A Conversation With Sarit Tager from Prisma Cloud

➡ Prevent Risk At The Source with Cortex Cloud: https://www.paloaltonetworks.com/cortex/cloud/application-security

In this sponsored conversation, I speak with Sarit Tager, VP of Product Management at Palo Alto Networks, about how Prisma Cloud and their new ASPM solution are transforming cloud and application security by unifying data and deeply integrating business context into AppSec workflows.

We talk about:

Unifying AppSec, Cloud, and SOC into One Data Lake
How Palo Alto merged their products into a single system that consolidates runtime, code, identity, cloud, and SOC data, allowing for true context-aware risk prioritization and faster response times across the board.

From Detection to Dynamic Prevention
Why the future of application security isn’t just about discovering vulnerabilities, but enforcing smart, context-based guardrails during development, CI/CD, and build processes to prevent issues before they reach production.

AI-Powered Insight and the Future of Secure DevOps
How their system uses AI to analyze the full security posture, enrich findings, simulate attack paths, and recommend precise mitigations. The platform even helps guide security and engineering teams through better workflows, boosting velocity, and not blocking it.

Subscribe to the newsletter at:
https://danielmiessler.com/subscribe

Join the UL community at:
https://danielmiessler.com/upgrade

Follow on X:
https://x.com/danielmiessler

Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler

Chapters:

00:00 – Sarit’s Background and the Goal of Unifying Security Context
01:50 – Building a Single Data Lake for Cloud, SOC, and AppSec
04:28 – From Noise to Clarity: Fixing the Prioritization Problem in AppSec
06:47 – Using Business Context to Drive Risk-Based Decisions
10:18 – True App Ownership, Developer Velocity, and Aligning with Business Impact
13:12 – Continuous Discovery and Bringing External Signals Into One View
15:25 – Why App Grouping and Context-Rich Policies Increase Velocity
17:58 – How Attackers Are Already Building Their Own Unified Context (UEC)
20:45 – Prisma’s Control Points: IDE, PR, CI/CD, Image, Admission Control
21:56 – Bringing In Data From External Scanners and Enriching Coverage
24:23 – Ecosystem Signals, Query Language, and Intelligent Workflow Automation
25:05 – Closing Thoughts: Security and Developers Working Together

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.