Prisma Cloud Release Notes for July 11, 2019

Printer Friendly Page

New Features

FEATURE
DESCRIPTION
Support for the AWS Hong Kong region
Prisma Cloud can now monitor resources in the AWS Hong Kong region (ap-east-1).
aws-hong-kong.png
IP Address Modeling for Anomaly Alert Generation
To reduce false positives when detecting unusual user activity, Prisma Cloud has augmented UEBA modeling to incorporate IP address information.
Prisma Cloud relies on a third-party source for IP address to geo-location resolution to detect unusual user activity. Using the IP address to geo-location resolution can sometimes generate false positives in the Unusual User Activity policy when the same IP resolves to different locations at different points in time. With this modeling change, when there is unusual user activity from a previously unseen location for a known IP address, the service no longer generates anomaly alerts.
Microsoft Teams Integration
Create an Office 365 webhook integration on a Microsoft Teams channel and configure Prisma Cloud to send notifications to it. Sending RedLock alerts to a Microsoft Teams channel enables your DevOps and SecOps teams to investigate and remediate security incidents more promptly.
API Ingestion Updates
Prisma Cloud has added coverage for the GCP API service gcloud-compute-global-forwarding-rule
 

Policy Updates

POLICY NAME
DESCRIPTION
GCP storage bucket is encrypted using default KMS key instead of customer-managed key
Identifies storage buckets that are encrypted with the default Google-managed keys. As a best practice, use Customer-managed keys to encrypt the data in your storage bucket and ensure full control over your data.
GCP load balancer target proxy is configured with default SSL policy instead of custom SSL policy
Identifies load balancer target proxies which are configured with default SSL policy instead of a custom SSL policy. As a best practice, using custom SSL policy to access load balancers gives you better control over SSL/TLS versions and ciphers.
GCP load balancer HTTPS target proxy is not configured with QUIC protocol
Identifies load Balancer HTTPS target proxies which are not configured with QUIC protocol. Enabling the QUIC protocol helps the load balancer target HTTPS proxies to establish connections faster, supports stream-based multiplexing, improved loss recovery, and eliminates head-of-line blocking.

 

This information was adapted from a TechDocs article. For more information about the release notes or to view other release notes, please visit Features Introduced on July 11, 2019.

Tags (4)
Ask Questions Get Answers Join the Live Community
Version history
Revision #:
5 of 5
Last update:
‎08-26-2019 10:54 AM
Updated by:
 
Contributors