Container Security

Secure Kubernetes® and other container platforms on any public or private cloud, from build to run with Prisma Cloud.

Containers, Kubernetes and containers as a service (CaaS) have become mainstream ways to package and orchestrate services at scale. At the same time, container users need to ensure they have purpose-built security to address vulnerability management, compliance, runtime protection and network security requirements for their containerized applications.

Read Gartner’s report on cloud workload protection platforms.

Container security spanning the full application lifecycle

Prisma® Cloud scans container images and enforces policies as part of continuous integration and continuous delivery workflows, continuously monitors code in repositories and registries, and secures both managed and unmanaged runtime environments – combining risk prioritization with runtime protection at scale.
  • Support for public and private clouds
  • Single agent for managed and unmanaged environments
  • Full lifecycle security for repositories, images and containers
  • Vulnerability management
    Vulnerability management
  • Container compliance
    Container compliance
  • CI/CD security
    CI/CD security
  • Runtime defense
    Runtime defense
  • Access control
    Access control


Our approach to Container Security

Vulnerability management

Start with full visibility into all dependencies from containers during the build, deploy and run phases. Prisma Cloud aggregates and prioritizes vulnerabilities continuously in CI/CD pipelines and containers running on hosts or on containers as a service, in public and private clouds.

  • Prioritize remediation with guidance

    Establish risk prioritization across all known CVEs, remediation guidance and per-layer image analysis with vulnerability Top 10 lists.

  • Add guardrails with alerts and blocks for severity levels

    Control the alert and blocking severity level for individual and groups of services during build time and runtime.

  • Leverage unmatched accuracy

    Minimizing false positives with more than 30 upstream data sources. Prisma Cloud is focused on providing only accurate vulnerability information back to developers and security teams.

  • Surface vulnerability information throughout the lifecycle

    Integrate vulnerability management to scan repositories, registries, CI/CD pipelines and runtime environments.