SECURITY
SECURITY
SECURITY
Palo Alto Networks aims to secure DevOps workflows with new Prisma Cloud release
Palo Alto Networks Inc. today debuted a new release of Prisma Cloud, its cloud security platform, that adds features for blocking vulnerabilities during the application development and deployment process.
Prisma Cloud combines several different technologies that Palo Alto Networks obtained through a recent startup acquisition spree. The company shelled out more than $1 billion on acquisitions in 2019 alone.
Palo Alto Networks is introducing a policy engine for securing continuous integration and continuous delivery pipelines. CI/CD pipelines are automated workflows that enterprise software teams use to roll out code to production. Prisma Cloud now lets administrators set up policies to ensure that code deployment workflows comply with the industry-standard CIS set of security best practices and other security standards.
“Customers now have the ability to set policies for vulnerability and compliance governing CI and CD workflows directly from the centralized Prisma Cloud dashboard, “John Morello, Palo Alto Networks’ head of product for container and serverless security, wrote in a blog post.
The new Prisma Cloud release also adds a tool for protecting cloud application components hosted on AWS Lambda, Amazon Web Services Inc.’s widely used serverless computing service. The tool is based on technology that Palo Alto Networks obtained through the purchase of PureSec Ltd. in mid-2019. PureSec’s technology scans a Lambda workload to find misconfigurations and other security issues, then creates a sort of virtual shield around the workload that prevents hackers from exploiting the flaws.
Capping off the update are improvements to Prisma Cloud’s vulnerability scanning features. The platform can now look for insecure configuration settings in infrastructure-as-code templates, blueprints that engineers use to quickly set up cloud environments according to a certain predefined specification. In the same spirit, the release adds the ability to look for vulnerabilities inside AMIs, which serve a similar function as infrastructure-as-code templates on AWS.
“This provides DevOps and security teams with added visibility into the security posture of their AMIs before they’re ever deployed,” Palo Alto Networks’ Morello wrote.
Photo: Palo Alto Networks
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
