Secure the Source

Prevent risks by securing infrastructure and applications by design. Prisma Cloud enables you to integrate security into developer tools and workflows so that you can keep pace with the agility and rapid release cycles.

Zero blind spots

Gain a better understanding of what tools and frameworks are in use, and which ones are linked to production environments

1. Connect Prisma Cloud to your VCS and CI/CD Systems
2. Assess your Code Repositories
3. Get to Know SDLC Technologies, Shadow IT, Unmanaged Assets
4. Assess third- party Technologies Used in the Engineering Ecosystem
5. Explore the Organization SBOM (Software Bill of Materials)

Risk prevention

Reduce new vulnerabilities and lower the time to remediate existing vulnerabilities by fixing and preventing issues in code

1. Subscribe to the Add-On Features
2. Onboard your Version Control System
3. Explore High-Priority IaC Risks
4. Explore High-Priority SCA Risks
5. Explore High-Priority Secrets Risks
6. Proactively Help Developers Secure Code
7. Customize your Policies
8. Detect and Remediate Drift

Secure pipeline

Find and fix misconfigurations in your VCS and CI/CD pipelines so that bad actors cannot inject code or steal credentials

1. Subscribe to CI/CD Security
2. Connect Prisma Cloud to your VCS and CI/CD Systems
3. Explore High-Priority CI/CD Security Risks
4. Investigate and Reduce the Attack Surface of the Engineering Ecosystem

Secure the Infrastructure

Visibility is about knowing what to protect and what to protect it against so that you can identify threats and prevent bad outcomes. Identifying threats, understanding the impact to your business and implementing security guardrails is essential to having a secure network.

Zero blind spots

• Gain visibility into your cloud estate
• Gain visibility into your shadow cloud assets
• What are your top risks
• Identify identity risks
• Discover public exposure and sensitive data
• Detect vulnerabilities
• Discover your API endpoints and risks

1. Discover — Onboard your Cloud Accounts
2. Assess — Use Policies and Alerts
3. Investigate — Analyze for Deeper Insight
4. Adopt —Increase Security Coverage

1. Subscribe to Cloud Discovery and Asset Management
2. View your Unmanaged Asset Inventory and Discovery and Exposure Management Dashboard.
3. Review unmanaged assets
4. Monitor the CDEM Dashboard daily

1. Prioritize risks to safeguard your most valuable assets in the public cloud

1. Subscribe to CIEM
2. Onboard your cloud accounts
3. Connect your IdP for enhanced visibility
4. Explore high-priority identity risks
5. Investigate top identity concerns
6. Customize your policies
7. Mitigate identity risks

1. Subscribe to Data Security
2. Provide additional permissions for scanning data stores
3. Set up integrations
4. Take action

1. Onboard your cloud accounts, repositories, and container image registries
2. Analyze your vulnerability landscape
3. Understand the code to cloud impact of the vulnerabilities
4. Take action
5. Investigate to learn more

1. Increase API visibility
2. Assess the level of risk in your discovered APIs
3. Investigate incidents and suspicious activity

Achieve regulatory compliance

1. View compliance standards and set your baseline
2. Generate compliance reports
3. Review policies and adjust compliance mappings
4. Customize compliance standards to enforce your business goals

Personalize security to close gaps

1. Choose your focus
2. Tune policies and alert thresholds for automated efficiency
3. Configure compliance standards to align with organizational requirements
4. Query and write custom policy
5. Tailor your dashboards and reports

Secure the Runtime

Prevent breaches across your workloads, web applications and APIs. Runtime protections cover against threats across your public cloud infrastructure, APIs, and data at runtime — while also protecting your applications across VMs, containers and Kubernetes, and serverless architectures.

Prevent API and web application attacks

Prioritize preventative measures to reduce exposure

1. Create WAAS rules
2. Enable WAAS protection for malicious activity
3. Review examples
   • Protect container-based web application against OWASP Top-10 Risks
   • Ensure traffic received by your container-based APIs adheres to the API specification