Palo Alto Networks has introduced the addition of a brand new steady integration/steady supply (CI/CD) safety module to Prisma Cloud, its cloud native software safety platform (CNAPP). The module is the eleventh that the cybersecurity vendor has added to Prisma Cloud and relies on the mixing of software safety (AppSec) agency Cider Safety, which it acquired in December 2022.
The brand new integration is designed to safe the CI/CD surroundings and shield towards open-source vulnerabilities with software program composition evaluation, optimizing safety and threat prevention all through the software program supply pipeline, Palo Alto Networks said. Its capabilities span visibility, management, threat administration, and breach detection, the seller added.
The discharge comes within the wake of new guidance from the US Cybersecurity & Infrastructure Safety Company (CISA) and the Nationwide Safety Company (NSA) on the significance of securing the CI/CD pipeline. In the meantime, greater than a 3rd (36.9%) of UK organizations imagine insufficient software program provide chain safety is the most important cloud native safety threat to their enterprise, in line with a latest Aqua Security study. This means a rise of 18.6% in contrast with the same survey from the earlier yr.
CI/CD environments enticing assault targets for malicious actors
CI/CD is a growth course of for constructing and testing code modifications that helps organizations preserve a constant code base for his or her purposes whereas integrating code modifications. CI/CD pipelines are sometimes applied in industrial cloud environments due to the cloud’s position in IT modernization efforts, and organizations usually leverage CI/CD-focused instruments and companies to streamline software program growth and handle purposes/clouds’ programmable infrastructure. CI/CD environments are subsequently enticing targets for malicious cyber actors who search to compromise info by introducing malicious code into CI/CD purposes, having access to mental property/commerce secrets and techniques via code theft, or inflicting denial of service results towards purposes.
CI/CD safety module enhances engineering ecosystem visibility, leverages OWASP threat intel
Prisma Cloud’s new CI/CD safety module introduces an AppSec dashboard that unifies visibility throughout the engineering ecosystem, Palo Alto wrote in a blog. The dashboard normalizes indicators throughout code scanners to offer a centralized view of threat and a trending view to assist monitor safety efficiency throughout growth groups, it added. “AppSec groups achieve visibility throughout code repositories, contributors, applied sciences used, and pipelines linked together with particular code dangers,” in line with the seller.
The brand new providing additionally offers steering on assault vectors and finest practices to mitigate them through a formally acknowledged business benchmark – the OWASP Top 10 CI/CD Risks challenge, Palo Alto mentioned. “Organizations can profit from the challenge at any stage of their CI/CD safety journey. For instance, it is simple for groups to make use of the challenge’s steering to assist determine misconfigurations for model management programs (VCS) and CI/CD pipelines. These misconfigurations may simply result in code tampering, credential theft and in the end a runtime breach.”
