Cortex Cloud Discussions

Welcome to the Prisma Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

Prisma Cloud - Cloned Policy not saving updated Query.

I'm attempting to clone a default Azure policy for overly permissive NSG's. The cloned policy is essentially the same with additional RQL at the end to only alert on NSG's that do not have a certain tag value. We've verified the RQL works, we've remove the auto-remediation capability. The modified Query will not save. I've looked in the do...

Resolved! Curious why Prisma Cloud needs "kms:decrypt" permission for "*" in AWS

While onboarding our AWS account using this template, I had a developer ask why "kms:decrypt" is granted on all "*" resources. I'm wondering if anyone knows the reason so that I can relay it to them.

After entering the credentials of visibility(AppDependencyMap)

/usr/local/bin/apoctl: line 1: syntax error near unexpected token `<'/usr/local/bin/apoctl: line 1: `<?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message></Error>'

Prisma Cloud DevOps Dashboard permissions

Hello, Currently working with DevOps team to incorporate IaC into Azure DevOps Server and Azure Devops (cloud). I've created a role for the DevOps Engineers with the ACCOUNT GROUP READ ONLY permissions. The one problem that cropped up, the DevOps engineer can't access the Inventory > DevOps dashboard. Any thoughts on what permissions a De...

automatic stack updates

has anybody setup a pipeline to automatically update the AWS Cloudformation stack and stack set when new templates are available?

Automated compliance checking

We are looking to automate a check on a new resource to see if it passes our compliance policies. As part of this automated checking we are wondering how long we should wait after a resource is created before we run the check. Is there an estimated amount of time after a new resource has been added to a cloud instance before it is fully che...

Prisma cloud integration with LogRhythm

Hi there,is there any way to integrate Prisma cloud with LogRhythm, to send the alert to the SIEM? @PrismaCloud

Azure Cloud Accounts - Subscription-Tenant

In Prisma Cloud, we have had 6 Azure "Subscription" Cloud Accounts, these Subscriptions all fall under the same Azure Tenant.To make management easier, we want to just add the Azure Tenant Cloud Account. If we do this, will we have duplicate assets and if those assets have alerts, will these be duplicated also?

Prisma Cloud instance for PCCSE preparation practice

For Prisma Cloud Certification PCCSE, Can we get a cloud instance of Prisma Cloud for practice ?

When will the podman 3 be supported to prisma-cloud-compute-edition v21.04

We use podman <v2.4 to build docker using jenkins CI pipeline. We have already moved to podman 3 and the lower has some issues as well as vulnerabilities however we are yet forced to use it just because prisma cloud doesn't support it yet. Can you help me understand if that's supported as the release doc doesn't talk about it anyway. Also, ho...

Managing false positives in Twistlock scanner

Hello,How can I mark some CVEs as false positives in the tool itself so that subsequent scans do not report those CVEs? Is there an API for this? Thanks!

Managing Compute Defender False Positives?

I'm finding what appears to be a lot of false positives for alerts within Compute Defender > Events and Runtime. What is best practice for marking these false positive to prevent additional alerts from being generated? I noticed some options for re-learning models (e.g. Container Type), but others (e.g. Host type) appear differently.

Discussions

Welcome to the Prisma Cloud Discussions!

Prisma Cloud - Cloned Policy not saving updated Query.

Resolved! Curious why Prisma Cloud needs "kms:decrypt" permission for "*" in AWS

After entering the credentials of visibility(AppDependencyMap)

Prisma Cloud DevOps Dashboard permissions

automatic stack updates

Automated compliance checking

Prisma cloud integration with LogRhythm

Azure Cloud Accounts - Subscription-Tenant

Prisma Cloud instance for PCCSE preparation practice

When will the podman 3 be supported to prisma-cloud-compute-edition v21.04

Managing false positives in Twistlock scanner

Managing Compute Defender False Positives?

Export/Import a custom Compliance Standard from one tenant to another

What is the CVE scanning engine under-the-hood of TwistLock?

Login API returns 401 with a freshly created Access Key

Prisma Asset Type assignment to a created Prisma policy

How Prisma Cloud Protects its SAAS platform

Container defender installation fails on ARM64

invalid_src_credentials on REST API Login to prismacloud.io

RQL query to list the VMs having a public IP address

Re: Prisma Asset Type assignment to a created Prisma policy

Re: Prisma Cloud RQL join operator

Unlock your full community experience!

Resolved! Curious why Prisma Cloud needs "kms:decrypt" permission for "*" in AWS