The stack of new capabilities featured in the release includes AppDNA, Infinity Graph, code-to-cloud vulnerability management, code-to-cloud remediation, shadow cloud discovery, and code-to-cloud dashboard.
While AppDNA and Infinity Graph focus on each application’s business context and their interdependencies to understand and map all the possible attack paths, code to cloud helps trace a problem back to the code and fix it there with easy navigation through the code to cloud dashboard.
“This code to cloud approach helps security work better and support development with the right security tools, processes, and policies to mitigate risk, and then they can also respond faster when security issues are detected,” said Melinda Marks, senior analyst at ESG. “It is nice to see these new capabilities, partly resulting from the Cider acquisition, to better incorporate security into the development processes.”
Cider, an AppSec and Software supply chain security vendor, was acquired by Palo Alto Networks in December 2022.
Existing solutions are siloed and cumbersome
Rapid cloud adoption overwhelms security teams as they struggle to cope with the increased number of applications and cloud security tools. The scattered defense, according to Shah, leads to difficulties in managing and remediating problems.
“Current approaches for code to cloud security are siloed, with the average organization relying on six to ten tools for securing cloud infrastructure alone,” Shah. “Disparate tools lead to an incomplete security posture and create a massive operational burden for security teams.”