Palo Alto Networks has reimagined how enterprises approach cloud security with the industry’s first integrated Code to Cloud intelligence introduced as part of the Prisma Cloud Darwin release.
The introduction marks a “Darwin moment” for cloud security as Prisma Cloud pushes organizations to evolve beyond single point solutions
In the last decade, organisations have begun building and deploying cloud applications at an unprecedented pace, and there’s no sign of slowing down. According to Gartner, 65% of application workloads will be optimised or ready for cloud delivery by 2027 — up from 45% in 2022.
While the cloud offers exceptional agility and efficiency, it introduces major security risks that have become increasingly widespread — 80% of security exposures are found in cloud environments, according to the company’s Unit 42 Threat Intelligence team, which can result in large-scale breaches. These rising cloud attacks and the velocity of cloud application development are outpacing the speed at which security teams can protect their organisations.
Current approaches for code-to-cloud security are siloed, with the average organisation relying on six to ten tools for securing cloud infrastructure alone. Having disparate security tools leads to an incomplete security posture and creates a massive operational burden for security teams.
With its new Code to Cloud intelligence, Prisma Cloud — the industry’s most complete cloud-native application protection platform (CNAPP) — offers a single trusted place that connects insights from the developer environment through application runtime for security teams to contextualise alerts and pinpoint remediations. This intelligence effectively prevents risk and stops breaches while enhancing the end-user experience and improving developer and security team collaboration.
Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks, said: “The only way to secure applications from code to cloud is by fending off risk from entering the development pipeline and preventing breaches of applications in production. This can only be achieved through an intelligent CNAPP platform like Prisma Cloud that gathers intelligence throughout the application lifecycle so security teams can precisely trace vulnerabilities and misconfigurations back to their origin in the source code. Prisma Cloud’s Darwin release simplifies cloud security and improves productivity and collaboration across code, infrastructure, and runtime security.”
In many organisations, the ratio of developers to security professionals can be 100 to 1, resulting in understaffed teams. The current approach of working in silos does not guarantee comprehensive code to cloud security. This gap will widen as developers increasingly use AI to write and deploy code more quickly. Prisma Cloud, now with Code to Cloud intelligence, fosters collaboration between developers and security professionals by linking production security issues to specific remediation recommendations in code.
Melinda Marks, practice director, Enterprise Security Group, said: “Today’s reality is we face a cybersecurity skills shortage, especially in cloud security, while organisations are increasingly leveraging cloud services for faster application development to best serve customers and drive business results. At the same time, we have a rapidly evolving threat landscape increasingly targeting cloud workloads. So, it’s crucial to invest in an effective security solution that supports increased development productivity from code to cloud to enable security teams to optimise security risk mitigation and protect their applications to enable business growth.”
Chris Bogaards, vice president of IT security, Global Atlantic Financial Group, said: “Our greatest challenge before Prisma Cloud was gaining clear visibility into what was occurring in our cloud applications and what security alerts to prioritise. Our developers freely create applications with a myriad of tools not knowing what risks they’re introducing into the organisation. With Prisma Cloud, we now have a simple, yet comprehensive view across our entire application portfolio to understand what vulnerabilities we have, which ones to prioritise and how to fix them.” Watch Global Atlantic Financial Group’s customer testimonial.