Palo Alto Networks Inc. today introduced what it says is the industry’s first runtime context-aware software composition analysis system that helps developers identify open-source software components that are safe to use.
The SCA functions will be integrated with Prisma Cloud, the company’s cloud-native application protection platform.
Software supply chain attacks, in which bad actors exploit known security to infiltrate systems and spread malicious payloads, are a growing problem that affected 62% of organizations last year, according to a survey conducted by Anchore Inc. Most detection systems are standalone products that spot risks too late in the application development process and only look for vulnerabilities in direct dependencies, Palo Alto Networks said.
That can create backlogs of vulnerabilities that increase risk and drive up remediation costs. Prisma Cloud SCA enables developers and security teams to find known vulnerabilities during the application development lifecycle and set remediation priorities based on software components that are in use.
The enhanced suite covers the full range of cloud-native protection capabilities, including protection at every stage of the development lifecycle, real-time and contextual analysis of cloud environments, protection against zero-day attacks and support for a broad range of cloud service providers, development pipelines and integrated development environments.
Prisma Cloud is also being enhanced with software bill of materials capabilities to enable developers to maintain and reference a complete codebase inventory of every application component used across cloud environments, the company said.
Other new capabilities being added in this release include a dashboard for at-a-glance determination of highest priority risks and incidents across cloud assets to help prioritize remediation, unified misconfiguration and vulnerability data from across the platform for use in determining the contextual risk of cloud assets, and fine-grained and consistent management of least-privilege access to Prisma Cloud features for different user profiles.
