A Conversation With Sarit Tager from Prisma Cloud

9 snips

Jul 29, 2025

Sarit Tager, VP of Product Management at Palo Alto Networks, is a pioneer in cloud and application security. In this conversation, she explores how Prisma Cloud unifies AppSec, Cloud, and SOC data into a single ecosystem for better risk management. Tager highlights the need for dynamic guardrails during development to prevent vulnerabilities before they escalate. She also delves into how AI enhances security postures and boosts developer collaboration, making security a seamless part of the workflow rather than a hindrance.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Unified Security Data Lake

Palo Alto Networks merged cloud security, application security, and SOC data into a single data lake. - This integration provides real-time context-aware risk prioritization and speeds up response times.

INSIGHT

Preventing Issues Before Production

The future of application security focuses on preventing vulnerabilities during development using context-aware guardrails. - This approach improves security and maintains developer velocity by stopping issues before production.

ANECDOTE

Log4j Vulnerability Management Chaos

Daniel Miessler shared how vulnerability management was chaotic during the Log4j event, requiring manual tracking across spreadsheets. - He highlighted the need for integrated ownership and live status in vulnerability and asset management.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

➡ Prevent Risk At The Source with Cortex Cloud: https://www.paloaltonetworks.com/cortex/cloud/application-security

In this sponsored conversation, I speak with Sarit Tager, VP of Product Management at Palo Alto Networks, about how Prisma Cloud and their new ASPM solution are transforming cloud and application security by unifying data and deeply integrating business context into AppSec workflows.

We talk about:

Unifying AppSec, Cloud, and SOC into One Data Lake
How Palo Alto merged their products into a single system that consolidates runtime, code, identity, cloud, and SOC data, allowing for true context-aware risk prioritization and faster response times across the board.

From Detection to Dynamic Prevention
Why the future of application security isn’t just about discovering vulnerabilities, but enforcing smart, context-based guardrails during development, CI/CD, and build processes to prevent issues before they reach production.

AI-Powered Insight and the Future of Secure DevOps
How their system uses AI to analyze the full security posture, enrich findings, simulate attack paths, and recommend precise mitigations. The platform even helps guide security and engineering teams through better workflows, boosting velocity, and not blocking it.

Subscribe to the newsletter at:
https://danielmiessler.com/subscribe

Join the UL community at:
https://danielmiessler.com/upgrade

Follow on X:
https://x.com/danielmiessler

Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler

Chapters:

00:00 – Sarit’s Background and the Goal of Unifying Security Context
01:50 – Building a Single Data Lake for Cloud, SOC, and AppSec
04:28 – From Noise to Clarity: Fixing the Prioritization Problem in AppSec
06:47 – Using Business Context to Drive Risk-Based Decisions
10:18 – True App Ownership, Developer Velocity, and Aligning with Business Impact
13:12 – Continuous Discovery and Bringing External Signals Into One View
15:25 – Why App Grouping and Context-Rich Policies Increase Velocity
17:58 – How Attackers Are Already Building Their Own Unified Context (UEC)
20:45 – Prisma’s Control Points: IDE, PR, CI/CD, Image, Admission Control
21:56 – Bringing In Data From External Scanners and Enriching Coverage
24:23 – Ecosystem Signals, Query Language, and Intelligent Workflow Automation
25:05 – Closing Thoughts: Security and Developers Working Together

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.