Features Introduced in May 2023
Learn about the new Code Security capabilities on Prisma™ Cloud Enterprise Edition (SaaS) in May 2023.
The following new features or enhancements are available for Prisma Cloud Code Security. These capabilities help agile teams add security checks to their development process and enforce security throughout the build lifecycle.
New Features
FEATURE | DESCRIPTION |
Code Security Dashboard | Code Security dashboard ( Dashboard > Code Security ) enables you to analyze error trends across code integrations on Prisma Cloud. While emphasizing the critical and high severity code issues, the dashboard also gives you an understanding of the potentially vulnerable vectors in repositories, policy errors including secrets, non-compliant package licenses, vulnerabilities and IaC misconfigurations. See the historical trend for Code Issues and Pull Requests to make informed decisions to prevent the recurrence of the trend.
The vectors for repositories, policy errors, non-compliant package licenses, CVEs and IaC misconfigurations ensure you see the latest real time data after scans.
The error counts direct you to Code Security > Projects where you get more context and can take remediation action for the errors, as necessary. |
Additional Read permissions for GitHub integration | The GitHub app is being updated to improve security coverage and visibility of your Git and CI/CD security posture. If you have set up the GitHub integration on Prisma Cloud Code Security, you will be prompted to grant additional Read permissions to the application on GitHub. Approving these permissions will enable you to use the enhanced capabilities that security teams can use to monitor and optimize their Git and CI/CD Security posture across the organization, when it becomes available. |
Changes in Existing Behavior
FEATURE | DESCRIPTION |
Support for Multiple IaC Frameworks on Visual Editor | Visual Editor is being enhanced to support multiple IaC frameworks when creating custom build policies. This support enables you to differentiate between Terraform and CloudFormation framework policies and is creating support for Kubernetes framework policies. |
Projects View | The Projects non-enhanced view is being replaced with the enhanced view where you can continue monitoring your code errors and vulnerabilities. |
