Webinar On Demand

Vulnerabilities & Misconfigurations: Two Sides Of The Same Cloud-Native Risk Coin

Recorded September 28, 2022

View a Complimentary Live Webinar Sponsored by Prisma Cloud by Palo Alto Networks

DevOps and the rise of cloud-native technologies are changing the way we build modern applications. They’re also changing the attack surface. Open-source packages, infrastructure as code (IaC) resources, container images, and delivery pipelines can create a web of interdependencies. When one of those components contain weaknesses, attackers can chain them together to move laterally within an application to gain privileged access to sensitive data, or to inject malicious code that can be used in an exploit. 

In this webinar, we’ll cover an example of a software supply chain attack that chains infrastructure misconfigurations with known vulnerabilities, using the notorious Log4j flaw as a catalyst. Attendees will walk away with a better understanding as to why a proactive, defense-in-depth approach to cloud-native security is necessary and some tips for getting cohesive coverage across entire cloud-native application stacks—from code to cloud and application to infrastructure.

Steve Giguere

Developer Advocate at Prisma Cloud


Steve is a Developer Advocate with Prisma Cloud by Palo Alto Networks, specializing in cloud and infrastructure security automation. Steve started his cybersecurity life by being kicked out of his high school computing class for privilege escalation on the school linux system and changing all passwords to “”peaches”” (his friend’s dog’s name). But that was a long time ago. Since then he has worked as a Solution Architect for StackRox and Aqua Security, specializing in container and Kubernetes security, and has spent time with Synopsys establishing DevSecOps best practices for enterprise CI/CD pipelines.