FEATURE
|
DESCRIPTION
|
---|---|
Permission Groups to support granular RBAC for Compute
|
Prisma Cloud administrator who require access to the Compute tab or the Compute APIs, you can have granular access and visibility to perform their job functions. The new
System Admin
,
Only for Compute capabilities
permission group restricts access to only the Compute tab and enables access to the capabilities for protecting your host, containers,and serverless functions without access to the rest of the Prisma Cloud UI or API.
The
Build and Deploy Security
is another permission group that enables you to restrict access to the DevOps users who need access to a subset of Compute capabilities and/or API access to run IDE, SCM and CI/CD plugins for Infrastructure as Code and image vulnerabilities scans. |
Account-Based RBAC for Compute
|
Visibility to Prisma Cloud Defender data on the
Compute
tab now corresponds to the AWS, Azure, or GCP cloud accounts that each administrator is allowed to view. |
Custom Email Notification Templates
|
From the Notification Template Hub on Prisma Cloud, you can add a custom email template for alert notification emails. You can customize the message content and include a link in the email notification.
|
(
Beta
) Coverage for the MITRE ATT&CK Framework |
Prisma Cloud adds support for MITRE ATT&CK, a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations, as a compliance standard. The MITRE ATT&CK Cloud Matrix for Enterprise support on Prisma Cloud maps policies to identify and protect you from cloud-based attack techniques on AWS, Azure, and GCP.
|
Saved Search Addition
|
The saved search for AWS VPC nearing availability limit enables you to detect if the VPCs per region has reached 80% of the resource availability limit. You can then easily create a policy and generate an alert when the threshold is reached.
|
Granular list of Permissions for GCP
|
If you want to create a custom role for onboarding your GCP project or organization on Prisma Cloud, you can now use the list of granular permissions required for successfully onboarding the account.
|
Unusual User Activity Alerts Enhanced for Service Group Context
|
If a user typically uses a set of services, and Prisma Cloud detects a new service being used, the alert details include additional context on the anomaly. It alerts you on what was unusual about the activity, and whether the service accessed belongs to the same or a different service group.
|
API Ingestion
|
APIs to ingest the following services:
|
POLICY
|
DESCRIPTION
|
---|---|
Policy Updates
|
The Recommendation instructions for the
Azure Load Balancer diagnostics logs are disabled
is updated. |
The
AWS S3 bucket not configured with secure data transport
policy is enhanced to check whether bucket is exposed publicly before checking on whether it uses secure data transport. |