Learn about the new Code Security capabilities on Prisma™
Cloud Enterprise Edition (SaaS) in March 2022.
The following new features or enhancements are available
for Prisma Cloud Code Security. These capabilities help agile teams
add security checks to their existing IaC (Infrastructure-as-Code)
model and enforce security throughout the build lifecycle.
Feature
Description
IaC Tag and Trace
Use the tagging capability to
manage resource tags in the most cost and time-efficient manner,
and trace drift in configuration. Tracing helps you identify what
has changed and where, so that you can keep cloud configurations
synchronized with IaC templates.
Using Yor, an auto-tagging
tool, all runtime resources are scanned, and for every non-compliant
resource, Yor auto creates a PR (Pull Request) in the repository
for you to review.You can then manage a list of tag and tag rules
for your IaC infrastructure on
Code Security
Projects
Manage Tags
to
enable or disable auto-created tags from Yor ( yor_trace), manage
out-of-the-box tags, and custom tags, edit, clone, and delete custom
tags, or add a new tag and a tag rule.
Supply Chain Security
To help you assess and mitigate the risks
in your supply chain (
Code Security
Supply Chain
) provides a view
into how your Iac templates and application security are connected.
The dashboard maps all of
the components and processes of your software supply chain to help
you understand the threat surface, identify the risk chains, and
show you where you need to focus your security efforts.
The
new supply chain graph leverages a new data model that uses data
from the current scanner findings, to provide you with real-time
discovery of potential misconfigurations and where vulnerabilities
exist in both code and in resources that are deployed. The graph
helps you visualize the files, resources, and pipeline components
that make up your code and ultimately, your cloud environments.