This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Prisma Cloud Discussions
Share ideas and post questions related to Prisma Cloud — the industry's most comprehensive cloud native security platform — and the compute capabilities available within it in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma Cloud Discussions
Share ideas and post questions related to Prisma Cloud — the industry's most comprehensive cloud native security platform — and the compute capabilities available within it in this forum.
About Prisma Cloud Discussions
Share ideas and post questions related to Prisma Cloud — the industry's most comprehensive cloud native security platform — and the compute capabilities available within it in this forum.

Discussions

Start a conversation

Welcome to the Prisma Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4994 Views
  • 1 replies
  • 1 Likes

need prisma RQL query to fetch account name where "xxx" cloudtrail account is not present

need prisma RQL query to fetch account name where "xxx" aws cloudtrail account is not present, whichever account is not present, I should list that account as Non-compliant, and if "xxx" present and is not matching specific configuration also list out as non-compliant, is this possible???? I have split queries, how would merge this queries and s...

Failed to pull image "registry-auth.twistlock.com/tw_<token>/twistlock/defender:defender_22_06_224"

I'm getting the following error when deploying the twistlock defender into a 1.21 EKS cluster: Failed to pull image "registry-auth.twistlock.com/tw_&lt;token&gt;/twistlock/defender:defender_22_06_224": rpc error: code = Unknown desc = Error response from daemon: Get "https://registry-auth.twistlock.com/v2/": x509: certificate signed by unknown...

benderj4 by L1 Bithead
  • 8477 Views
  • 7 replies
  • 0 Likes

Prisma Fargate App Embedded Defender protecting a container image based on scratch image

Hello,I'm looking for guidance on what the App embedded defender's pre-requisites are when it is going to protect a docker image that is based on the scratch image. From what I've briefly seen there'd at least need to be a shell (/bin/sh) available in the container image defender is attempting to override the entrypoint on. I did briefly add b...

Big query iam policy bindings

Hello, I wanted to get a report in gcp for users that have policy bindings in bigquery tables but the results por iam and resource cloud manager doesn´t show me all the direct bindings only those from the IAM roles. Is there a way to get that information in prisma?

Expport all resource information with tags

Hello, I'm trying to export information for all resource. "/resource/scan_info" or "/v2/resource/scan_info" do you know how I can recover --&gt; resourceConfigJsonI can't manage to retrieve tag information from azure for example and prisma web in the api. it takes a long time to retrieve all the information - is there a way to generate a csv...

PCouedel by L0 Member
  • 2563 Views
  • 3 replies
  • 0 Likes

Can we combine 2 Investigate Query types like "Asset" and "Vulnerability"?

Hello, I'd like to look up all Critical and High vulnerabilities that are Patchable and Exploitable in a Cloud Account with a certain Asset type. I see that if I pick the "Vulnerability" query type with Risk factors - Patchable and Exploitable, it doesn't let me pick the Cloud Accounts that I want. In addition to that, I'd like to generate th...

JHenry by L0 Member
  • 1511 Views
  • 1 replies
  • 0 Likes

Resolved! Is there a default runtime policy with basic rules for containers and virtual machines before the ML learning is done?

Hello, As mentioned in https://docs.prismacloud.io/en/classic/compute-admin-guide/runtime-defense/runtime-defense the ML will learn the allowed network, process communication and file system and patterns but before that will it scan files for basic viruses or block known bad ip addresses without making a custom rule https://docs.prismacloud.io...

RQL - How to add JSON field conditionally

I'm trying to addcolumn with a field from a JSON configuration, but only if certain condition of another field is satisfied. Something like this: config from cloud.resource where api.name = 'aws-api-xyzl' CONDITIONS addcolumn $.list[ if CONDITIION_FIELD equals 12345)].FIELD_OF_INTEREST I already tryed the filter syntax used in JSON.RULES a...

JPReis by L0 Member
  • 1686 Views
  • 1 replies
  • 0 Likes

Resolved! Annual Compliance Report?

Part of the reason that we purchased Prisma Cloud was to ease our compliance efforts, but it would seem that the compliance reports provided have a fixed start date matching the date we signed up and I can only select the end date. So, if I select today we get a report for the past 3+ years, but I really only need it for a 12 month period. How...

prisma cloud RQL doubt

can I show both API RQL results? config from cloud.resource where api.name ='aws-cloudtrail-describe-trails' as X; config from cloud.resource where api.name = "aws-cloudtrail-get-event-selectors" as Y; show X and Y;

Question about RQL 'userIDGroupPairs[*]' from security group

Hello. I am asking if you can give some help about creating a RQL for a custom policy. I was trying to create a RQL about AWS security groups that tries to find if the description in userIdGroupPairs[*] for each inbound or outbound rules('ipPermissions' / 'ipPermissionsEgress') does not include these two strings, "SAC*" or "ACE*". (After each ...

AmYoon_1-1702346131035.png
AmYoon by L0 Member
  • 1715 Views
  • 1 replies
  • 0 Likes

Create IAM Policies in bundle using python

Hello, I'm trying to create a bunch of IAM policies using Prisma's API, I can create config policies with no issues however when I try to create IAM policies, following Palo Alto's API documentation, I always get 400 error, So probably my payload is bad done, but I find no errors in this code: def makePolicy(session😞 url="https://{}....

Juanpnav by L0 Member
  • 1614 Views
  • 1 replies
  • 0 Likes

Anyone use GuardDuty as well as Twistlock?

I understand that Twistlock does run-time monitoring and protection. In Fargate configuration, it will block any malicious process spawned from the container but will not block the container itself. I’m curious if anyone enable AWS GuardDuty together with Twistlock since it does ECS runtime monitoring as well? Is there any impact to running bo...

Prisma Cloud Application Vulnerability Search : Deployed tab vs CI tab

Not sure if this has been asked before but I am fairly new to checking Prisma vulnerabilities -- I want to resolve High/Critical ones on our APIs but I get confused when checking CI tab and Deployed tab from Compute&gt;Monitor&gt;Vulnerabilities section. CI tab would have that API to contain lots of vulnerabilities (6 Critical, 3 high, 4 medium,...

  • 476 Posts
  • 61 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks