Features Introduced in August 2022
Learn about the new Code Security capabilities on Prisma™ Cloud Enterprise Edition (SaaS) in August 2022.
The following new features or enhancements are available for Prisma Cloud Code Security. These capabilities help agile teams add security checks to their existing IaC (Infrastructure-as-Code) model and enforce security throughout the build lifecycle.
Software Bill of Materials
Prisma Cloud can now generate a software bill of materials (SBOM), in both CycloneDX and CSV formats, that includes open source packages, container images, and infrastructure as code (IaC) resources that are passing and failing policy checks. In addition to including a full inventory of components, an SBOM also include vulnerabilities, misconfigurations, and known licenses for dependencies.
Multiple Token Support for Azure Repos
TheAzure repos integration (
) on the Prisma Cloud console now also supports multiple OAuth tokens. You can onboard multiple organizations from the same Azure Repos account (using a single user token), or enable multiple tokens to onboard multiple organizations associated with the same Azure Repos account or different accounts.
You can also reconfigure security scans for the existing user tokens by reselecting repositories, add more organizations using the similar authorization workflow, and revoke OAuth user tokens to delete a user token.
Resource Explorer Enhancements
Resource Explorer has four tabs to give you contextualized understanding of a resource from code to cloud. Accessible on
, each tab gives you specific resource metadata:
Currently, you can review History and Traceability details for IaC resources only, and Errors are currently available for packages only.
Drift Detection for CloudFormation
Prisma Cloud now automatically detects and remediates drift between CloudFormation and AWS runtime environments. This enhancement augments the ability to identify drift for resources deployed using Terraform on AWS.
From the Prisma Cloud console, you can also Fix Drift, apply the manual changes that were made to the cloud resource and apply them as code in a pull request back to the CloudFormation template.
Usability Enhancements for Customizing Build Policy
For the default Prisma Cloud Configuration policies of subtype Build, you can now clone the policy and modify the name or severity level.
Further, when you use the code editor to create a custom build policy, the metadata includes an auto-completion list with only the relevant options.
New Configuration Build Policies
The following new build policies are available on Prisma Cloud Code Security module:
Recommended For You
Recommended videos not found.