1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Release Notes
    5. Prisma Cloud Code Security Release Information
    6. Features Introduced in 2023—Code Security
    7. Features Introduced in April 2023

    Features Introduced in April 2023

    Learn about the new Code Security capabilities on Prisma™ Cloud Enterprise Edition (SaaS) in April 2023.
    The following new features or enhancements are available for Prisma Cloud Code Security. These capabilities help agile teams add security checks to their existing IaC (Infrastructure-as-Code) model and enforce security throughout the build lifecycle.

    New Features

    FEATURE
    DESCRIPTION
    Private Registries
    To increase the accuracy of dependency trees and fix suggestions in SCA (Software Composition Analysis) based on your environment, you can now integrate your private registries from
    Settings > Repositories > Add Repositories > Package Registries > Artifactory
    . Integrating Private Registries helps you identify accurate dependency trees for packages within your repositories. On the console you can see a list of Private Registries integrations (
    Settings > Repositories
    ). You can remediate vulnerabilities on
    Code Security > Projects > Vulnerabilities
     and also make informed decisions from
    Code Security > Supply Chain
     after viewing the dependency tree of a private registry.
    Validate Secrets during a Secrets scan
    When Prisma Cloud performs a secrets scan, it can now validate certain secrets against public APIs to see if the secret is still active. This allows you to prioritize notifications on secret exposure. Validation is off by default, but you can enable it
    Settings > Code Security Configuration > Validate Secrets
    . You can access information on validation of secrets on
    Projects > Secrets
    , using
    Resource Explorer
     where prioritization of a valid secret is either to
    Suppress
     it or perform a
    Manual Fix
    . Alternatively you can run Checkov on your repositories to filter potentially exposed secrets.
    Multiple Integrations support from a single Prisma Cloud account on Terraform Cloud and Enterprise Run Task
    Prisma Cloud now supports multiple integrations for Terraform Cloud Run Task and Terraform Enterprise Run Task organization from a single Prisma Cloud account.

    Policy Updates

    POLICY UPDATES
    DESCRIPTION
    High and Medium severity Secrets Policies
    Changes
     - The default severity for a few Secrets Policies in Configuration Build Policies now includes High and Medium severity. With this change you can better prioritize secrets found in your code.
    The following policies are High severity:
    • AWS Access Keys
    • IBM Cloud IAM Key
    • Azure Storage Account Access Keys
    • Google Cloud Keys
    • DigitalOcean Token
    • Alibaba Cloud Keys
    • Python Package Index Key
    The following policies are Medium severity:
    • Slack Token
    • Basic Auth Credentials
    • Private Key
    • Artifactory Credentials
    • Auth0 Token
    • Stripe Access Key
    • GitHub Token
    • CircleCI Personal Token
    • Cloudflare API Credentials
    • Bitbucket Token
    • Terraform Cloud API Token
    Impact
    - The severity of the alerts generated will match the assigned severity for the policy.

    Changes in Existing Behavior

    FEATURE
    DESCRIPTION
    CycloneDX XML Output Format Update
    There is an update to CycloneDX XML output format to match Python library updates where all XML tags are namespaced. This update helps with serialization and deserialization, and it may have a breaking impact with ingesting the SBOM documents.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo