https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/container-vulnerabilities-and-attack-path/m-p/554197#M1007 <P>Hello,</P> <P>when using attack path policies involving vulnerabilities such as</P> <P>&nbsp;</P> <P>"Azure Virtual Machine publicly exposed with critical or high vulnerabilities and Run command execution permissions"</P> <P>&nbsp;</P> <P>"Azure Virtual Machine publicly exposed with critical or high vulnerabilities and data destruction permissions"</P> <P>"AWS EC2 instance publicly exposed with critical or high vulnerabilities and privilege escalation permission via PassRole &amp; Glue permissions"</P> <P>&nbsp;</P> <P>Does Prisma takes into account containers vulnerabilities as well ?</P> <P>The rational behind is: with most payloads being containerized, vulnerabilities to be used for initial access will likely be within a container, on the other hand lateral movement may require breaking the containment which is likely detectable from the host.</P> Thu, 17 Aug 2023 16:56:33 GMT JVANDEWOESTYNE 2023-08-17T16:56:33Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/container-vulnerabilities-and-attack-path/m-p/554197#M1007 <P>Hello,</P> <P>when using attack path policies involving vulnerabilities such as</P> <P>&nbsp;</P> <P>"Azure Virtual Machine publicly exposed with critical or high vulnerabilities and Run command execution permissions"</P> <P>&nbsp;</P> <P>"Azure Virtual Machine publicly exposed with critical or high vulnerabilities and data destruction permissions"</P> <P>"AWS EC2 instance publicly exposed with critical or high vulnerabilities and privilege escalation permission via PassRole &amp; Glue permissions"</P> <P>&nbsp;</P> <P>Does Prisma takes into account containers vulnerabilities as well ?</P> <P>The rational behind is: with most payloads being containerized, vulnerabilities to be used for initial access will likely be within a container, on the other hand lateral movement may require breaking the containment which is likely detectable from the host.</P> Thu, 17 Aug 2023 16:56:33 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/container-vulnerabilities-and-attack-path/m-p/554197#M1007 JVANDEWOESTYNE 2023-08-17T16:56:33Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/container-vulnerabilities-and-attack-path/m-p/554231#M1008 <P>&nbsp;</P> <P>Thanks for posting the question. The container vulnerabilities are currently not included in attack path policies but they are in the roadmap.</P> <P>&nbsp;</P> <P>Regards,</P> <P>Yash Boravelli</P> Thu, 17 Aug 2023 22:59:16 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/container-vulnerabilities-and-attack-path/m-p/554231#M1008 yboravelli 2023-08-17T22:59:16Z