Palo Alto Networks adds Prisma Cloud tools to isolate application containers for security risks
Network security specialist Palo Alto Networks Inc. today updated its Prisma Cloud offering that’s used by enterprises to secure hybrid and multicloud environments.
New features unveiled today include an advanced container image sandboxing capability the company said helps protect against container security risks.
Prisma Cloud is a service that enables developers to block vulnerabilities they discover at any point during the application development and deployment process. Stitched together from a number of technologies Palo Alto obtained through its acquisitions of RedLock Inc., Evident.io, Twistlock Ltd. and PureSec Ltd., Prisma Cloud provides monitoring features that can identify security issues, together with breach prevention tools that allow administrators to block any threats they find.
Palo Alto said enhanced container security is becoming a must-have because organizations increasingly consume images from multiple different sources that cannot be trusted. Containers are used by developers to host the components of modern applications that can run anywhere, but they can also come with lots of nasty vulnerabilities inside them.
To detect any possible risk, Prisma Cloud now provides a sandboxing feature that runs each new image within an isolated environment. It uses machine learning to analyze each one, performing a deep inspection of all of its processes, its file system and networking activity, before it’s deployed. The company said that means customers have complete visibility and control over all aspects of any image before it’s brought into a live environment.
Other new features include expanded Auto-Detection and Auto-Protection capabilities for standalone virtual machines running in Microsoft Azure and Google Cloud. These Host Security capabilities were previously only available for virtual machines on Amazon Web Services. Palo Alto said Auto-Detection and Auto-Protection on Prisma Cloud helps to reduce the effort required by DevOps teams to manually configure, deploy and update software agents that run alongside and protect each workload.
Palo Alto also announced extended web application and application programming interface security, known as wide area application services or WAAS, with support for Windows and service meshes. WAAS is designed to protect cloud-native applications by expanding web application firewalls to cover API security capabilities, advanced DoS protection and bot risk management.
Finally, Palo Alto said its Red Hat Inc.-certified vulnerability scanner tool is now available in the Red Hat Ecosystem Catalog. “With the Red Hat Vulnerability Scanner Certification, we are helping partners like Palo Alto Networks harness Red Hat security-related data to deliver more reliable and consistent container vulnerability reporting to customers,” said Lars Herrmann, vice president of partner ecosystems, product and technologies at Red Hat.
Palo Alto said the new capabilities are available in the Prisma Cloud Compute Edition now and will become available in Prisma Cloud Enterprise Edition next month.
Image: PaliGraficas/Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU