.

Palo Alto Networks: Enhancing the Security in Cloud

Nikesh Arora

Chairman & CEO


“Everyday, Palo Alto Networks provides the visibility, trusted intelligence, automation and flexibility that help complex organizations advance securely”

Since its inception in the IT industry, cloud has changed the way developers and operating engineers think and work on their projects. In fact, the cloud paradigm has completely transformed the application development process. This in a way is dramatically improving performance and delivering faster outcomes to meet the growing market demands. However, as the infrastructure evolves, security has become a new concern. Developers are now working to address it on a regular basis while some of the leading security professionals have had to look at options that can implement security mechanisms. This is also with the vision to prevent and mitigate security threats as they emerge across the software development process. In its true sense cloud security is an inevitable progression of the way development teams think about protection of applications and ensuring their secure performance.

This is where Palo Alto Networks—the global cybersecurity leader—steps into the game by continually delivering innovation to enable secure digital transformation—even as the pace of change is accelerating. In a nutshell, the company’s vision is a world where each day is safer and more secure than the one before. Everyday, Palo Alto Networks provides the visibility, trusted intelligence, automation and flexibility that help complex organizations advance securely. “By delivering a comprehensive portfolio and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices.”

An innovative DevSecOps offering from the company is Prisma Cloud, a solution that delivers automated security for cloud native infrastructure and applications, integrated with developer tools. As cloud native application development is fast-paced and complex, it can be a challenge for security teams to keep up. With Palo Alto Networks, DevOps practices present an opportunity to use automation to secure apps and infrastructure before deployment, alleviating that pressure. The solution acts as a single tool for securing IaC, container images and source code across all modern architectures cloud environments. The Prisma Cloud embeds comprehensive security across the software development cycle. The platform identifies vulnerabilities, misconfigurations and compliance violations in IaC templates, container images and git repositories. It offers IaC scanning backed by an open source community, and image analysis backed by years of container expertise and threat research. With centralized visibility and policy controls, engineering teams can secure their full stack without leaving their tools, while security teams can ensure that only secure code is deployed.

The company’s infrastructure as code presents an opportunity to secure cloud infrastructure in code before it’s ever deployed to production. Prisma Cloud streamlines security throughout the software development lifecycle using automation and by embedding security into workflows in DevOps tooling for Terraform, CloudFormation, Kubernetes, Dockerfile, Serverless and ARM templates. The solution also comes with an automate cloud misconfiguration checks in code which performs automated checks for misconfigurations at every step of the software development lifecycle. Users can also leverage the power of open source and the community

Checkov with the open-source tool Bridgecrew built to power its build time scanning, is backed by an active community and has been downloaded millions of times. Bridgecrew is built on the open-source project Checkov. Checkov is a policy-as-code tool with millions of downloads that checks for misconfigurations in IaC templates such as Terraform, CloudFormation, Kubernetes, Helm, ARM Templates and Serverless framework. Users can leverage hundreds of out-of-the-box policies and add custom rules. Bridgecrew augments Checkov with simplified user experience and enterprise features. Moreover, it provides feedback directly in popular DevOps, including integrated development environments (IDE), continuous integration (CI) tools, and version control system (VCS). Additional aggregation and reporting are available in the Bridgecrew platform. Bridgecrew integrates with IDEs, CI tools and VCS to provide feedback and guardrails in the tools developers already use.

As cloud security requires a unified and integrated approach to deliver full stack, full lifecycle security. That’s why Palo Alto Networks has acquired and integrated the world’s leading startups into their Cloud Native Security Platform (CNSP).Today, the team is on a mission to build a more secure future for the world. With a set of innovations, acquisitions and investments Palo Alto Networks will continue protecting tens of thousands of organizations across cloud networks and mobile devices. With many niche vendors to choose from, what stands out about Prisma Cloud is the roadmap and the Palo Alto Networks visionto remediate critical vulnerabilities as well as delivering safe and secure products and services to market more quickly than ever before.