Features Introduced in September 2022

Learn about the new Code Security capabilities on Prisma™ Cloud Enterprise Edition (SaaS) in September 2022.
The following new features or enhancements are available for Prisma Cloud Code Security. These capabilities help agile teams add security checks to their existing IaC (Infrastructure-as-Code) model and enforce security throughout the build lifecycle.

New Features

Software Composition Analysis (SCA)
Software Composition Analysis (SCA) enables you to continuously scan any open source packages defined in your source code. The scan enables you to find and fix vulnerabilities in code and identify license violations earlier in the development lifecycle so that you can address risks in a timely manner. The scan runs across all integrations of repositories, IDE and CI/CD pipelines to give you:
  • Contextual information on Bill of Materials or Software Bill of Materials (SBOM), an inventory list of all open source packages and third-party components your source code utilizes. (
    Code Security
    Development Pipelines
  • Visualization on direct and sub-dependencies between open source packages to help you identify vulnerabilities outside root dependency. (
    Code Security
    Supply Chain
  • Information to identify potential software license violations and manually fix or suppress the issue. (
    Code Security
  • A list of vulnerabilities identified on open source packages that you can either suppress or directly fix in code. (
    Code Security

Changes in Existing Behavior

Code Editor for Build Policies
With this release, you can
your YAML policy template when creating a rule for a custom policy in build-time checks (
Add Policy
Additionally, information such as
will not be displayed in the existing example of the YAML policy template on the console. However, this information will still be visible in your YAML code file. For example, in your

Recommended For You