Cloud Code Security

Prisma Cloud by Palo Alto Networks offers comprehensive security for cloud-native applications and infrastructure throughout the development lifecycle, focusing on areas like container image scanning, IaC security, and secrets management. The platform automates vulnerability detection and remediation, integrating security checks into developer tools to enhance security posture. By providing visibility and control across CI/CD pipelines, Prisma Cloud helps organizations secure their applications against potential threats.

Uploaded by

laura ruiz

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

22 views4 pages

Cloud Code Security

Uploaded by

laura ruiz

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

Code Security

Secure Cloud-Native Applications and

Infrastructure Across the Development Lifecycle
Prisma Cloud reduces the burden on security teams while enabling
engineers to develop secure cloud-native applications and
infrastructure. The platform offers full-stack security from code to
cloud, covering container image scanning, software composition
analysis (SCA), infrastructure as code (IaC) security, secrets security,
and CI/CD security.

Prisma by Palo Alto Networks | Code Security | Datasheet 1

Automated Security from Code to Cloud
Developers and DevOps teams are increasingly using containers, IaC templates, and open-source
software to more quickly provision and update cloud applications and infrastructure. Prisma Cloud
provides visibility, control, and automated fixes for vulnerabilities and misconfigurations to ensure
deployed code is secure. This feedback is embedded in developer tools across the full application lifecycle.

Code Security Capabilities

IaC Security
Prisma Cloud identifies misconfigurations in Terraform, CloudFormation, ARM, Kubernetes,
Dockerfile, and serverless templates by comparing resource blocks against hundreds of policies sourced
from industry benchmarks like CIS, PCI, and HIPAA as well as community contributions. Prisma Cloud
embeds those checks in DevOps tools such as integrated development environments (IDE), version
control systems (VCS), continuous integration, continuous delivery (CI/CD) pipelines, and cloud envi-
ronments. Those integrations provide actionable feedback to engineering teams along with the ability
to block and generate fixes for misconfigurations in the DevOps tools.

Figure 1: IaC pull request comments with fix recommendations in a VCS

Secrets Security
Storing secrets in a file in a VCS like GitHub is not secure yet happens when developers leave secrets in
source code. Once a secret is committed into a repo, it is saved in its history, and any user can easily access
those keys. This is especially risky if the repo contents are made public, making that resource easily found
and utilized by threat actors. To prevent this, Prisma Cloud takes a multidimensional approach to finding
and securing exposed and vulnerable secrets across all files across repositories and CI/CD pipelines.

Figure 2: Secrets security with Checkov

Prisma by Palo Alto Networks | Code Security | Datasheet 2

Container Image Scanning
DevOps teams leveraging containers can find and remediate vulnerabilities in their operating system
and language libraries to improve security posture across the software development lifecycle. Prisma
Cloud scans images locally in the build phase of CI/CD pipelines and registries to identify the exact
layer with vulnerabilities and compliance violations, including malware. The platform also offers fine-
grained controls for blocking images based on the severity with allow lists by base image, CVE, and time
since remediation.

Figure 3: Container image vulnerability and compliance scanning with Prisma Cloud

Software Composition Analysis

Open-source packages make up a majority of modern codebases. Prisma Cloud analyzes these packages
and their complete dependency trees to identify known vulnerabilities and license compliance issues.
By providing automated and granular version bump fixes, blocking violating packages from being
deployed, and connecting vulnerabilities with infrastructure misconfigurations, Prisma Cloud helps
organizations prioritize and address application risk faster.

Figure 4: Open-source vulnerability scanning with Prisma Cloud

Prisma by Palo Alto Networks | Code Security | Datasheet 3

CI/CD Security
CI/CD pipelines are a critical component of cloud-native software development, but they can give bad
actors access to code and secrets if left unsecured. Prisma Cloud provides a powerful yet simple way to
gain visibility and control across CI/CD pipelines. Leverage the Cloud Application Graph (see figure 5) to
map attack pathways through your entire engineering ecosystem.

