- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
The latest acquisition of Bridgecrew is going to bring a lot of great things for our customers. Primarily in the “Shift-Left” categories which will help solidify those same great features that Prisma Cloud provides, but with a broader and more refined use. Because of this, there will be some CI/CD Plugins that Prisma Cloud currently uses that will either be replaced or modified.
Prisma Cloud plugins enable you to check your DevOps infrastructure as code (IaC) templates for security misconfigurations, scan container images to proactively vulnerabilities, scan code dependencies for vulnerabilities and license issues, as well as detect exposed secrets.
The plugins or extensions as called on some environments, scan your templates against Prisma Cloud IaC policies to ensure compliance with security best practices before you deploy it into the cloud infrastructure. These plugins enable you to stay secure while being agile because they make it easy to scan your files, review any potential security issues, fix and validate code before you check it into your source control repository or integrate it in your CI/CD pipeline.
IaC functionality present in the product today will be replaced by a Prisma "cloud application security" (CAS) module that delivers Bridgecrew integration in the Prisma Cloud Enterprise Edition. The Prisma "cloud application security" (CAS) module is available now as a Prisma Cloud Enterprise Edition subscription and integration, can be enabled in Prisma Cloud under’ Settings’ > ‘Providers’.
Here is a list of the current Prisma Cloud Plugins and what will be changing
INTEGRATION |
CATEGORY |
MARKETPLACE |
WHAT IS CHANGING |
AWS DevOps
|
CI/CD |
Switch to the Prisma "cloud application security" (CAS) module |
|
Azure DevOps
|
CI/CD |
Switch to the Prisma "cloud application security" (CAS) module |
|
Bitbucket
|
SCM and CI/CD |
Switch to the Prisma "cloud application security" (CAS) module |
|
CircleCI
|
CI/CD |
Switch to the Prisma "cloud application security" (CAS) module |
|
GitHub
|
SCM |
Switch to the Prisma "cloud application security" (CAS) module |
|
GitHub Actions
|
CI/CD |
Switch to the Prisma "cloud application security" (CAS) module |
|
GitLab
|
SCM and CI/CD |
— |
Switch to the Prisma "cloud application security" (CAS) module |
IntelliJ IDEA
|
IDE |
Switch to the Prisma "cloud application security" (CAS) module |
|
Jenkins
|
CI/CD |
Get the plugin from the Prisma Cloud administrative console ( Compute> Manage > System > Downloads) |
Switch to the Prisma "cloud application security" (CAS) module |
Switch to the Prisma "cloud application security" (CAS) module |
|||
Visual Studio Code
|
IDE |
Switch to the Prisma "cloud application security" (CAS) module |
Figure 1: Prisma Cloud Integrations_PaloAltoNetworks
Additionally, with the Prisma "cloud application security" (CAS) module will "replace" the legacy IaC service available in the product, we’re recommending customers to look into ‘Checkov’, an open-source command line interface (CLI) utility that includes more than 750 predefined policies and supports custom policies. I will provide the links at the bottom of the page for your reference but other great things with this tool is that it integrates nicely with some existing CI/CD providers, like:
Figure 2: CI/CD Providers_PaloAltoNetworks
In addition to integrating with your code repository, Checkov can also integrate with your automated build pipeline via CI/CD providers. When your build tests run, Checkov will scan your infrastructure as code files for misconfigurations and you can review the output directly in your CI pipeline.
https://www.checkov.io/1.Welcome/Feature%20Descriptions.html#integrating-with-cicd
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Subject | Likes |
---|---|
3 Likes | |
3 Likes | |
2 Likes | |
1 Like | |
1 Like |