|(New Look) Asset Inventory||
The Inventory provides a summary of the total number of resources discovered across your cloud deployments and the number of resources that are passing or failing policy checks.
To add visual appeal, you also have an asset trend chart, an asset classification bar graph, and a table with details (pass or fail) and alerts by severity.
To help you drill into the details, the inline links in the table take you to the Asset Explorer for Total resources and Pass resources. The resources that failed policy checks are grouped as Low, Medium and High severity and these links take you to the Alerts Overview where you can review the details for each policy violation and the number of alerts that were generated against each policy.
|Scheduled Compliance Reports||
Enables you to set up one-time or recurring reports to assess the security status of your cloud resources against the compliance standards that matter most to you and to receive the reports in your email inbox.
The scheduled reports are also saved on Prisma™ Cloud so that you can download a report on demand. Additionally, the data in each report is available as a historical trend chart on the Prisma Cloud interface, which helps you view your overall compliance posture during a specific period of time.
|GCP Flow Log Compression using the Google Cloud Dataflow Service||
To address the lack of native log compression on Google Cloud Platform (GCP) and mitigate the network egress costs associated with sending uncompressed GCP logs to the Prisma Cloud infrastructure, you can now automate flow log compression using the Google Cloud Dataflow service. Whether you are monitoring your GCP project or organization, Prisma Cloud can automate flow log compression and save the compressed logs to the same storage bucket as your VPC flow logs. These compressed logs are then sent to the Prisma Cloud infrastructure for monitoring the network activity of your cloud resources.
For flowlog compression, you need to enable the Google Cloud Dataflow APIs and provide additional permissions that enable Prisma Cloud to make API calls and save the compressed logs to your Google Cloud Storage bucket.
|API Ingestion Update||
|More Policies for GDPR Compliance||
Prisma Cloud now includes GDPR support on Azure and includes more policies to extend coverage for GDPR compliance on GCP.
|Support for CIS v1.1.0 on GCP and CIS v1.2.0 on AWS||
The CIS compliance standard on Prisma Cloud is updated to include policy updates that check for compliance with the requirements and sections in v1.1.0 on GCP and v1.2.0 on AWS.
|California Consumer Privacy Act of 2018||
Prisma Cloud now supports the California Consumer Privacy Act, which is a state statute intended to enhance privacy rights and consumer protection for residents of California (United States).
|Saved search addition for Azure VMs||The saved search Azure VM has unapproved extensions installed helps you to determine whether your deployment includes VMs with unapproved extensions. You can edit the is not member of attribute in the query to specify the list of extensions that are approved for use in your organization.|
|Permission Updates for AWS CFTs||The permission in the AWS read-only and read-write CloudFormation Templates (CFTs) for AWS public cloud and AWS GovCloud are updated to include ec2:describeRegions. With this update, Prisma Cloud can get data on the AWS cloud accounts for all enabled regions.|
|Remediation CLI for Existing policies||The following policies are now designated as Remediable on the Prisma Cloud administrative console:
|Azure Storage account container storing activity logs is publicly accessible||Identifies storage account containers that allow public access to activity log content. This is a risk because it can aid an adversary in identifying weaknesses in the account configuration.|
|Azure disk is unattached and not encrypted||Identifies disks which are unattached and not encrypted. Even if a disk is not attached to any VM, there is a risk where a compromised user account with administrative access to VM service can mount and attach these data disks, which can result in disclosure or tampering of sensitive information.|
|Azure SQL server send alerts to field value is misconfigured||Identifies SQL servers that are not properly configured to send alerts to an email address. Having a valid email address for threat detection alerts enables you to receive alerts when any anomalous activities are detected on your SQL servers.|
|Azure Data disk is not encrypted||Identifies data disks which are not encrypted. Encrypt data disks (non-boot volume) to protect the volume from unwarranted reads without a key.|
|AWS support access policy is not associated with a role||Identifies IAM policies with support role access that are not attached to any role. An IAM role with support access policy enables you to ensure that users in your account can securely control access to AWS services and resources.|
For more information, please review the new features in the Prisma Cloud January 16, 2020 Release Notes in TechDocs.