Shift Left and Enable DevSecOps
During the build phase, Prisma
® Cloud enables developers to scan virtual machine images, container
images, Pivotal Application Service (PAS) droplets, and serverless functions for vulnerabilities and
unsecure configurations using native security plugins for integrated development environments
(IDEs), source code management (SCM), and continuous integration/continuous development (CI/CD)
that seamlessly integrate into existing tools.
Prisma Cloud also enables you to scan your infrastructure-as-code (IaC) templates to find unsecure
configurations used with Terraform
®, CloudFormation, Kubernetes manifests, and similar technologies. Additionally, Prisma Cloud gives security teams the control to fail a build based on vulnerability or
compliance issues, preventing unsecure software from progressing farther in the pipeline and instead
forcing the developer to resolve the issues. As cloud native environments become more automated, it’s
critical to ensure security teams can set and enforce quality gates in the pipeline.
Learn how Prisma Cloud takes a deeply integrated approach to embedding security across the entire development lifecycle and truly enables DevSecOps.