Palo Alto Networks tightens cloud security with SCA integration in Prisma Cloud solution

Open Source software is an important part of a well-functioning cloud infrastructure, but it also exposes companies to unnecessary risk.

Hence launching Palo Alto Networks now an SCA solution to secure against dangerous open source code.

Palo Alto Networks, one of the world’s largest IT security companies, is now introducing a new solution to one of the biggest challenges in a cloud-centric world: vulnerable open source code.

As the latest Unit 42 Cloud Threat Report 2H 2021 showed, open source code is a necessity for companies when setting up and integrating cloud solutions and infrastructure, but the same open source software often has known vulnerabilities that can expose organizations to unnecessary danger.

Therefore, Palo Alto Networks is launching the first content-aware Software Composition Analysis (SCA) solution, which integrates into Palo Alto Networks’ existing Prisma Cloud solution.

Protected throughout the cycle of the code

With the integration of SCA in Prisma Cloud, developers and security teams can proactively scan for known vulnerabilities in the code at all points in the application cycle (code, development, deployment and deployment).

The Prisma Cloud service is a complete “Cloud-Native Application Protection Platform” (CNAPP), which protects cloud applications in all its phases.

“Developers leveraging open source software should be able to build applications with confidence that it does not open the organization up to risks of attack. With the average application comprised of 75 percent open source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build at speed,” said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks.

Current approaches to cloud security rely on silo solutions that only provide protection at runtime and rarely scan an organization’s cloud-native applications. In today’s world, where there has been a 188 percent increase in cloud-specific attacks over the past three years, this approach to security is failing.

A complete code-to-cloud CNAPP must include the following five key principles to keep organizations secure:
  • Security from code to cloud – Protects applications at all stages of the development lifecycle – from code, development and deployment to decommissioning.
  • Continuous real-time visibility — Uses real-time and contextual security analysis of cloud environments to help prevent misconfigurations, vulnerabilities and threats.
  • Prevention-first protection — Stopping attacks and defending against zero-day vulnerabilities before a potential attack does damage.
  • Choice for every cloud journey — Aligning security needs with current and future cloud priorities by supporting a wide range of cloud service providers, workload architectures, continuous integration and continuous delivery (CI/CD) pipelines, integrated development environments (IDEs), and repositories with a unified platform.
  • Security at cloud scale — Consistently secures applications as cloud environments scale.

Source: IT-Kanalen by

*The article has been translated based on the content of IT-Kanalen by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!