Figure 5: CI/CD security issues are mapped by system and category to provide visibility into risks

About Prisma Cloud

With Prisma Cloud by Palo AltoNetworks,
Prisma® Cloud is the industry’s most comprehensive cloud-native Sabre gained a centralized view of its
application protection platform (CNAPP) with the broadest securi- environment and resources. With this
ty and compliance coverage—for applications, data, and the entire newfound visibility, the company also shifted
cloud-native technology stack—throughout the development lifecy- security earlier in the development lifecycle
cle and across hybrid and multicloud environments. Our integrated and effectively scaled security across multiple
approach enables security operations and DevOps teams to stay agile, layers and instrumentation platforms.
collaborate effectively, and accelerate secure cloud-native applica-
Read the full case study.
tion development. To learn more, visit us online.

3000 Tannery Way © 2023 Palo Alto Networks, Inc. Palo Alto Networks and the Palo Alto Networks
Santa Clara, CA 95054 logo are registered trademarks of Palo Alto Networks, Inc. A list of our trademarks
can be found at https://www.paloaltonetworks.com/company/trademarks.html.
Main: +1.408.753.4000 All other marks mentioned herein may be trademarks of their respective companies.
Sales: +1.866.320.4788 prisma_ds_cloud-code-security_070523
Support: +1.866.898.9087

