Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Utilizing the Asset Inventory Dashboard

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
L4 Transporter
No ratings

By Oluranti Omotayo, Customer Success Engineer

 

Introduction

 

The Prisma Cloud Asset Inventory Dashboard provides up-to-date information on all cloud assets from various cloud types that Prisma Cloud monitors in a centralized dashboard. You can use the Inventory dashboard to manage your applications, assets, compute workloads, and data.

 

The Prisma cloud asset inventory enables customers to perform the following:

  • Analyze changes to resources 

  • Review access

  • Identify vulnerabilities, findings, and attack path situations

  • Provide risk mitigation directives

  • Improve operational efficiency

 

Centralizing the visibility of cloud assets will eliminate manual effort and allow teams to focus on more important tasks. 

 

The cloud asset inventory also improves compliance conformance and enhances security as it provides an audit trail of configuration changes that aids continuous monitoring. Hence, customers do not need to log in to each cloud service provider console or pull configuration data using different API calls to each cloud service provider to review configuration data or changes for their multi-cloud assets.

 

Customers can also assign business criticality tags to assets according to their internal classification using the Prisma cloud asset inventory.

 

unnamed.png

Figure 1: Business-Criticality_PaloAltoNetworks


The Asset inventory dashboard is navigated to by clicking on the Inventory tab at the top of the Page. 

Assets by type or classes covered for all your cloud assets are Applications, Assets, Compute Workloads, API Endpoints, IAC resources, and Data.

 

  • Applications: This provides a list of your applications running in the cloud. A Discovery criteria is added under the Discovery Criteria Rules which are cloud asset tags that Prisma Cloud uses to discover those applications and their attributes:
    • Application Discovery Criteria: Specify this to enable Prisma Cloud to discover applications based on the input cloud asset tag keys.
    • Business Criticality: Prisma Cloud will auto-assign severity based on the entered cloud asset tag key.
    • Business Owner: Prisma Cloud will auto-assign business owners for an application based on the entered cloud asset tag key.

 

You can view information about the discovered applications like the alerts, vulnerabilities, and finding types associated with the assets belonging to the application.

 

unnamed.png

Figure 2: Inventory-Applications_PaloAltoNetworks


Assets: This provides a tabular view of cloud-based assets across all onboarded cloud accounts to Prisma Cloud. It displays 90-day trend information at all times and provides a historical view of the assets.

 

unnamed.png

Figure 3: Inventory-Asset_PaloAltoNetworks

 

You have options to add several filters to enhance your view as well as group your view by Cloud Type, Service Name, Region, or Account Name. You can also obtain information about assets with alerts, assets with vulnerabilities, and the percentage of assets that pass policy checks.


Unmanaged Assets: This provides information about your unmanaged assets that are publicly exposed to the internet in your cloud accounts. The Unmanaged assets page is only available if your tenant is subscribed to the Cloud Discovery and Exposure Management(CDEM) feature. This feature helps with enhancing your cloud security posture as well as present a comprehensive view of your attack surface by providing visibility into your unmanaged or exposed assets. 

 

You can use the Date, Status, Account Mapped Status, Asset Type, Exposed Service, and Network Flow log filters to make your exploration more efficient and review assets findings. You will be able to review the overview of the exposed assets, the Exposed Services belonging to the asset, Vulnerabilities discovered and Findings. 

 

You can also view the resource config details belonging to the asset. You have the option to snooze the known internet exposed assets or send an email to receive a summary of the Exposed asset for further investigation.

 

 
RPrasadi_18-1730246127726.png

Figure 4: Inventory-UnmanagedAssets_PaloAltoNetworks


Compute Workloads: This inventory provides information about your container images and Hosts across your entire workload in your cloud account. This helps you to address and assess potential breaches on cloud workloads. You are able to identify the cloud providers of the images, filter the vulnerable images, and assess the images and hosts with the most impactful CVEs that are critical, exploitable, or patchable.

 

Click on either the Container Images or Host hyperlink to view their respective list. You can view information on container images according to the software lifecycle stages. You can view by All Stages, or the Build, Deploy and Run stage. You will also be provided the total number of unique images discovered across all your cloud accounts. You can click into any image or Host to view details about them as well as their resource configuration.

 

You can sort the container images and Hosts table or list by Impactful Vulnerabilities, by running Containers or by Last scan date.

 

 
RPrasadi_17-1730246002682.png

Figure 5: Inventory-ComputeWorkloads_PaloAltoNetworks

 

API Endpoints: This provides information about the discovered endpoints as well as details on the URL path, and HTTP method. Assets relationship, Services, Cloud Accounts, Risk Factors, the workload the API endpoints are associated with, and the Discovery method.

