Palo Alto Networks unveiled the continuous integration and continuous delivery (CI/CD) security module at its INTERSECT ’23 conference. CI/CD Security will be part of the Prisma Cloud security platform.
According to Palo Alto Networks, AppSec teams often have a fragmented view of the risks they face. This is due to the use of different types of code scanners, which aim to detect misconfigurations and vulnerabilities. In addition, Palo Alto Networks sees a lack of visibility into what technologies and frameworks are being used and how to export the ecosystem’s software bill of materials.
That’s why CI/CD Security is now coming to the Prisma Cloud security platform. The module should provide better visibility into engineering ecosystems and protect against the Open Worldwide Application Security Project Top 10 CI/CD risks. It also comes with functionality for pipeline posture management and attack path analysis.
Through the new Prisma Cloud Application Security dashboard, signals from code scanners are structured. In this way, it should provide visibility into risks at a central point. It also provides a piece of monitoring for security performance of development teams.
AppSec teams gain insight into code repositories, contributors, technologies used, connected pipelines and specific code risks. The module helps AppSec professionals understand which repositories and pipelines are connected to production so they can prioritize risks.
CI/CD Security is scheduled to be available this summer.