Palo Alto Networks has come up with some newer capabilities for Prisma Cloud to make organizations feel more protected. According to Palo Alto Networks, these new capabilities are a testament to its commitment to delivering comprehensive cloud workload protection across hybrid and multi-cloud environments. The newly designed features will help its consumers to build and deploy their workloads rapidly.

Palo Alto Networks is of the view that the new capabilities will “increase automation and detection, simplify compliance checks, and deepen visibility into malware threats for containers and hosts.”

Varun Badhwar, SVP for the Product, Prisma Cloud, says organizations “currently have large amounts of unprotected workloads and no efficient or unified way to secure them.” Badhwar continues, “They [organizations] are managing multiple, single-purpose security solutions to protect these workload stacks, which can create operational burdens and security gaps.”

He claims: “Today’s new capabilities further our commitment to deliver comprehensive cloud workload protection across hybrid and multi-cloud environments. DevOps teams can now efficiently build and deploy their workloads and applications rapidly while helping security teams deliver protection.”

Prisma Cloud’s new features

Following are the new Prisma Cloud capabilities for cloud workload protection:

  • Auto-Detection and Auto-Protection for Hosts

Prisma Cloud is now capable of automatically detecting unprotected virtual machines (VMs) that run on Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). The seamless deployment of the Prisma Cloud Defender agent ensures that VMs are not left unprotected.

  • Industry’s First Comprehensive Attack Framework Spanning Threats to Cloud-Native Workloads

Extension of the Mitre Att&ck framework brought by the Prisma Cloud’s new interactive dashboard gives a consolidated view of the entire cloud-native application portfolio. This lets organizations evaluate their defense against specific threat scenarios and provides incident response and remediation capabilities.

Palo Alto Networks’ Unit 42 threat research and the consulting team were responsible for developing this attack framework.

  • Simplified Compliance for Hosts, Containers, and Serverless Applications

Prisma Cloud Compliance Explorer makes compliance visibility easier across leading frameworks and the Centre for Internet Security (CIS), with new enhancements to the most recent benchmarks joining the current six certifications.

In addition, a new user interface provides an enforcement solution for Docker DISA STIG implementation (Defense Information Systems Agency Security Technical Implementation Guide).

  • Open Source License Analysis and Expanded Software Composition Analysis

Prisma Cloud also supports scanning code repositories with the twistcli command-line interface, as well as scanning GitHub Enterprise repositories for the first time.

Prisma Cloud also provides advanced license identification, which identifies open-source licenses in packages and combines them with license enforcement rules to track and control use within a company.

  • Anti-Malware Capabilities at Runtime and During Continuous Integration and Delivery (CI/CD) Scenarios

Prisma Cloud comes with  Palo Alto Networks’ WildFire intelligence for protection and gives deeper visibility into malicious malware threats. It also comes with new anti-malware and prevention capabilities for hosts and containers, initially to start the build process before the software is delivered.

Doug Cahill, Vice President and Group Director, Cybersecurity, Enterprise Strategy Group, says, “Enterprises are running their cloud-native applications on a wide variety of form factors—including a combination of cloud VMs, containers, Kubernetes, and serverless architectures that all need to be secured.”

He concludes: “The latest enhancements to Prisma Cloud deepen their security capabilities for protecting modern applications on both containers and Kubernetes, but also foundational virtual machines from a single, unified solution.”

The innovations in Prisma Cloud will help organizations ensure no workloads are left unprotected, added Palo Alto Networks.

Palo Alto Networks has also unveiled “the industry’s first cloud-native attack dashboard” that will be an extension of the Mitre Att&ck framework.