www.paloaltonetworks.com

Prisma Cloud Aag
No ratings yet
Prisma Cloud Aag
2 pages
Prisma Secure Devops
No ratings yet
Prisma Secure Devops
3 pages
At A Glance: Prisma Cloud
No ratings yet
At A Glance: Prisma Cloud
2 pages
Prisma Cloud Enterprise Edition Licensing Guide
No ratings yet
Prisma Cloud Enterprise Edition Licensing Guide
3 pages
Prisma Cloud For Microsoft Azure
No ratings yet
Prisma Cloud For Microsoft Azure
2 pages
IaC Security - Lab Guide
No ratings yet
IaC Security - Lab Guide
32 pages
Cloud Discovery Exposure Management
No ratings yet
Cloud Discovery Exposure Management
4 pages
SecOps Operationalization For Prisma Cloud-1
No ratings yet
SecOps Operationalization For Prisma Cloud-1
17 pages
Palo Alto Prisma Cloud Spotlight 2025
No ratings yet
Palo Alto Prisma Cloud Spotlight 2025
2 pages
AWS Cloud Security for Defense
No ratings yet
AWS Cloud Security for Defense
24 pages
Prisma Cloud Technical Proposal Template
No ratings yet
Prisma Cloud Technical Proposal Template
72 pages
Adoption Advisor Report
No ratings yet
Adoption Advisor Report
17 pages
PCCSE Study Guide
No ratings yet
PCCSE Study Guide
119 pages
Pse Prisma P Blueprint
No ratings yet
Pse Prisma P Blueprint
3 pages
Securing Managed Kubernetes With Prisma Cloud
No ratings yet
Securing Managed Kubernetes With Prisma Cloud
4 pages
Cloud Security Engineer Exam Guide
No ratings yet
Cloud Security Engineer Exam Guide
7 pages
Prisma Certified Cloud Security Engineer (PCCSE) Blueprint
No ratings yet
Prisma Certified Cloud Security Engineer (PCCSE) Blueprint
4 pages
Prisma by Palo Alto Networks - Prisma Cloud RFP Checklist - Datasheet
0% (1)
Prisma by Palo Alto Networks - Prisma Cloud RFP Checklist - Datasheet
5 pages
Pse Prismacloud P Studyguide
No ratings yet
Pse Prismacloud P Studyguide
129 pages
Prisma Cloud Reference Architecture Compute
No ratings yet
Prisma Cloud Reference Architecture Compute
64 pages
Prisma Cloud Release Notes
No ratings yet
Prisma Cloud Release Notes
726 pages
Palo Alto Networks Cloud Security on AWS
No ratings yet
Palo Alto Networks Cloud Security on AWS
24 pages
Prisma Cloud Waas Aag
No ratings yet
Prisma Cloud Waas Aag
2 pages
Prisma Cloud CISO Presentation
No ratings yet
Prisma Cloud CISO Presentation
36 pages
Prisma Sase
No ratings yet
Prisma Sase
5 pages
Pccse Study Guide
No ratings yet
Pccse Study Guide
90 pages
Continuous Authority To Operate Using Prisma Cloud
No ratings yet
Continuous Authority To Operate Using Prisma Cloud
7 pages
Prisma Cloud Maturity Assessment
No ratings yet
Prisma Cloud Maturity Assessment
3 pages
Cloud Security for DevOps Teams
No ratings yet
Cloud Security for DevOps Teams
15 pages
Prisma Access Ds
No ratings yet
Prisma Access Ds
6 pages
Tip Sheet Secure Your Apis
No ratings yet
Tip Sheet Secure Your Apis
2 pages
Secure The Cloud
No ratings yet
Secure The Cloud
70 pages
Prisma Access Ds
No ratings yet
Prisma Access Ds
7 pages
Secure Cloud Prisma 5
100% (1)
Secure Cloud Prisma 5
18 pages
At A Glance: Prisma Access: Security As A Service Layer Network As A Service Layer Management
No ratings yet
At A Glance: Prisma Access: Security As A Service Layer Network As A Service Layer Management
2 pages
CI/CD Security Risks Guide
No ratings yet
CI/CD Security Risks Guide
5 pages
Prisma Cloud Privacy
No ratings yet
Prisma Cloud Privacy
12 pages
Cloud Security Workshop Guide
No ratings yet
Cloud Security Workshop Guide
110 pages
Identity-Based Microsegmentation For Kubernetes
No ratings yet
Identity-Based Microsegmentation For Kubernetes
3 pages
Set Secure Foundation For New World of Possibilities With Prisma Sase
No ratings yet
Set Secure Foundation For New World of Possibilities With Prisma Sase
12 pages
Annotated-Gideon 20jackson 20ab 20 26 20wc
No ratings yet
Annotated-Gideon 20jackson 20ab 20 26 20wc
4 pages
EDU 210 10.1a M01 Platform and Architecture
No ratings yet
EDU 210 10.1a M01 Platform and Architecture
23 pages
Prisma Access Cloud SWG
No ratings yet
Prisma Access Cloud SWG
1 page
Prisma Cloud Identity Based Microsegmentation
No ratings yet
Prisma Cloud Identity Based Microsegmentation
5 pages
Sase For Securing Microsoft 365 Solution Guide
No ratings yet
Sase For Securing Microsoft 365 Solution Guide
69 pages
