SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Palo Alto Networks introduces CI/CD Security module into cloud security platform
Fri, 28th Jul 2023

The attack surface of cloud-native applications continues to grow as adversaries look to exploit misconfigurations and vulnerabilities throughout the application life cycle. In response, the industry has turned to Cloud Native Application Protection Platforms (CNAPPs) to unify multiple disparate security capabilities and protect applications from code-to-cloud.

Recognising this, Palo Alto Networks introduced the CI/CD Security module to provide integrated software delivery pipeline security as part of our code-to-cloud capabilities in Prisma Cloud's CNAPP platform.

By securing the CI/CD environment and protecting against open source vulnerabilities with software composition analysis, Prisma Cloud is the most complete security platform for seamlessly protecting the entire engineering ecosystem.

According to Gartner, securing the software delivery pipeline is as important as securing the software that is delivered. The CI/CD Security module enables DevOps and security teams to better collaborate and improve security outcomes throughout the application life cycle.

By adding CI/CD Security into the Prisma Cloud platform that already includes Secrets Scanning, Software Composition Analysis, Infrastructure as Code Security organisations are able to optimise security and risk prevention throughout the entire software delivery pipeline, achieving a holistic and comprehensive security oversight which cannot be achieved with individual, siloed solutions.

Ankur Shah, Senior Vice President, Prisma Cloud, Palo Alto Networks, says, "A major challenge in securing CI/CD pipelines is visibility. The myriad of third-party tools and applications running in development environments makes it almost impossible for security teams to determine if they are correctly configured.

"The integration of Ciders capabilities secures the CI/CD environment and gives Prisma Cloud customers the ability to analyse individual tools, visualise how they interact with applications and each other, and identify and remediate risks."

Daniel Krivelevich, CTO of Application Security, Prisma Cloud, Palo Alto Networks and former co-founder of Cider Security, says, "The only way to prevent insecure code from reaching production is to scan every code artifact, dependency, and ensure the delivery pipeline is effectively protected. Integrating Ciders technology with Prisma Cloud strengthens the platforms ability to help secure organisations' entire engineering ecosystem, ensuring only what is intended is pushed to production."

CI/CD Security is the eleventh module integrated into the Palo Alto Networks cloud security platform. The new module is derived from Cider Security's capabilities that helps organisations "shift security left" to prevent threats and vulnerabilities before applications are deployed into production environments. 

Nir Rothenberg, Chief Information Security Officer, Rapyd, says, "Since implementing Prisma Clouds CI/CD Security module, we now have complete visibility into all the third party tools we leverage to build and deploy applications to the cloud. This ultimately gives us the confidence that were eliminating threats and vulnerabilities in code from reaching production environments."

As organisations continue their cloud transformation efforts, Palo Alto Networks next-generation security platforms aim to collectively and comprehensively enable enterprises to stay ahead of threats, secure their networks, protect their cloud-native applications, and better manage security operations.