Prisma Cloud adds new power with cloud-native framework

Prisma Cloud

Mumbai: Palo Alto Networks said that its Prisma Cloud will help organisations ensure no workload is left unprotected with its introduced new capabilities.

These new capabilities, the company said also increase automation and detection, simplify compliance checks, and deepen visibility into malware threats for containers and hosts.

Also, the cybersecurity solutions company claimed to bring the industry’s first cloud-native attack dashboard that extends the MITRE ATT&CK framework.

“Organisations currently have large amounts of unprotected workloads and no efficient or unified way to secure them. Often, they are managing multiple, single-purpose security solutions to protect these workload stacks, which can create operational burdens and security gaps,” said Varun Badhwar, SVP – Product, Prisma Cloud – Palo Alto Networks.

“Today’s new capabilities further our commitment to deliver comprehensive cloud workload protection across hybrid and multi-cloud environments. DevOps teams can now efficiently build and deploy their workloads and applications rapidly, while helping security teams deliver protection,” added Badhwar.

The new capabilities for cloud workload protection are:

Auto-Detection and Auto-Protection for Hosts: Prisma Cloud now automatically detects unprotected virtual machines (VMs) running on AWS, Microsoft Azure and Google Cloud Platform (GCP), and seamlessly deploys the Prisma Cloud Defender agent to help ensure that VMs are not left unprotected.

The Industry’s First Comprehensive Attack Framework Spanning Threats to Cloud-Native Workloads: Prisma Cloud’s new interactive dashboard extends the MITRE ATT&CK framework to provide a consolidated view of the entire cloud-native application portfolio. This helps organisations evaluate their defense against specific threat scenarios, and provides incident response and remediation capabilities. This attack framework was developed by Palo Alto Networks Unit 42 threat research and consulting team.

Anti-Malware Capabilities at Runtime and During Continuous Integration and Delivery (CI/CD) Scenarios: Prisma Cloud now includes Palo Alto Networks WildFire intelligence to provide an additional layer of runtime protection and deeper visibility into malicious malware threats with new anti-malware and prevention capabilities for host and containers, beginning in the build process before the software is deployed.

Simplified Compliance for Hosts, Containers and Serverless Applications: Prisma Cloud Compliance Explorer simplifies compliance visibility across leading frameworks and CIS (Center for Internet Security), including new updates to the latest benchmarks, which join the existing six certifications. In addition, a new user interface delivers a compliance solution for implementing Docker DISA STIG (Defense Information Systems Agency Security Technical Implementation Guide).

Open Source License Analysis and Expanded Software Composition Analysis: Prisma Cloud adds support for scanning code repositories with the twistcli command-line interface, as well as new support for scanning GitHub Enterprise repositories. Additionally, it includes advanced license detection to identify open-source licenses in packages, combined with license compliance rules, to monitor and manage usage within an organisation.

“Today’s enterprises are running their cloud-native applications on a wide variety of form factors, including a combination of cloud VMs, containers, Kubernetes, and serverless architectures that all need to be secured,” said ESG VP and Group Director – Cybersecurity, Doug Cahill.

“The latest enhancements to Prisma Cloud deepen their security capabilities for protecting modern applications on both containers and Kubernetes, but also foundational virtual machines from a single, unified solution.”
 
The new features are available today in the Prisma Cloud Compute Edition, with general availability in Prisma Cloud Enterprise Edition by late May.

Related posts

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.