Securing SD Wan
No ratings yet
Securing SD Wan
3 pages
The Practical Guide To Migrating Security To A Sase Model
No ratings yet
The Practical Guide To Migrating Security To A Sase Model
44 pages
UTD CNSP 2.0 Security Track
No ratings yet
UTD CNSP 2.0 Security Track
104 pages
UTD CNSP 2.0 Cloud Operations Track
No ratings yet
UTD CNSP 2.0 Cloud Operations Track
146 pages
PCCSE
No ratings yet
PCCSE
33 pages
Prisma Cloud Interview Flashcards
No ratings yet
Prisma Cloud Interview Flashcards
2 pages
Tip Sheet Ci CD Security
No ratings yet
Tip Sheet Ci CD Security
2 pages
UTD CNSP 2.0 Developement Track
No ratings yet
UTD CNSP 2.0 Developement Track
132 pages
Sase Securing Private Apps Design Guide
No ratings yet
Sase Securing Private Apps Design Guide
108 pages
Dropbox, Deceived Users About The Security ..The With Telling Users That Their Files Were Totally Encrypted
No ratings yet
Dropbox, Deceived Users About The Security ..The With Telling Users That Their Files Were Totally Encrypted
4 pages
Prisma SD-WAN - at A Glance - Prisma-sd-wan-Aag
No ratings yet
Prisma SD-WAN - at A Glance - Prisma-sd-wan-Aag
5 pages
Cloud Native Security Guide
No ratings yet
Cloud Native Security Guide
55 pages
Big Data, IoT, and Serverless Security
No ratings yet
Big Data, IoT, and Serverless Security
4 pages
G One MANUAL
No ratings yet
G One MANUAL
45 pages
Delphi Grade 10 Strings Multiple Choice Questions and Answers
No ratings yet
Delphi Grade 10 Strings Multiple Choice Questions and Answers
14 pages
Dynamic Search Algorithm in Unstructured
No ratings yet
Dynamic Search Algorithm in Unstructured
13 pages
Regular Expression
No ratings yet
Regular Expression
89 pages
SOP For Compliances For Compliances For Issue of Gate Pass and Passing of Contractors Bills
No ratings yet
SOP For Compliances For Compliances For Issue of Gate Pass and Passing of Contractors Bills
4 pages
Resume Paan
No ratings yet
Resume Paan
2 pages
iBF120 GX Technical Data Sheet 380466 1
No ratings yet
iBF120 GX Technical Data Sheet 380466 1
2 pages
EN - WP - Smartzoom 5 - Determine Laser Welding Parameters
No ratings yet
EN - WP - Smartzoom 5 - Determine Laser Welding Parameters
5 pages
Word Basics
No ratings yet
Word Basics
5 pages
Aci Certification Candidate Handbook 2021
No ratings yet
Aci Certification Candidate Handbook 2021
37 pages
Mid Islam Dan Budaya Tapanuli: D I S U S U N Oleh: NURINDAH NASUTION (17 401 00255)
No ratings yet
Mid Islam Dan Budaya Tapanuli: D I S U S U N Oleh: NURINDAH NASUTION (17 401 00255)
9 pages
DX420LCA
No ratings yet
DX420LCA
13 pages
As38 - 1000
No ratings yet
As38 - 1000
2 pages
Assignment 6: AI-Based Traffic Accident Prediction and Response System
No ratings yet
Assignment 6: AI-Based Traffic Accident Prediction and Response System
7 pages
Question Capture Guidelines
No ratings yet
Question Capture Guidelines
26 pages
Zoids Legacy Walkthrough
100% (1)
Zoids Legacy Walkthrough
241 pages
Oracle BI Apps 11.1.1.8.1 Pre-Requisites
0% (1)
Oracle BI Apps 11.1.1.8.1 Pre-Requisites
82 pages
Esp32 Documentatie
No ratings yet
Esp32 Documentatie
356 pages
Problems in Contract Law Cases and Materials Aspen Cas Series 9th Edition Ebook and TestBank Bundle Instructor Test Bank
No ratings yet
Problems in Contract Law Cases and Materials Aspen Cas Series 9th Edition Ebook and TestBank Bundle Instructor Test Bank
339 pages
connectIpsAccountLinkForm 476616 162566
No ratings yet
connectIpsAccountLinkForm 476616 162566
4 pages
SMS User Manual v11.1
No ratings yet
SMS User Manual v11.1
1,107 pages
4ipnet Man Hsg326
No ratings yet
4ipnet Man Hsg326
216 pages
Crime Online
No ratings yet
Crime Online
202 pages
Business Case Online Clearance System
No ratings yet
Business Case Online Clearance System
5 pages
Price List For Garment Machine New - 2411103
No ratings yet
Price List For Garment Machine New - 2411103
1 page
Communication Matrix Guide
No ratings yet
Communication Matrix Guide
4 pages
TBC Wallet Access Details
No ratings yet
TBC Wallet Access Details
3 pages
Sources of Error
No ratings yet
Sources of Error
11 pages
Passwords HardCopy & Conventional - v8 - Final
No ratings yet
Passwords HardCopy & Conventional - v8 - Final
1 page
Title PDF
No ratings yet
Title PDF
164 pages