: Features Introduced in April 2023

Features Introduced in April 2023

Table of Contents

Features Introduced in April 2023

Learn about the new Code Security capabilities on Prisma™ Cloud Enterprise Edition (SaaS) in April 2023.
The following new features or enhancements are available for Prisma Cloud Code Security. These capabilities help agile teams add security checks to their existing IaC (Infrastructure-as-Code) model and enforce security throughout the build lifecycle.

New Features

Private Registries
To increase the accuracy of dependency trees and fix suggestions in SCA (Software Composition Analysis) based on your environment, you can now integrate your private registries from
Settings > Repositories > Add Repositories > Package Registries > Artifactory
. Integrating Private Registries helps you identify accurate dependency trees for packages within your repositories. On the console you can see a list of Private Registries integrations (
Settings > Repositories
). You can remediate vulnerabilities on
Code Security > Projects > Vulnerabilities
and also make informed decisions from
Code Security > Supply Chain
after viewing the dependency tree of a private registry.
Validate Secrets during a Secrets scan
When Prisma Cloud performs a secrets scan, it can now validate certain secrets against public APIs to see if the secret is still active. This allows you to prioritize notifications on secret exposure. Validation is off by default, but you can enable it
Settings > Code Security Configuration > Validate Secrets
. You can access information on validation of secrets on
Projects > Secrets
, using
Resource Explorer
where prioritization of a valid secret is either to
it or perform a
Manual Fix
. Alternatively you can run Checkov on your repositories to filter potentially exposed secrets.
Multiple Integrations support from a single Prisma Cloud account on Terraform Cloud and Enterprise Run Task
Prisma Cloud now supports multiple integrations for Terraform Cloud Run Task and Terraform Enterprise Run Task organization from a single Prisma Cloud account.

Policy Updates

High and Medium severity Secrets Policies
- The default severity for a few Secrets Policies in Configuration Build Policies now includes High and Medium severity. With this change you can better prioritize secrets found in your code.
The following policies are High severity:
  • AWS Access Keys
  • IBM Cloud IAM Key
  • Azure Storage Account Access Keys
  • Google Cloud Keys
  • DigitalOcean Token
  • Alibaba Cloud Keys
  • Python Package Index Key
The following policies are Medium severity:
  • Slack Token
  • Basic Auth Credentials
  • Private Key
  • Artifactory Credentials
  • Auth0 Token
  • Stripe Access Key
  • GitHub Token
  • CircleCI Personal Token
  • Cloudflare API Credentials
  • Bitbucket Token
  • Terraform Cloud API Token
- The severity of the alerts generated will match the assigned severity for the policy.

Changes in Existing Behavior

CycloneDX XML Output Format Update
There is an update to CycloneDX XML output format to match Python library updates where all XML tags are namespaced. This update helps with serialization and deserialization, and it may have a breaking impact with ingesting the SBOM documents.

Recommended For You