Palo Alto Networks has expanded its cloud native application protection platform (CNAPP), Prisma Cloud, with the addition of a new continuous integration/continuous delivery (CI/CD) security module. This integration comes as the eleventh addition to Prisma Cloud and is the result of the integration of Cider Security, an application security (AppSec) firm that was acquired by Palo Alto Networks in December 2022.
The main goal of this new integration is to enhance the security of CI/CD environments and protect against open-source vulnerabilities through software composition analysis. By optimizing security and risk prevention throughout the software delivery pipeline, Palo Alto Networks aims to provide organizations with increased visibility, control, risk management, and breach detection capabilities.
The release of this CI/CD security module follows recent guidance from the US Cybersecurity & Infrastructure Security Agency (CISA) and the National Security Agency (NSA) on the importance of securing the CI/CD pipeline. Additionally, a recent Aqua Security study found that 36.9% of UK organizations consider inadequate software supply chain security as the biggest cloud native security risk to their business, suggesting an 18.6% increase compared to the previous year.
CI/CD environments have become attractive targets for malicious actors due to their role in IT modernization efforts and their use of commercial cloud environments. Organizations leverage CI/CD-focused tools and services to streamline software development and manage the programmable infrastructure of their applications and clouds. This makes CI/CD environments vulnerable to cyber attacks that aim to introduce malicious code, steal intellectual property, or cause denial of service effects.
The new CI/CD security module of Prisma Cloud offers several enhancements to the engineering ecosystem. It introduces an AppSec dashboard that provides unified visibility across the ecosystem, allowing AppSec teams to monitor security performance across development teams. The dashboard helps identify any code risks by normalizing signals across code scanners. Furthermore, the module leverages the OWASP Top 10 CI/CD Risks project to provide guidance on attack vectors and best practices for mitigating them. This formally recognized industry benchmark assists organizations in identifying misconfigurations that could lead to code tampering, credential theft, and runtime breaches.
By adding this CI/CD security module to Prisma Cloud, Palo Alto Networks aims to provide organizations with a comprehensive cloud native application protection platform that addresses the increasing security risks associated with CI/CD environments. The integration of Cider Security and the utilization of the OWASP Top 10 CI/CD Risks project demonstrate Palo Alto Networks’ commitment to staying at the forefront of application security and assisting organizations in effectively securing their software delivery pipelines.