Dubai, United Arab Emirates — Open source software is an essential component of cloud-native applications, allowing developers greater speed and scalability without having to reinvent the wheel each time they code. However, as the Unit 42 Cloud Threat Report, 2H 2021 revealed, open source software can often contain known vulnerabilities, which can put organizations at significant risk. Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today introduced the industry’s first context-aware software composition analysis (SCA) solution to help developers safely use software components open-source. The integration of SCA into Prisma® Cloud once again demonstrates why Palo Alto Networks is the leading cloud-native security provider.
Traditional SCA solutions are stand-alone products that can produce a lot of alerts but lack the runtime context to help patch vulnerabilities. With the addition of SCA to the Prisma Cloud platform, developers and security teams can proactively detect and prioritize known vulnerabilities that impact the application lifecycle (i.e. say, code, create, deploy and execute). Prisma Cloud SCA provides in-depth dependency detection and vulnerability remediation in open source software before applications reach production. It can also help developers prioritize fixes based on software components already in use. These features are not possible when SCA solutions are deployed as single point products.
“Developers running open-source software should be able to build applications with confidence that they are not putting the business at risk,” said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. “With an average application comprised of 75% open source components, SCA on Prisma Cloud is critical to protecting the code-to-cloud organization and enabling developers to build quickly.”
As a comprehensive cloud-native application protection platform (CNAPP), Prisma Cloud is context-aware at every stage of the application lifecycle to provide a unified view of risk across organizations’ cloud environments. While current approaches to cloud security rely on siled products that provide intermittent visibility without remediation, Prisma Cloud approaches cloud security with a comprehensive framework focused on prevention. With a 188% increase in cloud incident response cases over the past three years, this change in approach has become mandatory.
A complete code-to-cloud CNAPP should incorporate the following five key principles to keep organizations secure:
- Security from code to cloud — protects applications at every stage of the development lifecycle — from code, build, deployment, and runtime.
- Real-time continuous visibility — uses real-time, contextual security scanning of cloud environments to help prevent misconfigurations, vulnerabilities, and threats.
- Prevention before protection — stop attacks and defend against zero-day vulnerabilities to reduce mean time to remediation.
- Choice for every cloud journey – align security needs with current and future cloud priorities by supporting a wide range of cloud service providers, workload architectures, continuous integration and delivery (CI/CD) pipelines, integrated development environments (IDEs) and repositories with a unified platform
- Cloud-scale security — Continually secures applications as cloud environments evolve.
In addition to SCA and to further increase the security of cloud-native applications, Prisma Cloud has introduced Software Bill of Materials (SBOM) among other capabilities allowing developers to easily maintain and reference a complete code base inventory of each component. used in cloud environments. Implementing SCA and SBOM ensures that Prisma Cloud aligns with these principles.
“Buyers looking for cloud-native security solutions should keep microservices security protection requirements in mind. The ‘bolt-on’ and ‘mole-shot’ approaches are a thing of the past,” said Frank Dickson, Vice Program. President, Security and Trust at IDC. “Security must be integrated throughout the application development lifecycle. This means that buyers must fundamentally change their approach to security, while they must continue to protect their runtime environments, they must also Adopting solutions that embed security into the application development process, an approach called “left-shifting.” Left-shifting forces thinking less about security products and more about ongoing security processes.”
The new SCA module and SBOM capability in Prisma Cloud is generally available today.
About Palo Alto Networks
Palo Alto Networks is the global leader in cybersecurity. We innovate to stay ahead of cyber threats, so businesses can embrace technology with confidence. We provide next-generation cybersecurity to thousands of customers around the world, across all industries. Our best-in-class cybersecurity platforms and services are backed by cutting-edge threat intelligence and enhanced by industry-leading automation. Whether deploying our products to enable the Zero Trust enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we are committed to make each day safer than the last. It’s what makes us the cybersecurity partner of choice.
At Palo Alto Networks, we’re committed to bringing together the best people to serve our mission, so we’re also proud to be the cybersecurity workplace of choice, recognized as one of Newsweek’s Most Loved Workplaces ( 2021), Comparably Best Companies for Diversity (2021) and HRC Best Places for LGBTQ Equality (2022). For more information, visit www.paloaltonetworks.com.
Palo Alto Networks, Prisma, and the Palo Alto Networks logo are registered trademarks of Palo Alto Networks, Inc. in the United States and jurisdictions throughout the world. All other trademarks, trade names or service marks used or referred to herein are the property of their respective owners. Any unpublished services or features (and any services or features that are not generally available to customers) referenced in this press release or in other press releases or public statements are not currently available (or are not not yet generally available to customers) and may not be delivered when scheduled or at all. Customers purchasing Palo Alto Networks applications should make purchasing decisions based on services and features currently generally available.
Anisha Pamnani, Consultant, Wallis PR