topic Whitelisting specific assets in prisma cloud. in Prisma Cloud Discussions

Whitelisting specific assets in prisma cloud.

arbantayan — Fri, 09 Aug 2024 05:45:41 GMT

Hi team,

The team is given a high privilege set of permissions only when a change request is filed or if the team will have to implement such activities and once the activity is done the set of permission is removed in their access. In line with this the permission related policies triggers in the prisma cloud console and resolves on its own with a resolution status of scheduled since no significant changes is made on the cloud account.

We would like to know if there is a way in the prisma cloud console to whitelist specific assets to limit the number of alerts that triggers the policy and at the same time we still be able to monitor such broad permissions.

Thanks,

Alera

Re: Whitelisting specific assets in prisma cloud.

alagomez — Sun, 11 Aug 2024 21:15:39 GMT

Hi @arbantayan

May I suggest to identify the assets and the type of activities involved during these changes so the scope is fully identified; then you can explore playing with Prisma Cloud Alert rules that allow you to have control over specific account groups, even have some cloud accounts excluded, but most importantly assign only the policies in your use-case scope.
Be aware that leaving an asset out of any alert rule will cause to stop triggering alerts about such asset , and even when the asset is visible and you can see its findings at any time it is recommended to focus on the policies triggering the alerts that matter

Please take a look to the following documentation for reference:

https://docs.prismacloud.io/en/enterprise-edition/use-cases/secure-the-source/risk-prevention

Re: Whitelisting specific assets in prisma cloud.

CGamboa2 — Fri, 16 Aug 2024 17:40:20 GMT

Please help out other users and click “Accept as Solution” if a post helps solve your problem! Here’s how and why to accept solutions.