Prisma Cloud Achieves Red Hat Vulnerability Scanner Certification

Sep 08, 2021
5 minutes
... views

Prisma Cloud by Palo Alto Networks, a Red Hat® Advanced Partner, is excited to announce that our Red Hat-certified vulnerability scanner is now available in the Red Hat Ecosystem Catalog. With this Red Hat certification, Prisma Cloud customers can be assured that security and vulnerability data is more accurate and consistent with Red Hat standards.

Red Hat Certified Technology Vulnerability Scanner Certification
Red Hat Certified Technology Vulnerability Scanner Certification

“Scanning cloud applications for vulnerabilities is easy to achieve with Prisma Cloud together with Red Hat,” said Hari Srinivasan, Palo Alto Networks Senior Director of Product Management. “Prisma Cloud is built to protect Red Hat environments and has been tested to Red Hat exacting standards. It is a ready-to-deploy vulnerability scanning and cloud security solution with comprehensive interoperability, compatibility, and secure scalability for Red Hat environments.”

“At Red Hat, we believe that container security is Linux security, and we are continuously evolving to set new standards for security to better support our partners and customers,” said Lars Herrmann, vice president, Partner Ecosystems, Product & Technologies, Red Hat. “With the Red Hat Vulnerability Scanner Certification, we are helping partners like Palo Alto Networks harness Red Hat security-related data to deliver more reliable and consistent container vulnerability reporting to customers.”

Consistency in Vulnerability Assessment and Rapid Mitigation for Accelerated DevOps

In order to help ensure container content can be trusted, scanning to detect vulnerabilities and performing risk mitigation is a way to proactively safeguard your web applications and accelerate time to market with simplified compliance, reporting, and full lifecycle operations. This Prisma Cloud collaboration with Red Hat enables more accurate and reliable container vulnerability scanning and a single source of truth for security vulnerabilities in Red Hat-published images and packages, including Red Hat Universal Base Images (UBI).

Already, our Ansible-based Prisma Cloud Operator simplifies installation by automating Compute Console and agent deployments on RedHat OpenShift and Kubernetes clusters to accelerate protection of complex workloads.

Now, with Prisma Cloud, your team can also minimize false positives and benefit from security-scanning best practices enhanced with rich remediation data and ML-powered insights gleaned from across the entire development lifecycle. And further, as a member of the Security Scanning Exchange special interest group led by the Red Hat Product Security team, Prisma Cloud adds additional value by regularly reviewing our scanning efficacy in support of customer technical goals.

With Prisma Cloud container protection, you can deploy web applications and containers at scale with greater confidence, innovate while managing risk, and benefit from modern cloud operations that will help transform your business.

Gain Full Lifecycle Protection Across Red Hat Environments

Cloud teams certainly know that building security into applications and containers earlier in the lifecycle (“shifting left”) is critical for cloud native deployments. And that’s why Prisma Cloud delivers comprehensive cloud-native security capabilities across the full lifecycle for Red Hat OpenShift environments and further includes ingestion of Red Hat-specific vulnerability data to achieve layer-aware vulnerability analysis with high accuracy.

With alerting and enforcement policies covering the entire CI/CD process, teams can more easily monitor for Docker, Kubernetes, and Linux compliance against Center for Internet Security (CIS) Benchmarks and other compliance standards, including custom requirements.

We support the Open Policy Agent (OPA) engine and open container standards like runC and containerd that work with Docker, cri-o, and cri-containerd, with additional support for custom-developed and tested seccomp (secure computing mode) policies for common OpenShift workloads. Teams can further expand their security with centralized Prisma Cloud access control monitoring for OpenShift clusters, Docker, and Kubernetes with detection for real-time threats mapped to the MITRE ATT&CK matrix.

Prisma Cloud also protects OpenShift environments at scale with machine-learning runtime models for individual images in every pod to automatically detect and prevent threats. Our prebuilt coverage leverages aggregated threat intelligence from more than 30 sources (including our own Unit 42 threat labs) and Prisma Cloud ingests Red Hat CVE metadata directly from the Red Hat OVAL (Open Vulnerability and Assessment Language) feed to include Red Hat severity ratings for CVEs affecting Red Hat supported packages for comprehensive coverage across RHEL 7, RHEL 8, and Red Hat Enterprise Linux CoreOS (RHCOS).

Cloud native security for Red Hat environments with Prisma Cloud
Cloud native security for Red Hat environments with Prisma Cloud

Prisma Cloud Delivers Enhanced Container Security with Red Hat

Prisma Cloud is proud to be a Red Hat security partner for vulnerability assessment by delivering consistent security outcomes in support of Red Hat products and packages.

With Prisma Cloud you gain the benefit of a trusted and certified Red Hat container-scanning partner. Customers who protect their Red Hat infrastructure investment with Prisma Cloud can gain security confidence with enhanced accuracy and reliability in reporting vulnerability risk.

“Our message to customers is we are Red Hat-certified and available on the Red Hat Ecosystem Catalog,” announced Hari Srinivasan, “and our unwavering focus is on continued innovation and support for Red Hat across the full lifecycle to deliver the best comprehensive cloud-native security for all our customers.”

Be sure to visit our Red Hat page to find out more about how Prisma Cloud by Palo Alto Networks helps secure Red Hat and OpenShift containers.


Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.