If a single exposed secret is left undetected, threat actors can easily take advantage and harm the entire application.
Through the Prisma Cloud Secrets Security module, Palo Alto Networks Inc. addresses this challenge by seamlessly identifying secrets that have been laid bare across the entire application lifecycle for safety measures, according to Ankur Shah (pictured), senior vice president and general manager of cloud security at Palo Alto Networks.
“The API keys or secrets are stored in code repo,” Shah stated. “Usually, you’re not supposed to store all your secrets, etc., in code repo to begin with. But if you do, you use a key wall flag technology to really encrypt it and store it in a secret manner. So we are now giving customers the visibility into where the secrets are stored.”
Shah spoke with theCUBE industry analysts Lisa Martin and Dave Vellante at Ignite ’22, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how Prisma Cloud Secrets Security shows exposed critical information in an application lifecycle for mitigation purposes. (* Disclosure below.)
Laying emphasis on risk prioritization
Risk prioritization is at the heart of Palo Alto Networks because it propels cloud security. Therefore, Prisma Cloud not only generates alerts, but also contextualizes them, according to Shah.
“What Prisma Cloud does is contextualize what the real risk is,” he noted. “They can tell you like, ‘Hey, here’s the kill chain; if this thing, you know, goes to public internet, these are the potential exposures that you have.’ We tell you, like , ‘Hey, this code repo is not protected by multifactor authentication.’ And then there’s a secret insight.”
Since bad user behavior trumps good security, Prisma Cloud can assist in safeguarding the code repository. Therefore, as a cloud-native application protection platform, or CNAPP, Prisma Cloud prompts cloud code security, workload protection and cloud security posture management.
“The classic example, this happened three weeks ago, where Dropbox, one of the file-sharing companies, 120-plus code repos were exposed,” he stated. “And the way their attacks started was a simple social engineering attack, bad user behavior. There was an email, your passwords are updated for, you know, this code plugin, can you enter the password? And boom; now you have access to the code repo.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of Ignite ’22:
(* Disclosure: TheCUBE is a paid media partner for Ignite ’22. Neither Palo Alto Networks Inc., the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)