In the last decade, organisations have begun building and deploying cloud applications at an unprecedented pace, and there’s no sign of slowing down. According to Gartner, 65% of application workloads will be optimised or ready for cloud delivery by 2027 — up from 45% in 2022.
Palo Alto Networks said it has today reimagined how enterprises approach cloud security with the industry’s first integrated Code to Cloud intelligence introduced as part of the Prisma Cloud Darwin release. Today marks a “Darwin moment” for cloud security as Prisma Cloud pushes organisations to evolve beyond single point solutions and adopt a holistic approach that provides a single source of truth. With code-to-cloud intelligence, security and engineering teams can quickly prioritise top security risks and address issues in code within minutes rather than days.
While the cloud offers exceptional agility and efficiency, it introduces major security risks that have become increasingly widespread — 80% of security exposures are found in cloud environments, according to the company’s Unit 42 Threat Intelligence team, which can result in large-scale breaches. These rising cloud attacks and the velocity of cloud application development are outpacing the speed at which security teams can protect their organisations.
Current approaches for code-to-cloud security are siloed, with the average organisation relying on six to ten tools for securing cloud infrastructure alone. Having disparate security tools leads to an incomplete security posture and creates a massive operational burden for security teams.
With its new Code to Cloud intelligence, Prisma Cloud — the industry’s most complete cloud-native application protection platform (CNAPP) — offers a single trusted place that connects insights from the developer environment through application runtime for security teams to contextualise alerts and pinpoint remediations. This intelligence effectively prevents risk and stops breaches while enhancing the end-user experience and improving developer and security team collaboration.
Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks, said: “The only way to secure applications from code to cloud is by fending off risk from entering the development pipeline and preventing breaches of applications in production. This can only be achieved through an intelligent CNAPP platform like Prisma Cloud that gathers intelligence throughout the application lifecycle so security teams can precisely trace vulnerabilities and misconfigurations back to their origin in the source code. Prisma Cloud’s Darwin release simplifies cloud security and improves productivity and collaboration across code, infrastructure, and runtime security.”
In many organisations, the ratio of developers to security professionals can be 100 to 1, resulting in understaffed teams. The current approach of working in silos does not guarantee comprehensive code to cloud security. This gap will widen as developers increasingly use AI to write and deploy code more quickly. Prisma Cloud, now with Code to Cloud intelligence, fosters collaboration between developers and security professionals by linking production security issues to specific remediation recommendations in code.
Steve Manley, vice president ANZ, Palo Alto Networks, said: “Securing cloud applications is more complex than ever. With 89% of Australian businesses expanding their use of cloud by more than 30% in the past 12 months according to our 2023 State of Cloud-Native Security Report, security teams are struggling to keep pace. As a result, 93% of Australian organisations cannot detect, contain and resolve cyber threats within an hour. Prisma Cloud’s new code-to-cloud intelligence capabilities will give Australian organisations greater visibility and enhanced intelligence across the development lifecycle, enabling them to secure their cloud environment, even as the velocity of cloud application development increases.
Melinda Marks, practice director, Enterprise Security Group, said: “Today’s reality is we face a cybersecurity skills shortage, especially in cloud security, while organisations are increasingly leveraging cloud services for faster application development to best serve customers and drive business results. At the same time, we have a rapidly evolving threat landscape increasingly targeting cloud workloads. So, it’s crucial to invest in an effective security solution that supports increased development productivity from code to cloud to enable security teams to optimise security risk mitigation and protect their applications to enable business growth.”
Amit Dhawan, CISO and DPO, of Quantiphi, said: “As Quantiphi’s multi-cloud environment grew, we needed a better and more unified solution to enhance security, visibility, assurance and compliance. This included proactive controls, risk prioritisation and cloud security automation,” Quantiphi CISO and DPO Amit Dhawan said. “Prisma Cloud provides real-time misconfiguration and security insights, and with clients in sectors like banking, healthcare and finance, Prisma Cloud has helped us meet strict compliance standards effortlessly. Quantiphi’s delivery assurance team functions as a quality control unit that typically requires evidence in case of issues. With Prisma Cloud, evidence retrieval is now an automated and proactive process.”