Express Computer
Home  »  News  »  Palo Alto Networks introduced Prisma Cloud Supply Chain Security

Palo Alto Networks introduced Prisma Cloud Supply Chain Security

0 235

Palo Alto Networks  announced Prisma Cloud Supply Chain Security to provide a complete view of where potential vulnerabilities or misconfigurations exist in the software supply chain — allowing organizations to quickly trace to the source and fix them. If not quickly fixed or, better yet, avoided during coding, these security flaws could allow attackers to infiltrate systems, spread malicious payloads throughout an organization’s software and access sensitive data.

According to Gartner®, “By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.”* Unit 42’s Cloud Threat Report also found that access to hardcoded credentials opened the door for lateral movement andsepipeline poisoning.

Many current solutions only provide vulnerability and misconfiguration information at a resource layer in code or in the cloud. With Supply Chain Security, Prisma Cloud, already a leader in cloud native security and the most complete Cloud Native Application Protection Platform (CNAPP), provides not only full lifecycle visibility and protection but the context of where a vulnerability fits into the layers of a cloud architecture.

“Every day new vulnerabilities are found in open source and other software components that have previously been integrated into the organization’s software code. Without the proper tools, it is very difficult for organizations to quickly spot where they have used the unpatched versions of these components,” said Ankur Shah, senior vice president, Prisma Cloud products, Palo Alto Networks. “Prisma Cloud is designed to help protect organizations from code to cloud; and now that customers can visualize their software supply chain, it’s easier to spot, prioritize, and remediate security weaknesses at the onset of development and during delivery pipelines.”

Prisma Cloud Supply Chain Security helps provide a full stack, full lifecycle approach to securing the interconnected components that make up and deliver cloud native applications. It can help to identify vulnerabilities and misconfigurations in code, including open source packages, infrastructure as code (IaC) files and delivery pipelines, such as version control system (VCS) and CI pipeline configurations. It includes the following features:

  • Auto-discovery: Code assets are extracted and modeled using existing Cloud Code Security scanners.
  • Graph visualization: Simple and complete inventory of key application and infrastructure asset dependencies to understand weaknesses across the attack surface.
  • Supply chain code fix: Vulnerable dependencies or misconfigured IaC resources can be remediated using a single consolidated pull request.
  • Code repository scanning: Identify and fix vulnerabilities in open source packages in application code.
  • Branch protection rules: Extends policy-as-code to harden VCS and CI/CD configurations to help prevent code tampering attacks.

With these features, organizations can better assess the attack surface of their delivery pipelines and all connected application and infrastructure resources to be better equipped to help prevent supply chain attacks. Implementing Prisma Cloud supply chain security as part of a Zero Trust architecture is one of the best ways an organization can prevent software supply chain attacks.

“A thriving community creating a vast array of open-source software helps developers accelerate their coding and product delivery, but it increases the attack surface if you can’t make sure the code is secure,” says Melinda Marks; ESG Senior Analyst, Application and Cloud Security. “The new enhancements in Prisma Cloud allow DevOps and security teams to fully understand their software supply chains so they can identify and remediate coding flaws to secure their cloud native applications.”

Availability

The new Supply Chain Security visualization is now available in both Prisma Cloud and Bridgecrew by Prisma Cloud.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image