Press release
Prisma Cloud Delivers Context-Aware Software Composition Analysis to Secure Deployment of Open Source Software
New SCA module offers proactive vulnerability remediation based on runtime context to achieve seamless code-to-cloud security SANTA CLARA, Calif., Sept. 20,
About this update from Palo Alto Networks, Inc.
[{"type":"text","content":"New SCA module offers proactive vulnerability remediation based on runtime context to achieve seamless code-to-cloud security \nSANTA CLARA, Calif., Sept. 20, 2022 /PRNewswire/ -- Open source software is a critical component of cloud-native applications, allowing developers greater speed and modularity without having to reinvent the wheel each time they code. However, as the Unit 42 Cloud Threat Report, 2H 2021 found, open source software can often contain known vulnerabilities, which can open organizations up to significant risk. Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today introduced the industry's first context-aware software composition analysis (SCA) solution to help developers safely use open source software components. The integration of SCA into Prisma® Cloud further demonstrates why Palo Alto Networks is the leading provider of cloud-native security.\n\nTraditional SCA solutions are standalone products that can produce a large number of alerts but lack the runtime context to help fix vulnerabilities. With the addition of SCA to the Prisma Cloud platform, developers and security teams can proactively surface and prioritize known vulnerabilities that impact the application lifecycle (i.e., code, build, deploy and run). Prisma Cloud SCA delivers deep dependency detection and remediation of vulnerabilities in open source software before applications reach production. It can also help developers prioritize remediation based on software components that are already in use. These capabilities are not possible when SCA solutions are deployed as single point products.\n\"Developers leveraging open source software should be able to build applications with the confidence they aren't opening the organization up to risk,\" said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. \"With the average application consisting of 75% open source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build with speed.\"\nAs a complete cloud-native application protection platform (CNAPP), Prisma Cloud is context-aware at every stage of the application lifecycle to provide a unified view of risk across organizations' cloud environments. Where current approaches to cloud security rely on siloed products that provide intermittent visibili...