Three trends with cloud native applications present significant security concerns that can cost your organization through breach or valuable time lost in remediation.
The first area of risk enters with development. Modern cloud-native apps are constructed in CI/CD pipelines consisting of many components and dependencies, any number of which can unknowingly introduce vulnerabilities. The holy grail of vulnerability management is prioritizing vulnerabilities that matter while balancing risk and vulnerability impact on production environments.
Second, most of today’s traffic is web, and most web traffic is via API calls. API is a software intermediary that allows two applications to extract and share data. Cloud-native applications rely on APIs for communication, as APIs are the entry point to our apps and data. The explosive growth of insecure cloud-native deployments has made APIs a primary attack vector.
Third, all systems are vulnerable. It’s only a matter of time before a vulnerability is exploited. Unaddressed vulnerabilities amplify security alerts at runtime, and attackers have bountiful targets when vulnerabilities are discovered because 100% patch rates are rare.
For DevOps and security teams that focus on runtime application security, Prisma Cloud is making it easier to adopt agentless and agent-based architectures that help with prioritizing threats and defending your workloads.
We’re pleased to announce the following key capabilities that reinforce security in your code to cloud journey:
In our commitment to ongoing development, we’ve added new features that will make it easier for you to identify and prioritize security issues with our Vulnerability Explorer. You’ll find new ways to better track, analyze, and prioritize vulnerabilities across all your workloads.
With this protection policy, we provide compliance controls that give users the ability to select which applications can run on their host machines and specify the allowed versions. Now you can reduce the attack surface and ensure continuous compliance controls on all your hosts.
With the addition of container agentless scanning, customers can centralize visibility across hosts, VMs, serverless, and containers.
Due to the massive growth in APIs, less than 50% of enterprise APIs will be managed by 2025, according to a recent study by Gartner. The speed of application development makes it incredibly challenging without automation to keep track of all API-associated risks. API Security needs to start with full insight into the risk APIs pose across your cloud environments.
Prisma Cloud has enhanced its API security capabilities with API risk profiling to help teams understand and prioritize risk based on 200+ factors for all APIs in your environment. Understanding the risk factors associated with APIs based on misconfigurations, best practices, exposure to sensitive data and access control is a key step before application security teams can take preventative measures to reduce the API attack surface.
In a single view, Prisma Cloud provides the API endpoint’s path, the method used to call, the number of times it’s been called, what protections are enabled, its risk factors and the vulnerabilities in the underlying workload. Prisma Cloud makes it easy to prioritize risk based on these filters and then users can enable runtime protection to enforce security across the OWASP API Top 10 security risks.
Figure 1: API Risk Profiling and Observations
We improved our risk mechanism for CVEs across a number of areas. First, you can now filter the CVE viewer in the Vulnerability Explorer by risk factors of your choice (see Figure 2). You can include factors, such as whether the container is privileged or if the container is exposed to the Internet. This will help you find affected assets fast.
Second, we added a new risk factor category — ‘Exploit in the wild’ (see figure 3) — with CISA Known Exploited Vulnerabilities Catalog as the main data source. Now you can know which CVEs have a proven risk of exploitation. Based on this, you can create alerts and block policies for ‘exploits in the wild’ vulnerabilities.
Figure 2: Additional search parameters in Prisma Cloud Vulnerability Explorer to help security teams focus on things that matter
Figure 3: Expanded Risk and Environmental factors overview for a more granularity and insights
To minimize the attack surface and prevent vulnerable applications from running on host machines, we’ve added a new capability to detect legacy applications and control the application inventory on your host machines with compliance checks.
Now you can identify legacy applications or the versions of the applications that can run on hosts (see Figure 4). Without this control, vulnerable applications and versions with vulnerabilities can run freely on host machines. But with compliance controls, you have the ability to select which applications can run on host machines and specify the allowed versions. Our compliance controls can alert on a range of versions or raise an alert on specific applications detected on host machines.
Figure 4: Added process for new application control rule in Prisma Cloud
Securing cloud environments in an agentless deployment model begins with quick visibility to inventory and threat prioritization but with little to no overhead processes. We are continuing the investment in agentless capabilities to help you map the environment and calculate and prioritize risk as a first step in implementing application security at runtime.
We know that distributed environments, mixed workload types and app stacks require frictionless security. Our latest release of agentless security brings support for containers across the major cloud providers. In addition to container scanning, we’ve introduced host scanning for Oracle Cloud and compliance assessment for Kubernetes clusters across the public cloud, including support for OpenShift clusters.
To learn more about the latest product updates and discover how Prisma Cloud provides everything you need for cloud-native security, we invite you to take a test drive with a hands-on demo.
Prisma Cloud protects application lifecycles from code to cloud for 2000+ customers, securing more than 1.5 billion assets and protecting over 2.5 million workloads by processing roughly 2 billion events each day. Continually recognized by the industry — most recently by Frost and Sullivan — Prisma Cloud was named the Global Cloud Workload Protection Company of the Year and earned Frost & Sullivan’s 2022 award across 10 categories. For its outstanding growth and innovation, Prisma Cloud was also named a Leader in the inaugural Frost Radar: Cloud-Native Application Protection Platforms (CNAPP) study.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 8 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
