOps). The initial deployment of Drift Detection supports Amazon Web Services (AWS), Microsoft Azure, and Google Cloud.

According to Gartner®, "Through 2025, more than 99% of cloud breaches will have a root cause of preventable misconfigurations or mistakes by end users."1 While DevSecOps helps keep misconfigurations to a minimum by codifying and enforcing security policies, out-of-band changes are inevitable because of maintenance, incident response tasks and ad hoc changes—these out-of-band changes are known as drift. Regardless of why drift occurs, being able to detect and address it when it does is crucial to maintaining GitOps practices and mitigating cloud risk.

"The most effective way to avoid misconfigurations is by adopting infrastructure as code and making all changes through git and a secure continuous integration/continuous delivery (CI/CD) pipeline. That way, misconfigurations are identified and fixed in code before they're provisioned," said Idan Tendler, vice president of DevSecOps, Prisma Cloud at Palo Alto Networks. "However, even organizations that follow GitOps best practices have 'break glass' emergencies where operations teams need to make quick changes to cloud resources directly in production that can result in drift. Detecting this drift is one of the keys to maintaining a secure cloud infrastructure."

Bridgecrew Drift Detection is powered by the company's latest open source project Yor, which automatically tags IaC templates with attribution and ownership details as well as a unique ID that gets carried across to cloud resources. Drift Detection builds on top of Yor's code-to-cloud tracing abilities by alerting developers when a drift occurs and allowing them to automatically fix it straight from the Bridgecrew platform. Because of the visibility and control that Drift Detection allows, it is an important critical capability for any organization that is shifting security left and embracing DevSecOps.

Availability
Drift Detection is available now as part of the Bridgecrew standalone platform, which can be purchased using Prisma Cloud Credits.

More Information
More information about Bridgecrew Drift Detection is available at https://bridgecrew.io/platform/
or in our blog.

1Gartner, "Hype Cycle™ for Cloud Security 2021," Tom Croll, Jay Heiser, 27 July 2021. GARTNER and HYPE CYCLE are registered trademark and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

About Bridgecrew
Bridgecrew by Prisma Cloud is the developer-first cloud DevSecOps platform that enables teams to automate infrastructure security throughout the development lifecycle. With support for infrastructure as code (IaC) scanning, security-as-code fixes, and native developer tools integrations, Bridgecrew shifts security left and makes it accessible to developers. Learn more and get started for free at bridgecrew.io.

About Palo Alto Networks
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit www.paloaltonetworks.com.

Palo Alto Networks, Prisma Cloud and the Palo Alto Networks logo are registered trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.

Palo Alto Networks logo (PRNewsFoto/Palo Alto Networks, Inc.) (PRNewsfoto/Palo Alto Networks, Inc.)

 

SOURCE Palo Alto Networks, Inc.

Article

What is a denial of service attack (DoS) ?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users.
April 4, 2022

White Paper

Architecting The Zero Trust Enterprise

Understand how to become a Zero Trust Enterprise
November 23, 2021

Article

What is a Zero Trust Architecture

Zero Trust has become one of cybersecurity’s most used buzzwords. It’s imperative to understand what Zero Trust is, as well as what Zero Trust isn’t.
May 17, 2022

Datasheet

PA-400 Series

Palo Alto Networks PA-400 series ML-Powered NGFW (PA-460, PA-450, PA-440) brings Next Generation Firewall capabilities to distributed enterprise branch offices, retail locations, and midsize businesses.
March 23, 2022

Article

What Is SASE?

Secure access service edge, or SASE (pronounced “sassy”), is an emerging cybersecurity concept. It is the convergence of wide area networking.
April 13, 2022

Datasheet

PA-3200 Series Datasheet

The PA-3200 Series secures all traffic, including encrypted traffic, using dedicated processing and memory for networking, security, threat prevention and management.
March 23, 2022

Get the latest news, invites to events and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

black youtube icon black twitter icon black facebook icon black linkedin icon
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Tech Insider
  • Cyberpedia
  • Event Center
  • Investors
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Customers
  • Newsroom
  • Careers
  • Contact Us
  • Product Certifications
  • Manage Email Preferences
Report a Vulnerability
Create an account or login

Copyright © 2022 Palo Alto Networks. All rights reserved