Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Palo Alto Networks | Prisma Cloud

Prisma Cloud is a comprehensive cloud native security platform with the industry's broadest security and compliance coverage—for applications, data, and the entire cloud native technology stack—throughout the development lifecycle and across multi- and hybrid cloud environments. The Prisma Cloud integrated approach enables security operations and DevOps teams to stay agile, collaborate effectively and accelerate cloud native application development securely. Prisma Cloud eliminates the security constraints around cloud native architectures rather than masking them, and breaks the security operational silos across the entire application lifecycle allowing DevSecOps adoption and enhance responsiveness to changing the security needs of cloud native architectures. For more information, visit

Our Website:

Latest Content From Palo Alto Networks | Prisma Cloud

Whitepaper: The Geek Guide to Calculating the ROI of DevSecOps

by Palo Alto Networks | Prisma CloudSep 16, 2020

Traditionally, security has been pushed off to the final stages of the process, bolted-on as an afterthought in the software development and delivery lifecycle. Before the DevOps concept took hold, when the entire process consumed many months or even years, this wasn't a big problem.

Now that more companies have adopted continuous integration and delivery (CI/CD) models, releases tend to occur in weeks or even days. In this model, waiting until the very last minute to ensure an application is safe and secure to deploy has the potential to destroy the entire process and derail delivery.

DevSecOps answers this challenge with a security-focused mindset into traditional DevOps processes. Security decisions become an integral part of the workflow without sacrificing speed or slowing down development.

This guide examines:
• The business value of adopting DevSecOps, along with container technologies that help actualize DevSecOps processes.
• Key insights into the current rate of market adoption of containers and DevSecOps
• The best tools to help your organization realize ROI from "shifting left" by adopting containers and DevSecOps.

Take a look and see where your organization can improve.

Whitepaper: State of Cloud Native Security 2020

by Palo Alto Networks | Prisma CloudSep 16, 2020

Palo Alto Networks conducted a global survey to ask security and DevOps leaders on the forefront of the cloud and cloud native security ecosystem: What's happening in cloud native security today and what's working best for organizations.

The result is the largest, most globally expansive market research dataset on cloud native security to date. Leaders provided candid answers to questions on:

• What current and future investment levels in cloud and cloud native security tooling vendors look like
• How confident and prepared respondents are in using hybrid- and multi-cloud infrastructure
• What cloud security threats and challenges keep them up at night

Download your copy to see the results, and understand how your organization compares.

Whitepaper: Unit 42 Cloud Threat Report: Spring 2020

by Palo Alto Networks | Prisma CloudSep 16, 2020

In the rush to automate more and more build processes in the cloud, many organizations are adopting infrastructure as code (IaC) to help streamline their operations. While IaC itself isn't new, many companies are adopting it for the first time. As often happens when moving quickly, this is opening them up to new risks.

Using a combination of proprietary Palo Alto Networks data and intel from public sources, Unit 42 cloud threat researchers analyzed hundreds of thousands of IaC templates. Research shows that IaC offers security teams a programmatic way to enforce security standards, but much of its power remains largely unharnessed--and in many cases, it's simply not secure.

Key findings show more than 199,000 potential vulnerabilities in IaC templates. On top of that, more than 43% of cloud databases are currently unencrypted, and only 60% of cloud storage services have logging enabled.

The full Unit 42 Cloud Threat Report offers insight on:

• Vulnerabilities in IaC templates and how to avoid them
• The latest trends in cryptomining and cybercrime operations
• What's on tap for the remainder of 2020 from a threat perspective

It's crucial to be aware of these vulnerabilities. Read the report, and you can start deploying best practices to enforce complete cloud security.

Whitepaper: Container Security 101

by Palo Alto Networks | Prisma CloudSep 16, 2020

It's easy to see why containers are popular for cloud native development--they're portable, efficient and scalable. However, the speed of container adoption has generally outpaced security teams' ability to protect containerized applications and data.

This e-book provides an overview of the fundamentals of container security. It breaks down what all organizations need to know to ensure their containers and container environments are protected against breaches, malware and malicious actors. Download to learn:

• What makes containers different from virtual machines
• How containers affect your approach to security
• Where to focus when securing your container stack

Whitepaper: Leveraging DevSecOps to Secure Cloud-Native Applications

by Palo Alto Networks | Prisma CloudSep 16, 2020

Application architectures and infrastructure platforms are evolving, but traditional cybersecurity technologies aren't built to protect these new environments. With so much in flux, organizations simply can't rely on traditional approaches to protect their business-critical workloads. Additionally, DevOps is transitioning to a continuous integration and delivery (CI/CD) process, further impacting security models.

To explore the impact of these changes, ESG conducted a research survey covering cloud native security trends, how organizations are "shifting security left," and teh emergence of a DevSecOps model. Read the survey analysis to learn about:

• Current and future cloud-native security best practices
• Common challenges to watch out for when security apps
• Requirements to secure and deploy apps born in the cloud

Learn more about ESG's core takeaways and recommendations for moving your organization toward a DevSecOps model. You'll find out how to implement tools that automate security via CI/CD integration to protect your future.