In the last decade, organizations have begun building and deploying cloud applications at an unprecedented pace, and there’s no sign of slowing down. According to Gartner, 65% of application workloads will be optimized or ready for cloud delivery by 2027 — up from 45% in 2022.
Palo Alto Networks reimagined how enterprises approach cloud security with the industry’s first integrated Code to Cloud intelligence introduced as part of the Prisma Cloud Darwin release. Today marks a “Darwin moment” for cloud security as Prisma Cloud pushes organizations to evolve beyond single point solutions and adopt a holistic approach that provides a single source of truth. With code-to-cloud intelligence, security and engineering teams can quickly prioritize top security risks and address issues in code within minutes rather than days.
While the cloud offers exceptional agility and efficiency, it introduces major security risks that have become increasingly widespread — 80% of security exposures are found in cloud environments, according to the company’s Unit 42® Threat Intelligence team, which can result in large-scale breaches. These rising cloud attacks and the velocity of cloud application development are outpacing the speed at which security teams can protect their organizations.
Current approaches for code-to-cloud security are siloed, with the average organization relying on six to ten tools for securing cloud infrastructure alone. Having disparate security tools leads to an incomplete security posture and creates a massive operational burden for security teams.
With its new Code to Cloud intelligence, Prisma Cloud — the industry’s most complete cloud-native application protection platform (CNAPP) — offers a single trusted place that connects insights from the developer environment through application runtime for security teams to contextualize alerts and pinpoint remediations. This intelligence effectively prevents risk and stops breaches while enhancing the end-user experience and improving developer and security team collaboration.
Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks, said: “The only way to secure applications from code to cloud is by fending off risk from entering the development pipeline and preventing breaches of applications in production. This can only be achieved through an intelligent CNAPP platform like Prisma Cloud that gathers intelligence throughout the application lifecycle so security teams can precisely trace vulnerabilities and misconfigurations back to their origin in the source code. Prisma Cloud’s Darwin release simplifies cloud security and improves productivity and collaboration across code, infrastructure, and runtime security.”
In many organizations, the ratio of developers to security professionals can be 100 to 1, resulting in understaffed teams. The current approach of working in silos does not guarantee comprehensive code to cloud security. This gap will widen as developers increasingly use AI to write and deploy code more quickly. Prisma Cloud, now with Code to Cloud intelligence, fosters collaboration between developers and security professionals by linking production security issues to specific remediation recommendations in code.
Steven Scheurmann, Regional Vice President for ASEAN, Palo Alto Networks, said: “Adapting to the evolving landscape of cloud security is increasingly intricate, especially in the public sector. According to our recent State of Cybersecurity ASEAN 2023 report, 38% of organisations in the public sector across ASEAN are experiencing increasing risks through cloud-based services. Overall, 54% of organisations in this sector have experienced an increase in disruptive cybersecurity incidents in the past year.
Prisma Cloud’s cutting-edge code-to-cloud intelligence empowers ASEAN enterprises by enhancing visibility and intelligence in the development cycle, ensuring the security of their cloud infrastructure amid the rapid growth of cloud applications.”
Melinda Marks, practice director, Enterprise Security Group, said: “Today’s reality is we face a cybersecurity skills shortage, especially in cloud security, while organizations are increasingly leveraging cloud services for faster application development to best serve customers and drive business results. At the same time, we have a rapidly evolving threat landscape increasingly targeting cloud workloads. So, it’s crucial to invest in an effective security solution that supports increased development productivity from code to cloud to enable security teams to optimize security risk mitigation and protect their applications to enable business growth.”
Amit Dhawan, CISO and DPO, of Quantiphi, said: “As Quantiphi’s multi-cloud environment grew, we needed a better and more unified solution to enhance security, visibility, assurance and compliance. This included proactive controls, risk prioritisation and cloud security automation,” Quantiphi CISO and DPO Amit Dhawan said. “Prisma Cloud provides real-time misconfiguration and security insights, and with clients in sectors like banking, healthcare and finance, Prisma Cloud has helped us meet strict compliance standards effortlessly. Quantiphi’s delivery assurance team functions as a quality control unit that typically requires evidence in case of issues. With Prisma Cloud, evidence retrieval is now an automated and proactive process.”