Can Palo Alto Networks Assist MSSPs With Cloud Supply Chain Security?
Indeed, the company’s latest Prisma Cloud Supply Chain Security solution is designed to “help organizations identify and address software supply chain vulnerabilities and misconfigurations.” In particular, the software helps organizations identify vulnerabilities and misconfigurations in code, including open-source packages, infrastructure-as-code files and delivery pipelines, the company indicated.
But alas, Palo Alto Networks did not say whether the platform is multi-tenant for MSPs and MSSPs.
CIEM and CSPM Security Needs, MSSP Partner Opportunities
In some ways, it sounds like Palo Alto Networks is positioning to compete more aggressively in the cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM). Among the reasons: 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.
With those risks in mind, annual CSPM spending will reach $9 billion by 2026, up from $4 billion in 2020, according to Markets and Markets. That’s a 14.4 percent compound annual growth rate.
On a related note, 41 percent of our Top 250 MSSP survey participants already offer CSPM to their end customers, MSSP Alert research found in September 2021.
What Does Prisma Cloud Supply Chain Security Offer?
According to Palo Alto Networks, the Prisma Cloud Supply Chain Security software supports:
- Auto-Discovery: Extracts and models code assets using Cloud Code Security scanners.
- Graph Visualization: Offers an inventory of application and infrastructure asset dependencies to help organizations see potential weaknesses across their attack surfaces.
- Supply Chain Code Fix: Remediates vulnerable dependencies or misconfigured IaC resources.
- Code Repository Scanning: Identifies and fixes vulnerabilities in open-source packages in application code.
- Branch Protection Rules: Extends policy-as-code to protect against code-tampering attacks.
Organizations can use these features to establish and maintain a zero trust architecture across their supply chain operations, Palo Alto Networks added.
Palo Alto Networks Updates Prisma SASE for MSPs, Announces XSIAM
Palo Alto Networks has remained busy on the R&D front. Additional recent moves include:
- February 2022: The company unveiled a hierarchical multi-tenant cloud management portal, open API framework and other upgrades for its Prisma SASE solution for MSPs.
- February 2022: Introduced Cortex Extended Security Intelligence & Automation Management (XSIAM), an artificial intelligence-based platform that could disrupt the traditional SIEM (Security Information and Event Management) market.
Moreover, Palo Alto Networks continues to explore and expand partnership opportunities. More than 300 partners (including several Top 250 MSSPs) offer Palo Alto Networks security solutions via the company’s NextWave Service Program.
Additional insights from Joe Panettieri.