Code to Cloud Security: July Prisma Cloud Updates Overview

Aug 07, 2024
4 minutes
... views

Welcome to the July 2024 product update release blog post! We’re excited to introduce a range of new features, updates and enhancements to improve your experience with Prisma Cloud. Our team has been hard at work and can’t wait to share what’s new with you, so let's dive in.

In the month of July, we added 11 new features and updated three features. We also updated the intelligence stream, policies, APIs and rules.

1. Enhanced CVE Runtime Vulnerability Detection

Mitigate vulnerabilities at their source and proactively prevent them from reaching runtime environments with Prisma Cloud’s enhanced CVE vulnerability detection. Leverage the Vulnerability Risk Factors filter on the Home > Application Security > Projects page to identify vulnerabilities based on Package in Runtime, Repository in Runtime, and Manifest in Runtime filters.

These filters allow you to zero in on the vulnerabilities at their source and prevent runtime access.

Vulnerability risk factors view
Figure 1: Vulnerability risk factors view

2. Identify Third-Party AI Libraries

Identify third-party AI Libraries with ease using Prisma Cloud’s enhanced software bill of material (SBOM) functionality. Navigate to Home > Application Security > Visibility > SBOM to detect artificial intelligence (AI) and machine learning (ML) functionally incorporated into your codebase through third-party libraries.

Use this information to build a comprehensive inventory of the machine learning packages to help you effectively mitigate risks and make informed security decisions.

Artificial intelligence filters within application security
Figure 2: Artificial intelligence filters within application security

3. Support for .NET Central Package Management

Prisma Cloud’s application security enhancements now offer support for additional package managers that help you manage common dependencies for multiple projects in a single location.

Additional support for NuGet’s Central Package Management lets you store your varied packaged projects in the Directory.Packages.props file. Learn more about this enhancement to our software composition analysis (SCA) capabilities.

4. Enhancements to the Vulnerabilities Dashboard

We’re excited to announce additional enhancements to the vulnerabilities dashboard.

Overview: Displays the number of Unique CVEs, total number of vulnerabilities, and vulnerabilities remediated.

Vulnerabilities Funnel: Displays the number of vulnerabilities, instead of unique CVEs and separates risks introduced by CVEs from the environmental ones.

Most Important Vulnerabilities: Displays the top vulnerabilities and provides a direct link of assets at risk.

New widgets in the vulnerability dashboard
Figure 3: New widgets in the vulnerability dashboard

You can also access the CVE Preview Card, which highlights the most important information about a CVE without the need to click on it and open the sidecar.

Preview of risk factors
Figure 4: Preview of risk factors

5. Multicloud Support for Last-Access Detection

Prisma Cloud’s IAM functionality now includes the ability to detect inactive cloud service accounts by querying the days passed since the last usage of the cloud service account. Available for AWS, Azure and GCP, this RQL clause allows you to determine the days passed since last access. Add the RQL clause below to find last login information for AWS roles, Azure service principals or GCP service accounts.

  • Grantedby.cloud.entity.lastlogin
    • Attribute Type: Number (Days since the last login/activity)
    • Values: - <, >, ⇐, >=, =, =!
Detect inactive cloud service accounts.
Figure 5: Detect inactive cloud service accounts.

Learn More

We hope you’re as excited about these updates as we are. Please let us know what you think about the new features and improvements and don’t hesitate to reach out with any suggestions or questions.

Meanwhile, if you haven’t tried Prisma Cloud, there’s no better time than the present. Sign up for a free 30-day Prisma Cloud trial today.

 


Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.