Palo Alto Networks Inc. today introduced a new continuous integration and continuous delivery security module to provide integrated software delivery pipeline security as part of the code-to-cloud capabilities in its Prisma Cloud cloud-native application protection platform.

CI/CD Security by Prisma Cloud offers graph-based CI/CD security that has been designed to provide better visibility in engineering ecosystems. The service offers protection from the Open Worldwide Application Security Project Top 10 CI/CD risks, pipeline posture management and attack path analysis via the Cloud Application Graph.

Palo Alto argues that as developers commit code to source control, a confusing array of various types of code scanners used to detect misconfigurations and vulnerabilities leaves AppSec teams with a fragmented view of risk. It’s also claimed that most organizations lack visibility into those contributing to trusted artifact registries, which technologies and frameworks are in use and how to export a software bill of materials of said ecosystem.

The new Prisma Cloud Application Security dashboard unifies visibility across the engineering ecosystem. The dashboard also normalizes signals across code scanners to provide a centralized view of risk and a trending view to help monitor security performance across development teams.

The service allows AppSec teams to gain visibility across code repositories, contributors, technologies used and pipelines connected from a single pane, along with specific code risks. The service helps AppSec understand which repositories and pipelines are connected to production, allowing teams to prioritize risk with full infrastructure context.

CI/CD Security is the 11th module integrated into Palo Alto Networks’ cloud security platform. With the integration, Palo Alto claims that the Prisma Cloud is the most comprehensive cloud-native application protection platform, known as CNAPP, to protect the entire application lifecycle from code through deployment to runtime.

The new module also integrates technology from Cider Security Ltd., which Palo Alto acquired for approximately $195 million in November. The technology includes capabilities that help organizations “shift security left” to prevent threats and vulnerabilities before applications are deployed into production environments.

“The only way to prevent insecure code from reaching production is to scan every code artifact and dependency and ensure the delivery pipeline is effectively protected,” Daniel Krivelevich, chief technology officer of Application Security for Prisma Cloud and former co-founder of Cider Security, said ahead of the release. “Integrating Cider’s technology with Prisma Cloud strengthens the platform’s ability to help secure organizations’ entire engineering ecosystem, ensuring only what is intended is pushed to production.”

Image: Palo Alto Networks