Cloud Security, Channel partners, Content

Can Palo Alto Networks Assist MSSPs With Cloud Supply Chain Security?

Palo Alto Networks has spent recent months working even more closely with MSSP partners. So what's next? The answer may involve a partner push for supply chain security software.

Indeed, the company's latest Prisma Cloud Supply Chain Security solution is designed to "help organizations identify and address software supply chain vulnerabilities and misconfigurations." In particular, the software helps organizations identify vulnerabilities and misconfigurations in code, including open-source packages, infrastructure-as-code files and delivery pipelines, the company indicated.

But alas, Palo Alto Networks did not say whether the platform is multi-tenant for MSPs and MSSPs.

CIEM and CSPM Security Needs, MSSP Partner Opportunities

In some ways, it sounds like Palo Alto Networks is positioning to compete more aggressively in the cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM). Among the reasons: 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.

With those risks in mind, annual CSPM spending will reach $9 billion by 2026, up from $4 billion in 2020, according to Markets and Markets. That’s a 14.4 percent compound annual growth rate.

On a related note, 41 percent of our Top 250 MSSP survey participants already offer CSPM to their end customers, MSSP Alert research found in September 2021.

What Does Prisma Cloud Supply Chain Security Offer?

According to Palo Alto Networks, the Prisma Cloud Supply Chain Security software supports:

  • Auto-Discovery: Extracts and models code assets using Cloud Code Security scanners.
  • Graph Visualization: Offers an inventory of application and infrastructure asset dependencies to help organizations see potential weaknesses across their attack surfaces.
  • Supply Chain Code Fix: Remediates vulnerable dependencies or misconfigured IaC resources.
  • Code Repository Scanning: Identifies and fixes vulnerabilities in open-source packages in application code.
  • Branch Protection Rules: Extends policy-as-code to protect against code-tampering attacks.

Organizations can use these features to establish and maintain a zero trust architecture across their supply chain operations, Palo Alto Networks added.

Palo Alto Networks Updates Prisma SASE for MSPs, Announces XSIAM

Palo Alto Networks has remained busy on the R&D front. Additional recent moves include:

Moreover, Palo Alto Networks continues to explore and expand partnership opportunities. More than 300 partners (including several Top 250 MSSPs) offer Palo Alto Networks security solutions via the company's NextWave Service Program.

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.