As organizations shift more resources to the cloud, some https://thenewstack.io/category/security/ risks increase: misconfigurations and cloud supply chain insecurity. Breaches caused by infected IT management software from https://thenewstack.io/solarwinds-hack-reveals-3-overlooked-steps-to-securing-a-software-supply-chain/ and https://thenewstack.io/kaseya-sera-whatever-will-be-will-be/ are among the most notorious recent examples of supply chain insecurity. But it’s the chain of code used to build cloud infrastructure that’s increasingly at risk, driving the move to shift security left.
TestifySec, for example, is putting together a services offering for helping organizations implement software supply chain security.
For its part, Palo Alto Networks has just launched Prisma Cloud 3.0, a cloud native application protection platform, which includes many new capabilities including Cloud Code Security.