• Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions
Flyy Tech
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
Flyy Tech
No Result
View All Result

Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security

flyytech by flyytech
September 26, 2022
Home Security
Share on FacebookShare on Twitter


Palo Alto Networks has added a new software composition analysis (SCA) solution to Prisma Cloud to help developers safely use open-source software components. The vendor has also introduced a software bill of materials (SBOM) for developers to maintain and reference a codebase inventory of application components used across cloud environments. The updates come as open-source software risks persist with attention steadily turning toward raising the security bar surrounding open-source components.

Vulnerabilities prevalent in open-source software

In a press release, Palo Alto noted that, while open-source software is a critical component of cloud-native applications that can allow developers greater speed and modularity, it often contains vulnerabilities which can open organizations up to significant risk. Indeed, the Unit 42 Cloud Threat Report 2H 2021 found that 63% of third-party code templates used in building cloud infrastructure contained insecure configurations, while 96% of third-party container applications deployed in cloud infrastructure contained known vulnerabilities.

Palo Alto’s new SCA solution has been designed to enable developers and security teams to proactively surface and prioritize known vulnerabilities throughout the application lifecycle (code, build, deploy and run). It also helps developers prioritize remediation based on software components that are in use, the vendor stated. With the new, in-built SCA capabilities, Prisma Cloud brings in context from each capability, providing a unified view across organizations’ cloud environments and delivering deep dependency vulnerability detection and remediation of open-source software before applications reach production, Palo Alto added.

Commenting on the release, IDC’s Program VP of Security and Trust Frank Dickson said that buyers looking for cloud-native security solutions need to keep the requirements of microservices security protection in mind. “The ‘bolted-on’ and ‘whack-a-mole’ approaches are a thing of the past. Security should be embedded throughout the application development life cycle,” he added. This means that buyers need to fundamentally change their approach to security and embrace solutions that embed security in the application development process, an approach referred to as shift left. “Shift left requires one to think less about security products and more about continuous security processes,” Dickson said.

Open-source software security high on the agenda in 2022

Palo Alto’s move to introduce open-source SCA to Prisma Cloud is reflective of a wider recent focus on improving the security of open-source software and development. This year has seen several notable initiatives launched by vendors, collectives and governments to improve the security of open-source resources. These include the OpenSSF/Linux Foundation’s Open Source Software Security Mobilization Plan, JFrog’s Project Pyrsia, GitGuardian’s ggcanary project, and Google’s open-source software vulnerability bug bounty program.

“In many ways the problem isn’t an open-source software or closed source software problem; it’s a software problem,” David A. Wheeler, director of open-source supply chain security at the Linux Foundation, tells CSO. “Most software developers don’t know how to develop secure software, and so often they don’t do it, no matter what kind of software it is. So, we’re now starting to play catch-up, industry wide.”

Many organizations are moving to multi-factor authentication (MFA), at least for some critical projects, to make it harder for attackers to take over open-source software developer accounts and release subverted software, he adds. “There’s been concern from some quarters because this imposes some changes on what open-source software developers must do, and rightfully developers are worried about excessive burdens. That said, I think these specific steps have been received positively, and we’ll need to keep working on not overburdening developers.”

Copyright © 2022 IDG Communications, Inc.



Source_link

flyytech

flyytech

Next Post
Gaudio Lab Earns CTA Approval for Its OTT Loudness Management Technology

Gaudio Lab Earns CTA Approval for Its OTT Loudness Management Technology

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

How To Get Your Head Around Your Kids’ Online Gaming Life

How To Get Your Head Around Your Kids’ Online Gaming Life

September 8, 2022
GeForce RTX 4090 Retails For Up To $1,999 at Newegg

GeForce RTX 4090 Retails For Up To $1,999 at Newegg

September 29, 2022

Trending.

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

October 23, 2022
Allen Parr’s false teaching examined. Why you should unfollow him.

Allen Parr’s false teaching examined. Why you should unfollow him.

September 24, 2022
Review: Zoom ZPC-1

Review: Zoom ZPC-1

January 28, 2023
Elden Ring best spells 1.08: Tier lists, sorceries, incantations, and locations

Elden Ring best spells 1.08: Tier lists, sorceries, incantations, and locations

January 14, 2023
CPU Benchmarks Hierarchy 2022: Processor Ranking Charts

CPU Benchmarks Hierarchy 2022: Processor Ranking Charts

September 11, 2022

Flyy Tech

Welcome to Flyy Tech The goal of Flyy Tech is to give you the absolute best news sources for any topic! Our topics are carefully curated and constantly updated as we know the web moves fast so we try to as well.

Follow Us

Categories

  • Apple
  • Applications
  • Audio
  • Camera
  • Computers
  • Cooking
  • Entertainment
  • Fitness
  • Gaming
  • Laptop
  • lifestyle
  • Literature
  • Microsoft
  • Music
  • Podcasts
  • Review
  • Security
  • Smartphone
  • Travel
  • Uncategorized
  • Vlogs

Site Links

  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions

Recent News

Office of the Director of National Intelligence highlights cyber threats in 2023 Intelligence Threat Assessment

APT group Winter Vivern exploits Zimbra webmail flaw to target government entities

March 31, 2023
Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

March 31, 2023

Copyright © 2022 Flyytech.com | All Rights Reserved.

No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs

Copyright © 2022 Flyytech.com | All Rights Reserved.

What Are Cookies
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT