in

Palo Alto Networks announces new Prisma Cloud features

Palo Alto Networks unveiled new security features for its Prisma Cloud product that will give developers and DevOps teams access to container image sandboxing. 

The tool will also now run a third-party container image in an isolated environment, leveraging machine learning to perform an inspection of processes, file systems and networking activity pre-deployment.  

“Today’s announcement delivers a leap in what’s possible for container security, taking our incredible machine learning and applying it to third party, or any, image, regardless of its provenance — enabling customers to run these in a pre-deployment sandbox,” Palo Alto Networks said in a statement. 

“Automatically, Prisma Cloud analyzes the actual runtime for dynamic threats, learning all the processes that will be run, the network activity for the image, and all filesystem access to build an in-depth model of what the image will do.”

The update includes protection for virtual machines on Azure and Google Cloud as well as Windows support, service mesh support and improved API telemetry.

In April, the company announced Auto-Detection and Auto-Protection capabilities for standalone VMs running in AWS. That now will be extended to Azure and Google Cloud as well. The company said the tool “reduces the efforts required by DevOps and security teams to manually configure, deploy, and update host security agents.”


Palo Alto Networks

The new Web Application and API Security (WAAS) features have been extended to protect Windows hosts, including Windows Server 2019 LTSC. WAAS also “automatically supports installing on service meshes such as Istio or Linkerd.” 

Palo Alto Networks also announced that it is now a Red Hat Certified Technology Vulnerability Scanner, which they said “verifies our extensive capabilities and strengthens our interoperability with Red Hat.”

The announcement included app-embedded defender forensics, which provides protection for new workload types like AWS Fargate, Azure Container Instances, Google Cloud Run and Google Kubernetes Engine Auto-Pilot. Palo Alto Networks unveiled a slate of other improvements. 

“Now, Host Security capabilities are expanded to cover custom VPCs and even encrypted AMIs. The latest release includes Serverless Auto-Protect v2 and support for Ruby 2.5 and 2.7 in Serverless Defender. Defender, our unified agent, now supports the latest release -2 giving effectively a year of support for each release!” the company explained.

“Our deep product integration continues to shine with unified notifications on the SaaS platform and single logic cloud onboarding.”


Source: Information Technologies - zdnet.com

Operation Chimaera: TeamTNT hacking group strikes thousands of victims worldwide

Ransomware: Take these three steps to protect yourself from attacks and make it easier to recover