Palo Alto Networks is the latest version of "PRISMA CLOUD 3) of the cloud native application protection platform (CNAPP) on January 31, 2022.."0" has been announced that it has started to be offered in Japan.The latest version has enhanced functions focusing on the security risks of the entire application life cycle, from cloud application / service design to development, deployment and execution.Support the realization of comprehensive cloud security measures.
The latest version "Prisma Cloud 3."0" enhances security functions that take security risks throughout the life cycle of multi -cloud.
Palo Alto Networks Chief Cyber Security Strategist Seira Someya, the company's cloud security technology headquarters CTO Misura Agay
According to the company's survey, the cloud ratio reached 43 % among the workloads of domestic companies in 2021, and it has grown to the same as overseas.The use of multi -cloud, which uses multiple businesses, such as Microsoft Azure and Google Cloud (GCP), from single cloud only Amazon Web Services (AWS) to the purpose of needs and load dispersion, is in full swing.
On the other hand, among the third -party IAC (Infrastructure ascode) templates, 63 % of the third -party IAC (Infrastructure ascode), which are used to improve the efficiency of cloud infrastructure, 96 of the container image in the public registry.The company's survey has also found that % contains some known vulnerabilities.
"In 2021 of the Corona evil, cloudy sources, which have security risks, increased by 188 % against 2020. How to grasp the cloud -specific risks and visualize threats in the multi -cloud environment.It has been a year when the tasks have become apparent, "said Seira Someya, Chief Ciberal Security Strategist, a paroalt network.
"Current status of cloud security risks" by Palo Alto Survey
Prisma Cloud 3.0 is compatible with "Agentless Scan", which generates AWS VM snapshots and scan vulnerabilities.Fixed a function to detect vulnerable IAC code and automatically correct it to a secure code, a function to automatically scan it when committing to a gitHub repository, and automatically detect the difference between the IAC code and the production environment.New functions related to IAC security such as functions to be added have been added.
In addition, Cortex XDR connectors and GRPC countermeasures that send incident data for Microsfot Azure and GCP VM images, host, containers, and serverless incident data to threat analysis and countermeasures support platform "Cortex XDR", PRISMACLOUD Operation Support Dashboard "Adoption Advisor" Beta has been added.
Prisma Cloud 3.0 function enhancement points, Main function added
PRISMA CLOUD was adopted last year in a full -cloud banking system for everyone's bank.
According to Misura Agay, a CTO of Palo Alto Networks Cloud Security Technology Headquarters, "Realizes and visualizes the overall cloud native environment including containers and Kubernetes cluster execution, provides real -time protection for environments other than containers. Datadog.It can be easily linked with monitoring tools, so it can build a centralized operation management. Above all, it has been evaluated to be able to practice DevSecops in cooperation with CI/CD tools. "
Everyone's bank adopts Prisma Cloud for DevSecops practice
"For example, vulnerabilities such as Log4J can be discovered and dealt with in the initial phase of the development life cycle such as design and implementation, and we consider the role of Prisma Cloud to support it. CNAPP will continue to be CNAPP.I want to add the required functions at any time and expand the ecosystem with a partner with strengths in the cloud native regions, and to work on the appeal of CNAPP and DevSecops "(Agay)