on 09-06-2019 04:48 PM - edited on 09-01-2020 01:28 PM by kwadsack
FEATURE
|
DESCRIPTION
|
---|---|
Integration Status Checks
|
Prisma Cloud performs periodic checks and background validation of outbound external integrations to identify exceptions or failures in processing notifications. With the exception of Email, PagerDuty, Qualys, and Tenable.io integrations, the status checks now indicate when a change on the integration vendor impacts outbound alert notifications. The status checks display as red—integration failed validations, yellow—one or more templates associated with the integration are invalid, or green—working and all templates are valid. Any state transitions are automatically reflected on the Prisma Cloud administrator console.
|
Resource Attribution on Azure Updates
|
Prisma Cloud correlates data available in resource configurations and audit events to you identify who (which user) made changes to specific Azure resources.
In addition to the services that were supported in the last release, resource attribution is now available for events related to the following Azure resources:
|
API Ingestion Updates
|
Prisma Cloud has added coverage for the API:
azure-cosmos-db
azure-network-route-table
Update the JSON for the API aws-sns-get-subscription-attributes
Some fields such as RawMessageDelivery, PendingConfirmation, ConfirmationWasAuthenticated
are no longer retrieved for this API. |
POLICY
|
DESCRIPTION
|
---|---|
AWS ECS Task Definition Elevated Privileges Enabled
|
Checks the security configuration of your task definition for ECS Containers and alerts you to it.
|
AWS ECS/ ECS Fargate task definition execution IAM Role not found
|
Generates an alert if a task execution IAM role is not defined in your task definition for pulling container images and publishing container logs to Amazon CloudWatch.
|
AWS ECS Task Definition Root User Found
|
Checks if your container definition uses a root user and alerts you to it.
|
GCP GKE Unsupported Node Version
|
Checks your GKE master node version and generates an alert if the version running is unsupported.
|
Non-Corporate Accounts Have Access to Google Cloud Platform (GCP) Resources
|
The RQL in this customizable policy is updated to match on more than one domain, and the match criteria checks for whether the email address contains or ends in the specified domain(s).
|