This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Prisma Cloud Release Notes for June 22, 2019

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Prisma Cloud Release Notes for June 22, 2019

Retired Member
Not applicable

on ‎08-26-2019 09:53 AM - edited on ‎09-01-2020 01:29 PM by

Did you find this article helpful? Yes No
No ratings

New Features

FEATURE
DESCRIPTION
Amazon GuardDuty Findings on IAM Users
To help you to find potential security issues —malicious activity and unauthorized behavior— that pertain to IAM Users who are identified in Amazon GuardDuty findings, you can now specify hostfinding.type = 'AWS GuardDuty IAM' in a Config RQL query.
aws-guardduty-iam.png
Azure Network Security Group Rule Actions
To help you audit Network Security Groups (NSGs) directly from the RedLock console, the resource explorer and the network explorer display how Azure NSGs are configured to enforce traffic in your Azure environment.
To display the information on the Azure NSG rule, both the resource explorer and the network explorer, now have a new Action column, which indicates whether the NSG rule is set to Allow or Deny traffic.
API Ingestion Update
Prisma Cloud has improved coverage for the following API service that you can query using RQL:
The API aws-elasticbeanstalk-environment JSON is modified to include the response from the environment resources details in the describeEnvironmentResources field.
 

Policy Updates

The following new policies are available in this release:
POLICY NAME
DESCRIPTION
AWS EKS cluster control plane assigned to multiple security groups
Checks the number of security groups assigned to your AWS EKS cluster control plane and alerts if more than one security group is attached to the cluster.
AWS EKS cluster using the default VPC
Identifies AWS Kubernetes clusters which are configured with the default VPC instead of a custom VPC.
AWS EKS control plane logging disabled
Checks whether or not Kubernetes control plane logging for audit and diagnostic logs is enabled so that log data on your EKS cluster is directly written to CloudWatch Logs. This policy alerts you if logging is disabled.
AWS EKS cluster security group overly permissive to all traffic
Identifies security group rules that are attached to the cluster network and allow inbound traffic for all protocols from the public internet.
AWS EKS cluster endpoint access publicly enabled
Checks whether your Kubernetes cluster endpoint that enables the API server to communicate with all worker nodes within your cluster is publicly accessible. This policy alerts if you have not restricted public access to the Kubernetes cluster endpoint.

 

This information was adapted from a TechDocs article. For more information about the release notes or to view other release notes, please visit Features Introduced on June 22, 2019.

Rate this article:
0 Likes Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last update:
‎09-01-2020 01:29 PM
Updated by:
LEGAL NOTICES
RESOURCES
Copyright 2007 - 2022 - Palo Alto Networks