Features Introduced in March 2023
Learn about the new Code Security capabilities on Prisma™ Cloud Enterprise Edition (SaaS) in March 2023.
The following new features or enhancements are available for Prisma Cloud Code Security. These capabilities help agile teams add security checks to their existing IaC (Infrastructure-as-Code) model and enforce security throughout the build lifecycle.
New Features
FEATURE | DESCRIPTION |
Custom Prisma Cloud Permission group for Code Security capabilities | As a part of custom Prisma Cloud roles for Code Security, administrators can now define explicit permissions for Code Security workflows from Permission Group (Settings > Access Control > Add > Permission Group) . In addition to the existing System Admin permission you can define roles for:
![]() |
Enhancements to Audit Logs | In addition to the existing Audit Logs (Settings > Audit Logs) , you can now see a list of all actions initiated by Prisma Cloud administrators on Code Security. The actions on the Audit Logs help you identify any configuration changes and activities initiated on the repositories behalf of the administrator.
Here are the kind of actions you can track.
|
Secrets Scanning on Git History | In addition to the current scans run on your repositories, Prisma Cloud now scans Git history to find exposed secrets that are deleted from code. You can view the scan results in the resource block on Projects (Code Security > Projects) , Secrets code category view. On Resource Explorer, you can also see the commit history on when the secret was added or removed.![]() |
Policy Updates
POLICY UPDATES | DESCRIPTION |
AWS EBS volume region with encryption is disabled | Changes- The Build remediation instructions are being updated.Impact- No impact on Code Security findings. |
Basic Auth Credentials | Changes- The policy name is being updated.Current Policy Name- Basic Authentication CredentialsImpact- No impact on Code Security findings. |
Policy Deletions | |
AWS EC2 instance is not configured with VPC | Changes- This policy is deleted because resources are configured in VPC by default.Impact- Code Security findings for this policy will no longer be surfaced in scans. |
My SQL server enables public network access (duplication of CKV_AZURE_53) | Changes- This policy is a duplication of an existing policy, therefore will be deleted.Impact- Code Security findings for this policy will no longer be surfaced in scans. |
Most Popular
Recommended For You
Recommended Videos
Recommended videos not found.