A Conversation With Sarit Tager from Prisma Cloud

➡ Prevent Risk At The Source with Cortex Cloud: https://www.paloaltonetworks.com/cortex/cloud/application-security In this sponsored conversation, I speak with Sarit Tager, VP of Product Management at Palo Alto Networks, about how Prisma Cloud and their new ASPM solution are transforming cloud and application security by unifying data and deeply integrating business context into AppSec workflows. We talk about: Unifying AppSec, Cloud, and SOC into One Data Lake How Palo Alto merged their products into a single system that consolidates runtime, code, identity, cloud, and SOC data, allowing for true context-aware risk prioritization and faster response times across the board. From Detection to Dynamic Prevention Why the future of application security isn’t just about discovering vulnerabilities, but enforcing smart, context-based guardrails during development, CI/CD, and build processes to prevent issues before they reach production. AI-Powered Insight and the Future of Secure DevOps How their system uses AI to analyze the full security posture, enrich findings, simulate attack paths, and recommend precise mitigations. The platform even helps guide security and engineering teams through better workflows, boosting velocity, and not blocking it. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at: https://danielmiessler.com/upgrade Follow on X: https://x.com/danielmiessler Follow on LinkedIn: https://www.linkedin.com/in/danielmiessler Chapters: 00:00 – Sarit’s Background and the Goal of Unifying Security Context 01:50 – Building a Single Data Lake for Cloud, SOC, and AppSec 04:28 – From Noise to Clarity: Fixing the Prioritization Problem in AppSec 06:47 – Using Business Context to Drive Risk-Based Decisions 10:18 – True App Ownership, Developer Velocity, and Aligning with Business Impact 13:12 – Continuous Discovery and Bringing External Signals Into One View 15:25 – Why App Grouping and Context-Rich Policies Increase Velocity 17:58 – How Attackers Are Already Building Their Own Unified Context (UEC) 20:45 – Prisma’s Control Points: IDE, PR, CI/CD, Image, Admission Control 21:56 – Bringing In Data From External Scanners and Enriching Coverage 24:23 – Ecosystem Signals, Query Language, and Intelligent Workflow Automation 25:05 – Closing Thoughts: Security and Developers Working Together

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.