Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Palo Alto Networks l Prisma Cloud

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. Its core products are a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security.

Our Website:

Latest Content From Palo Alto Networks l Prisma Cloud

Whitepaper: Implementing Cloud Native Security: Shift-Left to Increase Effectiveness

by Palo Alto Networks l Prisma CloudDec 11, 2020

Cloud security methods like "shift-left security" and "DevSecOps" refer to new strategies and paradigms that help organizations keep workloads secure in the age of cloud-based, scale-out, constantly-changing applications and infrastructure.

Many in IT, security, and development probably understand what these concepts mean at a high level. Implementing them in a practical sense, however, may be harder. Not only do they require organization-wide buy-in, but they must be efficiently integrated into workflows and toolsets that are already in place.

This guide is designed to address that challenge by exploring what modern, shift-left security entails, including:
• Defining cloud security frameworks and explaining their importance.
• Exploring practical strategies for putting those security philosophies into practice.
• Offering guidance specific to common IT architectural strategies in use today.

E-Book: From the Node Up: The Complete Guide to Kubernetes Security

by Palo Alto Networks l Prisma CloudDec 11, 2020

Kubernetes is a many-layered beast, a complex platform that consists of more than half a dozen components. While it offers a handful of native security features, fully securing your environment means addressing various types of potential vulnerabilities across layers of infrastructure.

Fortunately, the fact that Kubernetes is a sprawling platform with so many integrations also makes it possible to build an automated, systemic set of processes to secure the build and deployment process.

Get your copy of the Complete Guide to Kubernetes Security and see how to:

• Identify Kubernetes security challenges from the node up
• Design a security strategy that reinforces the rest of your Kubernetes-based processes
• Implement automated and scalable solutions to address vulnerabilities

Keep your Kubernetes-based workloads secure, no matter how large your cluster is or which type of infrastructure you use to host it—on-premise, public cloud or managed service.

Infographic: Infographic: Cloud Security Now

by Palo Alto Networks l Prisma CloudDec 11, 2020

Prisma Cloud conducted a global survey to ask security and DevOps teams on the forefront of cloud native development: What's happening in cloud security now? The result is the largest, most globally expansive market research dataset on cloud native security to date.

This infographic presents the highlights including:

• The top challenges teams are facing
• How much teams are spending (and what they're spending it on)
• What are the most successful teams doing right?

Check it out to see how your organization compares.

Whitepaper: The Geek Guide to Calculating the ROI of DevSecOps

by Palo Alto Networks l Prisma CloudSep 16, 2020

Traditionally, security has been pushed off to the final stages of the process, bolted-on as an afterthought in the software development and delivery lifecycle. Before the DevOps concept took hold, when the entire process consumed many months or even years, this wasn't a big problem.

Now that more companies have adopted continuous integration and delivery (CI/CD) models, releases tend to occur in weeks or even days. In this model, waiting until the very last minute to ensure an application is safe and secure to deploy has the potential to destroy the entire process and derail delivery.

DevSecOps answers this challenge with a security-focused mindset into traditional DevOps processes. Security decisions become an integral part of the workflow without sacrificing speed or slowing down development.

This guide examines:
• The business value of adopting DevSecOps, along with container technologies that help actualize DevSecOps processes.
• Key insights into the current rate of market adoption of containers and DevSecOps
• The best tools to help your organization realize ROI from "shifting left" by adopting containers and DevSecOps.

Take a look and see where your organization can improve.

Whitepaper: Leveraging DevSecOps to Secure Cloud-Native Applications

by Palo Alto Networks l Prisma CloudSep 16, 2020

Application architectures and infrastructure platforms are evolving, but traditional cybersecurity technologies aren't built to protect these new environments. With so much in flux, organizations simply can't rely on traditional approaches to protect their business-critical workloads. Additionally, DevOps is transitioning to a continuous integration and delivery (CI/CD) process, further impacting security models.

To explore the impact of these changes, ESG conducted a research survey covering cloud native security trends, how organizations are "shifting security left," and the emergence of a DevSecOps model. Read the survey analysis to learn about:

• Current and future cloud-native security best practices
• Common challenges to watch out for when security apps
• Requirements to secure and deploy apps born in the cloud

Learn more about ESG's core takeaways and recommendations for moving your organization toward a DevSecOps model. You'll find out how to implement tools that automate security via CI/CD integration to protect your future.

Whitepaper: Unit 42 Cloud Threat Report: Spring 2020

by Palo Alto Networks l Prisma CloudSep 16, 2020

In the rush to automate more and more build processes in the cloud, many organizations are adopting infrastructure as code (IaC) to help streamline their operations. While IaC itself isn't new, many companies are adopting it for the first time. As often happens when moving quickly, this is opening them up to new risks.

Using a combination of proprietary Palo Alto Networks data and intel from public sources, Unit 42 cloud threat researchers analyzed hundreds of thousands of IaC templates. Research shows that IaC offers security teams a programmatic way to enforce security standards, but much of its power remains largely unharnessed--and in many cases, it's simply not secure.

Key findings show more than 199,000 potential vulnerabilities in IaC templates. On top of that, more than 43% of cloud databases are currently unencrypted, and only 60% of cloud storage services have logging enabled.

The full Unit 42 Cloud Threat Report offers insight on:

• Vulnerabilities in IaC templates and how to avoid them
• The latest trends in cryptomining and cybercrime operations
• What's on tap for the remainder of 2020 from a threat perspective

It's crucial to be aware of these vulnerabilities. Read the report, and you can start deploying best practices to enforce complete cloud security.

Whitepaper: State of Cloud Native Security 2020

by Palo Alto Networks l Prisma CloudSep 16, 2020

Palo Alto Networks conducted a global survey to ask security and DevOps leaders on the forefront of the cloud and cloud native security ecosystem: What's happening in cloud native security today and what's working best for organizations.

The result is the largest, most globally expansive market research dataset on cloud native security to date. Leaders provided candid answers to questions on:

• What current and future investment levels in cloud and cloud native security tooling vendors look like
• How confident and prepared respondents are in using hybrid- and multi-cloud infrastructure
• What cloud security threats and challenges keep them up at night

Download your copy to see the results, and understand how your organization compares.