How to identify rate limiting from technical perspective - WAAS - OWASP API Top 10

Hi All,

I saw that, WAAS have new feature for detect risk path from WASP API Top 10 list, but there is no any details about detection mechanism and request/response details. It only shows as risky but I need more details to understand alarms are f/

Registry Scanning for Google Cloud Registries

It appears there is no webhook support new image scanning for GCP.

Could Palo Alto possibly provide a solution that utilizes Cloud Asset feeds for triggering new image scans?

Thank you,

Josh

When running a REGO script with the open policy agent OPA how do i only specify the kubernetes cluster to run against

I have multiple kubernetes clusters ; however when running a REGO script with the open policy agent how do i only run the policy against the cluster i want..

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/access_contr

How to get Prisma Cloud Public IP address

I need to know which public IPs Prisma cloud uses to access other external apps to allow them in the firewall.

My console is un eu. 

BR

Onboarding AWS Organization - Terraform Style

Hello guys,

I'm looking for a way to onboard an AWS Organization using Terraform and bypass the need of using the old CloudFormation template.

So when deploying the CFT (for basic features) we get 4 custom policies + SecurityAudit attached to a "Pri

Help with RQL or API

I need to generate a Report with the following informations:

- All Assets, with the creation time information. 
- Status of the asset based on specific compliance Standard, for exemple: CIS v1.4.0 (AWS).

My objective is filter on a specific date(ex: 03/

Docker image is not detecting

I encountered with the PrismaCloud image scanning tool. I have updated the Dockerfile with a new version to address a vulnerability and pushing the updated image to the GCP Artifactory registry, the changes have not been reflected in the PrismaCloud

Feature Request

For Twistlock, is there a way to track when a vulnerability is first found on a host? if not, I think this would be a very helpful feature for vulnerability management. 

Multiple Azure Subscriptions with Single Azure AD Tenant

The onboarding documents assume a 1:1 relationship between Azure Subscriptions/Tenants and Azure AD Tenants. Does anyone have instructions for Multiple Azure Subscriptions with a single Azure AD Tenant? Prisma Cloud 

Code Security: Policy Ids for Errors

When scanning IAC with Bridgecrew GitHub action, an error may be returned as "Check: 8060797_AWS_1672940525627: "AWS Lambda function is not configured for function-level concurrent execution Limit" with a link to https://docs.bridgecrew.io/docs/ensur

no connectivity to console through ingress

PCC self-hosted on Azure Kubernetes Service, sits behind an App Gateway that serves as a proxy/ingress/firewall

Attempting to deploy defenders to VMs that sit outside the App Gateway - connectivity fails through the ingress to the Console regardles

Generate PR comment on Azure Devops as we do in Github using Prisma cloud DevSecOps from marketplace.

Hi

I need lead for getting a PR comment generated for each scan on the Azure Repos. As we do in GitHub using Prisma cloud DevSecOps from marketplace. Do we have anything similar for Azure Devops?

We have integrated the pipeline and repos already usin

Terraform 405 not allowed

not sure im doing wrong here but trying to connect using terraform results in a 405 not allowed. 
Here is my TF code 

```
terraform {
required_providers {
prismacloud = {
source = "PaloAltoNetworks/prismacloud"
version = "1.2.11"
}
}
}

provider "prismacloud" {