Shai-Hulud 2.0: How Cortex Detects and Blocks the Resurgent npm Worm
Shai-Hulud 2.0 exposes the fragility of software supply chains. Learn how the npm worm spreads through developer ecosystems and how Cortex detects and blocks it.
Cloud Security
Turning Kubernetes Last Access to Kubernetes Least Access Using KIEMPossibl...
Kubernetes identity security demands clarity. Learn how KIEMPossible uncovers entities, permissions and usage to help you reduce identity attack surfa...
Is Your Snowflake Data at Risk? Find and Protect Sensitive Data with DSPM
Cloud data security is critical. Learn how Snowflake users can mitigate risks with effective data security posture management (DSPM) and enhanced secu...
Explore the OWASP Top 10 for LLMs: A New Interactive Guide
AI security starts with the OWASP Top 10 for LLMs. Explore our interactive guide to uncover and mitigate the biggest risks across your AI pipelines.
All Paths Lead to Your Cloud: A Mapping of Initial Access Vectors to Your A...
Initial-access risks in AWS demand clarity. Uncover how service exposure and access-by-design flaws open cloud perimeters and learn how to secure them...
More Blogs
Displaying 1—16 of
468 results
Sort By:
Agentless Vs. Agent-Based Scanning in Kubernetes: A Deep Dive
Kubernetes security depends on smart scanning. Compare agentless and agent-based approaches to find the right balance between coverage and runtime def...
Regaining Control Over Identity and Access
Cloud permissions outpace control. Learn how CIEM restores visibility, enforces least privilege, and secures every identity in dynamic cloud environments.
Lessons Ted Lasso Can Teach You About CDR
Ted Lasso’s lessons inspire a smarter, faster, more collaborative approach to cloud detection and response. Learn to turn chaos into confidence.
AI-SPM Update: 3 New Capabilities for Model Activity, Agentic AI and Softwa...
AI-SPM's new features analyze model activity to spot unused assets, enhance security for agentic AI deployments, and shift-left with software package ...
Introducing Cortex Cloud 2.0: Smarter Cloud Security for an AI-Driven World
Cortex Cloud 2.0 delivers unified protection from code to cloud to SOC, turning complexity into clarity with AI-driven prevention and response.
How Cortex Cloud and Semgrep Are Redefining AI-Driven Application Security
Modern AppSec demands context. Cortex Cloud and Semgrep integrate to unify code, runtime, and infrastructure visibility, helping teams prioritize expl...
Beyond Shift Left: Why Application Security Needs Smart Context
Application security posture management (ASPM) turns scans into context, prioritizes risk, and embeds guidance in developer workflows to prevent produ...
API Security, Cloud Runtime Security, Cloud Workload Protection, CWPP, Web Application & API Security
The Expanding API Attack Surface
API security for cloud-native teams: discover every API, prioritize risk with context, and enable real-time protection without slowing developers.
How Auto-Remediation Shifts the Odds in Cloud Security
CNAPP autoremediation streamlines cloud security by cutting alert noise, enforcing guardrails, and driving faster, safer outcomes for teams.
Breakdown: Widespread npm Supply Chain Attack Puts Billions of Weekly Downl...
npm supply chain attack exposed billions of downloads to risk. Learn how malicious packages spread and how to prevent threats with Cortex Cloud.
Accelerate Secure Development by Automating Delivery of a Compliant Cloud I...
Cortex Cloud and HashiCorp Terraform integration secures cloud infrastructure by default, enabling fast, compliant provisioning and reduced risk.
Cloud Detection and Response, Cloud Runtime Security, Cloud Security, Cloud Workload Protection, CNAPP
Taking Cloud Security from Visibility to Prevention with eBPF
eBPF delivers real-time cloud security with deep visibility, stability, and speed—enabling Cortex to protect workloads w...
Why Self-Managed AI Models Are Blind Spots and What to Do About It
Understand the real AI security risks of running self-managed models, from hidden deployments to supply chain threats, and how to effectively monitor ...
