Solutions Hub
Prisma Cloud

Complete security across the full lifecycle of cloud-native apps

Compatible with TAS, TKGI

Compatible with TAS
Can be consumed by apps on TAS

Compatible with TKG
Can run on or be consumed by apps on TKG

Compatible with TKGI
Can run on or be consumed by apps on TKGI

Enterprises using VMware Tanzu to build, manage, and run their cloud native apps leverage Prisma™ Cloud to provide security for their applications. Prisma™ Cloud is a comprehensive cloud native security platform with broad security and compliance coverage—for applications, data, and across the entire cloud-native technology stack.

Automated, Continuous Vulnerability Scanning for Tanzu

DevOps can easily deploy Prisma Cloud with VMwareTanzu to identify and block vulnerabilities in applications, container artifacts, and Blobstores—across the software development lifecycle.

Supports All Your Application Frameworks

Prisma Cloud’s vulnerability data secures your application frameworks like Java, Ruby, Python, and Node.js for both Windows and Linux container artifacts and images.

Runtime Security for TAS and TKGI

Once deployed, Prisma Cloud provides automatically created runtime defenses for applications running on TAS and TKGI with microservices-aware layer 3 and layer 7 firewalls.

Prisma Cloud Overview

Prisma Cloud is a cloud-native cybersecurity platform for modern applications. From precise, actionable vulnerability management to automatically deployed runtime protection and firewalls, Prisma Cloud protects applications across the development lifecycle and into production. Purpose-built for containers, serverless, and other leading technologies—Prisma Cloud gives developers the speed they want, and CISOs the controls they need.

More about Prisma Cloud


How It Works

Prisma Cloud supports any environment, including both Tanzu Application Service (TAS) and Tanzu Kubernetes Grid (TKGI). Prisma Cloud automatically scales up and down in concert with your environment and applications.

The solution consists of two components: Console and Defender.

Console serves both the user interface and API, which let you define policy, configure and control your deployment, and view the overall health, from a security perspective, of your cloud-native environment. Palo Alto Networks can run Console for you as a SaaS service, or you can run and operate it yourself.

Defenders are deployed to each node in your cluster. They collect security data and enforce policies. In TAS, Defenders are deployed to each Diego cell as a BOSH add-on. In TGKI, Defenders are deployed to each worker node as a DaemonSet.

With Defenders deployed, you get immediate visibility into the vulnerabilities and compliance issues for the apps and hosts in your clusters. Defenders automatically create allowlist models to protect apps at runtime. Configure Defenders to scan your blobstores and registries to validate that images meet your security bar before they run.

Read the documentation

Let’s talk.

Contact us about Prisma Cloud.

Thank you for your interest!

We will get back to you shortly.

Thank you for your interest!

We will get back to you shortly.