 

You can group the discovered endpoint by Cloud type, Service Name, Region, Workload, and Server either using the Card view or Table view. For each endpoint, you can view information about the vulnerabilities, Audit trail, Relationships, and Objects. Prisma Cloud provides a comprehensive overview of the API Endpoint's exposure, Sensitive Data exposure, Authentication, Malicious Activity, Usage Statistics, and Message Structure. You can apply filters to enhance your view of the API endpoints.

 

The API Endpoint tab requires a subscription to the Prisma Cloud WAAS module.

 

 
RPrasadi_16-1730245844104.png

Figure 6: Inventory-API_Endpoints_PaloAltoNetworks

 

IAC Resources: This provides a tabular view of all IAC resources across your various cloud accounts and repositories. The Resources come with detailed information about the misconfiguration(Code Issues) and Vulnerabilities as well as the total number of resources that have Pass(underwent scan without issues) and Fail(have undergone a scan and have alerts indicating areas that need attention). 

 

You can click on each displayed resource for a more detailed assessment and implement necessary remediation measures if necessary. You can view the traceability information of an asset which identifies whether a code asset has drifted from the code or has never been deployed.

 

You can add several filters to further refine the inventory to a list of assets of choice providing valuable insights into their misconfiguration and vulnerabilities. Prisma Cloud supports Terraform, CloudFormation, Kubernetes, Docker, Kustomize, Helm, and Ansible frameworks.

 

RPrasadi_15-1730245764739.png

Figure 7: Inventory-IAC_Resources_PaloAltoNetworks


Data: This provides information about assets monitored in your cloud storage buckets across various cloud types. You can view information about the total resources, public resources as well as total objects and public objects monitored. To view the Data Inventory, navigate to the top left corner of the page then drop the box to choose the Data Security feature. You must be subscribed to this feature to be able to view assets within. You can view your data assets and AI assets details on this page. 

 

On the Data assets page, you can view information about your total data assets, Assets with open alerts, Sensitive assets and Risky assets. Each displayed asset is also labeled with Confidential, PCI PII, and Sensitive based on discovery details which makes you determine the course of action to take on those assets.

 

  • Confidential data is data that must be protected at all times. Confidential information relates to the functioning of the organization which is not publicly disclosed or available in the public domain. Leaking this kind of data can cause serious financial, legal, or regulatory consequences. Examples are financial information, medical records, and trade secrets. 

  • Personal Identifiable Information (PII) is information that pertains to a specific person and when used alone or in connection with other data can be used to identify that person. Examples of PII are Full Name, Social Security, address and Driver's license number.

    • Payment Card Industry (PCI) information includes PII which is used during a payment card transaction. Examples of PCI are credit card pin, credit card number, and card holder name.

  • Sensitive information refers to any information that must be protected from loss. Leaking this kind of data can cause both reputational and financial damage. Sensitive data can include various types of information like photographs, audio, and videos. Sensitive data is regulated by various compliance laws.

 

You can click into the assets to view information about the asset, findings associated with the asset, Alerts, events, Active Identities with access to the asset, Risks associated with the asset and Access details.

 

unnamed.png

Figure 8: Data_Security-Inventory-Data_Assets_PaloAltoNetworks

 

unnamed.png

Figure 9: Data_Security-Inventory-Data_Assets-Resource-Overview_PaloAltoNetworks


The AI assets details show information about the asset as well as the risk discovered on the AI asset. You can click into the asset to view the asset overview, Data and Risk details.

 

 
 
image (1).png

Figure 10: Data_Security-Inventory-AI_Asset_PaloAltoNetworks


You can also review the data type information and files discovered in your cloud storage buckets.

 

 
 
unnamed.png

Figure 11: Data_Security-Inventory-Data_Types_PaloAltoNetworks

 

 
RPrasadi_12-1730243558014.png

Figure 12: Data_Security-Inventory-Files_PaloAltoNetworks


Conclusion

 

The Prisma Cloud Asset inventory will help customers understand their cloud environment and help mitigate risks proactively, by identifying vulnerabilities, and compliance issues, ensuring that your cloud environment remains secure and compliant. You can view information about each asset as well as their findings, vulnerabilities, and resource configuration data. These are vital for improving decision-making and enhanced security. 


Reference

 

For more information on the Prisma Cloud Asset Inventory, visit our documentation page at:

 
 
Rate this article:
  • 109 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Contributors
Labels
Article Dashboard
Version history
Last Updated:
‎10-29-2024 06:07 PM
Updated by: