Palo Alto Revolutionizes Cloud Security With Industry-First Integrated Code to Cloud Intelligence

• 19 Oct 2023
• TM Team
• 0 Comments

Palo Alto Networks  reimagined how enterprises approach cloud security with the industry’s first integrated Code to Cloud™ intelligence introduced as part of the Prisma^® Cloud Darwin release. Today marks a “Darwin moment” for cloud security as Prisma Cloud pushes organizations to evolve beyond single point solutions and adopt a holistic approach that provides a single source of truth. With code-to-cloud intelligence, security and engineering teams can quickly prioritize top security risks and address issues in code within minutes rather than days.

While the cloud offers exceptional agility and efficiency, it introduces major security risks that have become increasingly widespread — 80% of security exposures are found in cloud environments, according to the company’s Unit 42^® Threat Intelligence team, which can result in large-scale breaches. These rising cloud attacks and the velocity of cloud application development are outpacing the speed at which security teams can protect their organizations.

Current approaches for code-to-cloud security are siloed, with the average organization relying on six to ten tools for securing cloud infrastructure alone. Having disparate security tools leads to an incomplete security posture and creates a massive operational burden for security teams.

With its new Code to Cloud intelligence, Prisma Cloud — the industry’s most complete cloud-native application protection platform (CNAPP) — offers a single trusted place that connects insights from the developer environment through application runtime for security teams to contextualize alerts and pinpoint remediations. This intelligence effectively prevents risk and stops breaches while enhancing the end-user experience and improving developer and security team collaboration.

Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks, said: “The only way to secure applications from code to cloud is by fending off risk from entering the development pipeline and preventing breaches of applications in production. This can only be achieved through an intelligent CNAPP platform like Prisma Cloud that gathers intelligence throughout the application lifecycle so security teams can precisely trace vulnerabilities and misconfigurations back to their origin in the source code. Prisma Cloud’s Darwin release simplifies cloud security and improves productivity and collaboration across code, infrastructure, and runtime security.”

In many organizations, the ratio of developers to security professionals can be 100 to 1, resulting in understaffed teams. The current approach of working in silos does not guarantee comprehensive code to cloud security. This gap will widen as developers increasingly use AI to write and deploy code more quickly. Prisma Cloud, now with Code to Cloud intelligence, fosters collaboration between developers and security professionals by linking production security issues to specific remediation recommendations in code.

Anil Valluri, vice president, India and SAARC, Palo Alto Networks, said: “Securing the code to cloud pipeline is as important as securing the software being delivered. Increased cloud adoption means developers must deliver production code at warp-speed. Our State of Cybersecurity survey found that, while adopting cloud security is a key focus for Indian organisations, securing SecDevOps is way lower on the agenda. But today 75% of organizations deploy updated code to production weekly, while 38% commit new code daily, making code-to-cloud security the need of the hour.

Prisma Cloud’s new integrated Code to Cloud intelligence provides a single source of truth around application risk for developers, operations and security teams. It will deliver vital application context to uncover and prevent complex risks, with easy remediation across code, infrastructure and runtime environment.”

Melinda Marks, practice director, Enterprise Security Group, said: “Today’s reality is we face a cybersecurity skills shortage, especially in cloud security, while organizations are increasingly leveraging cloud services for faster application development to best serve customers and drive business results. At the same time, we have a rapidly evolving threat landscape increasingly targeting cloud workloads. So, it’s crucial to invest in an effective security solution that supports increased development productivity from code to cloud to enable security teams to optimize security risk mitigation and protect their applications to enable business growth.”

Amit Dhawan, CISO and DPO, of Quantiphi, said: “As Quantiphi’s multi-cloud environment grew, we needed a better and more unified solution to enhance security, visibility, assurance and compliance. This included proactive controls, risk prioritisation and cloud security automation,” Quantiphi CISO and DPO Amit Dhawan said. “Prisma Cloud provides real-time misconfiguration and security insights, and with clients in sectors like banking, healthcare and finance, Prisma Cloud has helped us meet strict compliance standards effortlessly. Quantiphi's delivery assurance team functions as a quality control unit that typically requires evidence in case of issues. With Prisma Cloud, evidence retrieval is now an automated and proactive process.”