How to Tighten Security Across Complex and Cloud Native Environments
DevOps teams are increasingly relying on automation, agile practices and other ways to deploy software updates and releases at faster cadences. At the same time, organizations typically deploy cloud native applications in multicloud environments, adding further complexity for developer and operations teams — while also posing new security-management challenges.
In this The New Stack Makers podcast, Varun Badhwar, senior vice president, product, Palo Alto Networks, puts today’s multicloud security challenges into perspective. He also describes how Prisma Cloud 2.0 offers a single and comprehensive security alternative for cloud native applications across different cloud platforms.
While noting an 84% increase in container adoption last year and how 94% of organizations rely on more than one cloud environment, Badhar said that adopting viable multicloud and multiplatform strategies are key challenges associated with securing cloud native applications. Badhar joined Palo Alto Networks following its acquisition of cloud security defense company RedLock over two years ago where he was founder and CEO.
“Developers are pushing code more rapidly than ever into production and DevOps teams are having to support pipelines for daily and weekly release cycles, thereby mandating that security be integrated into this process. Secondly, manual work is exhaustive at this scale, so automation is key,” Badhwar explained. “Thirdly, these new architectures that are hybrid in nature between containers, hosts and serverless functions — and the combination of past services that are popularly provided by the various cloud providers — are making this environment very complex and are creating a number of blind spots.”
Security needs to thus “be purpose-built for these diverse tech stacks,” said Badhwar.
“Our vision here at Palo Alto Networks for Prisma Cloud is very simple: We believe we have an opportunity to provide the most comprehensive platform across tech stacks, across various cloud platforms and across the different app components,” said Badhwar.
In this way, Prisma Cloud 2.0 addresses four key challenges organizations face for cloud native security management. These “four pillars” include cloud-security posture management, combining host container and serverless security in an integrated fashion across the lifecycle for cloud workload protection, cloud network security and cloud-infrastructure and entitlement management, described Badhwar.
Security thus needs to be purpose-built for diverse cloud native environments and address the full range of security demands, Badhwar said. “We also believe that just providing a comprehensive platform that addresses many different use cases is not enough” in reference to Prisma Cloud 2.0. “Each-and-every use case that we address and each-and-every feature we deliver to you must be best-in-class on its own merits. And lastly, and most importantly, these capabilities need to be available and integrated natively across the entire build, deploy and run application lifecycle.”
Palo Alto Network’s approach to security also reflects major changes that are occurring as organizations increasingly shift to cloud native environments.
“Just as cloud native itself has fundamentally changed how organizations can build and run applications, a cloud native security platform fundamentally redefines what effective cloud security looks like,” said Badhwar. “With Prisma Cloud 2.0, cloud infrastructure and security professionals can more confidently secure the innovations that drive user engagement.”