Palo Alto Networks

Cloud Computing

Elevate Cloud Security with the Flexibility and Simplicity of Custom Dashboards

For security professionals inundated with alerts and metrics, the one-size-fits-all approach to data monitoring and threat assessment leaves much to be desired in terms of ease of use and efficiency. The data barrage, on the daily, has teams spinning their wheels, questioning which of the myriad signals warrants priority.

When time is at a premium and security incidents can threaten an organization, the crux of the issue comes down to the rigid structure of pre-built, o...

Cloud Computing

CNAPP

Code to Cloud

Dec 05, 2023

By Maddy Kim

Palo Alto Networks

Products and Services

Partners

Cloud Computing, CNAPP

Designing Prisma Cloud to See Beyond

Throughout the hundreds of hours I spent meeting with customers, sales teams, and internal users of Prisma Cloud, I was struck by the complexity of feedback I received. Soon into the process, a few key themes emerged. Each theme centered on the user experience of the pr...

Nov 21, 2023

By Larry St John

Cloud Computing, Cloud Infrastructure Entitlement Management

Abuse and Mitigation of Misconfigured SAS Tokens

An AI research team recently made a massive mistake when they published a bucket of open-source training data on GitHub that included terabytes of additional private data. This data contained a disk backup of e...

Nov 20, 2023

By Pradeep Biradar

Cloud Computing, Web Application & API Security

Demystifying API Security: A Review of the OWASP Top 10 Risks for 2023

Modern application architecture consists of many components that communicate via APIs, which makes APIs indispensable to streamlining business process...

Nov 01, 2023

By Roman Chikunov

Cloud Computing, CNAPP

Show Risk Burndown with the Code to Cloud Dashboard

The barrage of high-priority alerts keeps security teams focused on the frontlines. Meanwhile, at the strategic level, CISOs and board members require a comprehensive view of their organization's risk posture a...

Oct 31, 2023

By Kathleen Qin

Announcement, Cloud Computing, Event

Join Prisma Cloud at KubeCon North America in Chicago

Peek into the future of distributed development and what’s next in Kubernetes security at KubeCon North America, taking place at McCormick Place West in Chicago, IL, from Nov. 6–9. This is your chance to see Pr...

Oct 20, 2023

By Derek Rogerson

Cloud Computing, Code Security

High-Severity Vulnerabilities Discovered in WebM Project’s Libraries

Two high-heap overflow vulnerabilities were discovered in the libwebp and libvpx libraries. These vulnerabilities, which CISA identified as CVE-2023-4863 and CVE-2023-5217 in their...

Oct 05, 2023

By Sharon Ben Zeev, Tohar Zand and Artur Oleyarsh

Cloud Computing, Cloud Security

Securing Your Metadata from Cloud Heists with Prisma Cloud’s Attack Path Po...

Many businesses today rely on cloud computing, and AWS is a significant player in this space. Using AWS, though, can be tricky. If not set up correctl...

Sep 26, 2023

By Kabeer Saxena

Cloud Computing, DevSecOps

Using Your Pipelines To Harden Your Pipelines: The Importance of CI/CD Secu...

As the systems we use to deliver software to the cloud get more complex and reliant on third-party components, they also leave more opportunities for attacks. Just last year, softw...

Dec 01, 2022

By Idan Tendler

Cloud Computing, DevSecOps

AppSec and CloudSec 101: Blurring the Lines Between Cloud-Native App Layers

Not too long ago, IT security models were relatively straightforward. They were broken into layers — the infrastructure layer, the application layer, sometimes the network layer, a...

Sep 28, 2022

By Chris Tozzi

Cloud Computing, DevSecOps

A Primer on Secure DevOps: Learn the Benefits of These 3 DevSecOps Use Case...

DevSecOps has risen to buzzword status in the past few years, encompassing several shift-left security use cases. And while the word DevSecOps gets thrown around a lot, there are s...

Sep 22, 2022

By Julia Benson

Cloud Computing, DevSecOps

Four Steps To Get Started With a ‘Bottom-Up’ Cybersecurity Approach

Throughout 2021, thousands of cybersecurity incidents were recorded, many of them significant and some of them devastating. Information belonging to over 550 million Facebook users...

Sep 13, 2022

By Idan Tendler

Cloud Computing, DevSecOps

How To Adopt Infrastructure as Code With a Secure-by-Default Strategy

Since its inception, infrastructure as code (IaC) has transformed how application infrastructure is provisioned and configured. IaC allows you to easily manage, configure, update,...

Sep 08, 2022

By Julia Benson

Cloud Computing, DevSecOps

Addressing Security Throughout the Infrastructure DevOps Lifecycle

No, this isn’t another post about the Secure Development Lifecycle. This is a practical post on why and how to address cloud security at each step of the infrastructure development...

Aug 30, 2022

By Barak Schoster

Cloud Computing, DevSecOps

5 Tips for Securely Adopting Infrastructure as Code

Infrastructure as code (IaC) allows us to design, build, deploy and manage cloud infrastructure in code, rather than clicking through a cloud provider’s UI or having a long list of CLI commands. IaC—especially...

Aug 23, 2022

By Taylor Smith

Cloud Computing, DevSecOps

Scaling in the Cloud? IaC and DevSecOps Are Here to Help

The cloud presents a ton of opportunities for flexibility, performance and scale.With scale, however, comes a whole new type of challenge.

Aug 09, 2022

By Julia Benson

Cloud Computing, Cloud Native Application Protection Platform, Cloud Workload Protection Platform

Zero Trust for Applications: Securing Content within Transactions

Over the past few years organizations have been adopting cloud computing technologies. With that comes shifting legacy a...

Mar 15, 2022

By Mohit Bhasin

Cloud Computing, DevSecOps, Events

Build Security Expertise from Code to Cloud at our Upcoming Global Practiti...

In the past (nearly) three years since Palo Alto Networks announced Prisma Cloud, we have constantly pushed the envelope when it comes to securing the...

Mar 10, 2022

By Payton O’Neal

Cloud Computing, Cloud Network Security

Zero Trust for Applications: Verifying Access Between Workloads

Zero Trust is a cybersecurity concept that companies are applying to users, applications, and infrastructure. Today, organizations adopt Zero Trust pr...

Mar 01, 2022

By Jason Williams

Cloud Computing, DevSecOps, Secure the Cloud

How Does DevSecOps Fit Into Your Digital Transformation?

"Going digital" is a huge challenge in the best of times, but thanks to increasingly competitive markets, more technically savvy customers, and a few... black swan events sprinkled around, it can feel more comp...

Dec 08, 2021

By Zachary Flower

Cloud Computing, DevSecOps

Implementing NSA/CISA Kubernetes Hardening Guidance

On August 3, 2021 the National Security Agency (NSA) and the Cybersecurity and Infrastructure Agency (CISA) released the Kubernetes Hardening Guidance Cybersecurity Technical Report. The document, which is inte...

Oct 06, 2021

By Paul Fox

Load more blogs