Cybersecurity giant Palo Alto Networks is releasing a context-aware software composition analysis solution to help developers safely use open source components to help secure software supply chains.
The company’s software composition analysis (SCA) solution will be integrated into its cloud-native application protection platform Prisma Cloud, which Palo Alto Networks says will help developers and security teams proactive surface and prioritize known vulnerabilities throughout the application lifecycle.
Palo Alto Networks calls Prisma Cloud a complete cloud-native application protection platform (CNAPP) that is context aware at every stage of the application lifecycle, providing a unified view of risk across an organization’s cloud environments and delivering deep dependency detection and remediation of vulnerabilities in open source software before applications reach production.
With the integration of SCA, developers can use the tool to prioritize remediation based on software components that are actually in use.
According to the company, there has been a 188% increase in cloud incident response cases over the past three years, which demands a new approach to cloud security that doesn’t rely on siloed products that provide intermittent visibility. Prisma Cloud, the company says, provides a comprehensive prevention-first framework.
In addition to SCA, Prisma Cloud now also includes a software bill of materials (SBOM) and other capabilities to help developers maintain and reference a complete codebase inventory of every application component used across cloud environments.
Palo Alto Networks says a complete code-to-cloud CNAPP needs to incorporate these key principles, which the company says Prisma Cloud was designed to align with:
- Security from code to cloud — protects applications at every stage of the development lifecycle — from code, build, deploy and run.
- Continuous, real time visibility — uses real-time and contextual security analysis of cloud environments to help prevent misconfigurations, vulnerabilities and threats.
- Prevention-first protection — stopping attacks and defending against zero-day vulnerabilities to drive down mean time to remediation.
- Choice for every cloud journey — aligning security needs with current and future cloud priorities by supporting a breadth of cloud service providers, workload architectures, continuous integration and continuous delivery (CI/CD) pipelines, integrated development environments (IDEs), and repositories with a unified platform
- Cloud scale security — consistently secures applications as cloud environments scale.
Ankur Shah, the senior vice president of Palo Alto Networks’ Prisma Cloud, says developers who leverage open-source software should be able to build applications without having to worry about introducing vulnerabilities into organizations’ environments.
“With the average application consisting of 75% open-source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build with speed,” says Shah in a statement.