Shift Left and Enable DevSecOps

During the build phase, Prisma^® Cloud enables developers to scan virtual machine images, container images, Pivotal Application Service (PAS) droplets, and serverless functions for vulnerabilities and unsecure configurations using native security plugins for integrated development environments (IDEs), source code management (SCM), and continuous integration/continuous development (CI/CD) that seamlessly integrate into existing tools.

Prisma Cloud also enables you to scan your infrastructure-as-code (IaC) templates to find unsecure configurations used with Terraform^®, CloudFormation, Kubernetes manifests, and similar technologies. Additionally, Prisma Cloud gives security teams the control to fail a build based on vulnerability or compliance issues, preventing unsecure software from progressing farther in the pipeline and instead forcing the developer to resolve the issues. As cloud native environments become more automated, it’s critical to ensure security teams can set and enforce quality gates in the pipeline.

Learn how Prisma Cloud takes a deeply integrated approach to embedding security across the entire development lifecycle and truly enables DevSecOps.