Clik here to view.
Security Theater: Who Cares About Your AppSec Findings?
Welcome to Act 2 of our blog series focused on Security Theater where we seek to shed light on the illusion of cloud security. Previously we explained why you should NOT measure success based on...
View ArticleNot Just Another State of [Cloud-Native Security] Report
If you’re like me, you might be getting a tad exhausted keeping up with the many flavors of “The State of” reports. And I’m only talking about the ones within cybersecurity — everything from SBOMs to...
View ArticleClik here to view.
Bringing a Point of View to Your CIEM Strategy with Prisma Cloud
A Preview of New Features in Prisma Cloud Managing cloud infrastructure and entitlement management (CIEM) is hard enough with multicloud, sprawling machine and user identities, and users accessing the...
View ArticleClik here to view.
Best Practices for Managing Vulnerabilities in the Cloud–Part 2
Welcome back to our Best Practices for Managing Vulnerabilities in the Cloud series. In part one, we discussed how important it is to have complete visibility into vulnerabilities across your cloud...
View ArticleHarnessing AI to Bolster Cybersecurity: Safeguarding Qatar’s Digital...
As the world embraces digital transformation, the threat landscape expands in parallel. With threat actors constantly developing new tactics, techniques and procedures, the speed to react and recover...
View ArticleClik here to view.
Improving API Security with Google Cloud Service Extensions
Explore the potential of Service Extensions to strengthen your API security layer and protect web applications across any cloud-native architecture, public or private. New Service Extensions Release...
View ArticleClik here to view.
Acting on NSA Zero Trust Guidance for Applications and Workloads
Figure 1: The seven pillars of Zero Trust (source: National Security Agency) The U.S. National Security Agency (NSA) recently published the cybersecurity information sheet Advancing Zero Trust Maturity...
View ArticleClik here to view.
Are Cloud Serverless Functions Exposing Your Data?
More than 25% of all publicly accessible serverless functions have access to sensitive data, as seen in internal research. The question then becomes, Are cloud serverless functions exposing your data?...
View ArticleClik here to view.
Breaking Bad Habits with CIS Benchmarks
In today’s cyberthreat climate, organizations must prioritize the security of their IT infrastructure. The Center for Internet Security (CIS) Benchmarks provide a set of comprehensive guidelines...
View ArticleClik here to view.
One Small Step for Developers, One Giant Leap for Security
Incorporate Prisma Cloud directly into your development workflows with intuitive IDE and VCS integrations. DevSecOps, while heavily marketed, is consistently overlooked in practice. The concept of...
View ArticleInstilling a Secure Cloud Mindset
The journey toward formidable — invincible — cloud security involves not just technological changes but a fundamental shift in culture, mindset, and operational processes. But attempting to harness the...
View ArticleClik here to view.
2024 Open-Source Security Tools Roundup
We’re quickly approaching the halfway point of 2024 and, with it, the advent of the summer security conference season. This got us thinking about our favorite go-to open-source security tools! Whether...
View ArticleClik here to view.
Why EPSS Scores Matter for Vulnerability Management
Unaddressed security flaws can have significant repercussions — data breaches, financial loss, reputational damage — making vulnerability management critically important. Vulnerabilities provide entry...
View ArticleClik here to view.
CSPM Practitioners: Use AI To Your Advantage
For more than seven years now, cloud security posture management (CSPM) tools have provided cloud asset visibility, detected risky misconfigurations and monitored compliance posture for organizations....
View ArticleClik here to view.
Empowering Developers and Security Teams with Prisma Cloud and Terraform
For cloud and development teams struggling with securing continuous rapid deployment (CI/CD) and needing faster security workflows, Prisma Cloud can help with cloud-native integrations to shift...
View ArticleClik here to view.
Inject Security into Your AWS Development Pipeline
Seamlessly integrate Code to Cloud security into your AWS development workflows with Prisma Cloud and AWS CodeCommit. We recently wrote about shifting left with Prisma Cloud in a blog post that...
View ArticleClik here to view.
Peekaboo! We See Connections Between Your Shadow and Sanctioned Clouds
Shadow IT and unmanaged cloud assets pose significant security risks for organizations. Prisma Cloud, in recent months, has addressed this visibility gap left by legacy CSPM technologies — identifying...
View ArticleThe Growing Dichotomy of AI-Powered Code in Cloud-Native Security
Unveiling the Duality: Harnessing AI's Potential While Safeguarding Cloud-Native Security AI-generated code promises to reshape cloud-native application development practices, offering unparalleled...
View ArticleClik here to view.
Where to Start When Dealing with Shadow Cloud Assets
Exploring the latest enhancements of Cloud Discovery & Exposure Management (CDEM) to combat shadow IT with Prisma Cloud. The flexibility and scalability of cloud-native development create a strong...
View ArticleClik here to view.
Cloud Security Simplified: NIST CSF 2.0 Meets Prisma Cloud
Earlier this year, the National Institute of Standards and Technology (NIST) published a major revision to their Cybersecurity Framework (CSF), known as NIST CSF 2.0. For several years Prisma Cloud has...
View Article