Over the last year, I have met with a customer almost every day. COVID actually made it easier to schedule customer meetings and has allowed me to meet people from all over the world. Most of these organizations have advanced cloud transformation or development efforts in place. They represent both cloud native companies and more traditional companies who are now embracing the cloud. The practitioners and executives I talk to typically represent cloud security, DevOps or security engineering teams. I'm a relative newbie – my lack of expertise has forced me to be a good listener in these meetings (I wish I could say that more broadly) and take good notes about cloud security trends.
So I want to share my learnings from these customer conversations, which I am structuring into a "look back" and a "look ahead" section.
Look Back: 20 Features from 2020 That Resonated the Most
Throughout 2020, our development teams worked hard to deliver industry-first innovations and product refinements, much of it based on customer feedback. We launched nearly 600 new features and updates to help our customers protect their cloud environments, resources and workloads.
Below I have shared the top 20 features I've heard customers discuss in executive briefings and other meetings. But before I do that, let me first acknowledge that every feature our teams have launched, big and small, has had very strong customer adoption. My list has a bias towards those that have resonated in meetings, and is not a ranking of adoption.
Container Security
- Trusted Images to control image trust groups, with alerts and audits
- Kubernetes cluster awareness for policies, filtering, and runtime Radar views
- VMware Tanzu Application Service agent and enhanced Red Hat certified Prisma Cloud Operators
- 25+ compliance mappings supporting CRI-O runtime
- Open Policy Agent integration to leverage Rego syntax
- Five new compliance mappings, including MLPS 2.0, NIST 800-53 Rev 4, CIS AWS 1.3, CiS GCP 1.1, CIS GKE v.1.1.0.
- Git repo vulnerability management
Host & Serverless Security
- Enhanced protections for cloud VMs
- Auto-protection for serverless functions on AWS Lambda
Pricing Model
- PAYG pricing on AWS Marketplace: Prisma Cloud without annual commitments
Compliance, Visibility & Governance
- The Industry’s first high-fidelity threat intelligence for Cloud Security Posture Management
- Centralized dashboard for infrastructure-as-code security
- Expanded governance and visibility across cloud resources for a total of 120+ cloud services, 650+ policies, 300+ APIs
- Multiple small fixes and architectural changes across the platform for scalability, resilience and monitoring
New Cloud Security Capabilities
- Launch of Web App and API Security for Layer 7, OWASP Top 10
- Limited GA of Data Security for Amazon S3
- Beta launch of IAM Security to govern access permissions
- Beta launch of Identity-Based Microsegmentation
Geo Availability
- Regional hosting in Canada and Singapore, bringing the total cloud hosting locations to eight, giving our customers increased flexibility of meeting data residency regulations
- Support for Alibaba Cloud, AWS China and Azure China
Take a look at all of our accomplishments from 2020 in this infographic.
Look Ahead: 5 Common Themes on What’s Next
1. Customers Switch to Third Party Security Products as their Cloud Environments Scale
Cloud adoption predates the emergence of Prisma Cloud and other solutions in this market. Organizations that started cloud journeys five or more years ago had little choice in terms of mature third-party products to augment what CSPs provided.
Consequently, most large companies have either built internal tools or adopted single-purpose solutions that don’t scale. This has created gaps in their security coverage. Maintaining the patchwork of infrastructure becomes more burdensome as they scale. Expect more of these large organizations to adopt a mature solution like Prisma Cloud as a solution for this scaling problem and accelerate their cloud journey.
2. Threat Detection Becomes the New Baseline, Compliance No Longer Enough
Most organizations, including our customers, have started their cloud security journey by gaining visibility across their complex multi-cloud infrastructure and ensuring proper configuration. Customers are fast realizing that visibility is necessary, but not sufficient.
The next cloud security trend will be threat detection – continuously monitoring the entire software development lifecycle for new threats, from development through to runtime. Attackers are becoming more sophisticated, and organizations will be looking to stay ahead.
The key to success in this area will be tools that better enable continuous monitoring and increasingly automated remediation, informed by better intelligence streams.
3. Container Security Needs to Address the Full Application Lifecycle
Scanning container images and establishing trusted repositories is an industry-accepted best practice. As organizations become more adept at protecting their containerized development, and as attackers become more sophisticated, the focus is moving to protecting containers in runtime. Things like profiling workload behavior to detect anomalous behavior, or automating runtime policy management across process, network and file system sensors will be crucial.
4. Automation Continues to Drive DevOps Transformation
The highest performing organizations are moving at lightning speed – DevOps teams are deploying more frequently than ever. In order to maintain that pace, they're using new tools like IaC to automate parts of the process.
Security teams will need to "shift left" and integrate tools and practices earlier and more frequently in the development process. To do this at a pace that matches their DevOps counterparts, they need automation. Scanning IaC templates and integrating security checks into CI/CD tools through automation will become increasingly critical.
5. Customers Increasingly Opt for a Platform Approach
Enterprise organizations will need to monitor many areas of their infrastructure, both internally and externally. Small, centralized security teams are responsible for widely disparate environments. They'll be looking to monitor posture and detect threats; secure hosts, containers, and serverless architectures across the development lifecycle; control permissions and identities across workloads and clouds; and secure cloud networks while establishing trust boundaries.
In order to do all of this as efficiently as possible, and to keep all of that information in context, organizations will need comprehensive platforms that serve multiple use cases.
Get Ahead of Cloud Security Trends
Not everything in cloud is a passing trend. We will always be able to say for certain that if organizations are not thinking about a comprehensive, full-lifecycle approach to security, they will have gaps open to attacks on multiple fronts.
But now is the time to lay the foundation for strategies that will protect the future of your organization. One of the best ways to do it is to learn from others who are already successful. Learn what it takes to build out cloud security operations with our on-demand series, Building a Scalable Strategy for Cloud Security. These sessions explore ways to shift your organization’s mindset and approach, with best practices from those that have successfully navigated the challenges.