Microsoft Entra Permissions Management to Retire: Why the Time for a Vendor...
Microsoft Entra Permissions Management retirement leaves multicloud identities exposed. Discover why a vendor-neutral CIEM is essential and how Cortex...
Beyond Integration Theater: Why Counting Connections Misses the Point in Cl...
Integrations: Go beyond the count. Our platform unifies data from all your sources with AI-driven analysis and automation to deliver measurable securi...
Use Microsoft Sensitivity Labels in Your Multicloud Security Strategy with ...
See Microsoft Purview Information Protection (MPIP) sensitivity labels for files across your cloud environment. Identify gaps and manage risk with Cor...
More Blogs
Displaying 1—16 of
439 results
Sort By:
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
Is 'Peace-Time' Security Any Match for the Modern Threat Landscape?
Modern cloud threats require real-time protection to stop attacks in progress, correlate threats across the application stack and enable rapid, automa...
Cortex Cloud Introduces the Third Wave of CNAPP Innovation
Prisma Cloud becomes Cortex Cloud: Our CNAPP story of innovation, defining and transforming cloud security for the duration of CNAPP’s five-year marke...
Cloud Runtime Security Without Tradeoffs
Cortex Cloud’s agentless scanning provides seamless visibility, while agent-based security delivers real-time monitoring and cloud runtime protection.
Cloud Workload Protection, Now Operating at Full Context
Cloud workload protection (CWP) gains new power with Cortex Cloud—unifying data, correlating context, and enabling CloudSec teams to respond with precision.
Understanding Template Injection Vulnerabilities
Template injection is a class of vulnerabilities that are commonly found in web applications and Prisma Cloud’s Web Application and API Security module can help.
Why Cloud Security Must Be Cloud-Agnostic
Can CSPs offer effective cloud security when using a competitor’s cloud infrastructure or is it wise to adopt cloud-agnostic security across your multicloud estate?
Unpinnable Actions: How Malicious Code Can Sneak into Your GitHub Actions W...
Action pinning doesn’t always offer security. Understand risks stemming from the GitHub Actions ecosystem and learn how to avoid compromise of CI/CD pipeline.
The Rise of AI-Powered IDEs: What the Windsurf Acquisition News Mean for Se...
Cortex Cloud helps security teams prepare for AI-powered IDEs in the wake of OpenAI’s Windsurf acquisition, securing code and risks across the lifecyc...
Prisma Cloud: The Industry’s Only FedRAMP High Authorized CNAPP
FedRAMP bestows the first CNAPP with FedRAMP High authorization, making Prisma Cloud the only CNAPP to hold FedRAMP High certification.
Announcing Checkov 2.0: Deepening Open Source IaC Security
Checkov 2.0 is a graph-based, open source IaC security tool for environments with complex dependencies across resources and modules.
Cortex Cloud Stands Alone to Secure Mission-Critical Workloads with FedRAMP...
Cortex Cloud earns FedRAMP High and Moderate, becoming the only CNAPP with both. Delivering real-time cloud security for mission-critical government w...
Forecasting the 2025 Cloudscape
Discover 2025 cloud security trends, predictions on AI-driven threats, market consolidation, data security in CNAPPs, and more from Prisma Cloud leaders.
GigaOm Names Prisma Cloud a Leader in Software Supply Chain Security
Secure your software supply chain with Prisma® Cloud, the top-ranked leader in GigaOm's Radar, offering end-to-end protection for cloud-native applications.
Container Escape: New Vulnerabilities Affecting Docker and RunC
Mitigate critical Leaky Vessels vulnerabilities in Docker and RunC with in-depth analysis on CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2...
Shadow Data Is Inevitable, But Security Risks Aren’t
Explore shadow data in multicloud environments and learn how data security posture management (DSPM) can help protect sensitive data while balancing security and agility.
Subscribe to Cloud Security Blogs!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.