How to identify rate limiting from technical perspective - WAAS - OWASP API Top 10

Hi All,

I saw that, WAAS have new feature for detect risk path from WASP API Top 10 list, but there is no any details about detection mechanism and request/response details. It only shows as risky but I need more details to understand alarms are f/

Registry Scanning for Google Cloud Registries

It appears there is no webhook support new image scanning for GCP.

Could Palo Alto possibly provide a solution that utilizes Cloud Asset feeds for triggering new image scans?

Thank you,

Josh

When running a REGO script with the open policy agent OPA how do i only specify the kubernetes cluster to run against

I have multiple kubernetes clusters ; however when running a REGO script with the open policy agent how do i only run the policy against the cluster i want..

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/access_contr

How to get Prisma Cloud Public IP address

I need to know which public IPs Prisma cloud uses to access other external apps to allow them in the firewall.

My console is un eu. 

BR

Onboarding AWS Organization - Terraform Style

Hello guys,

I'm looking for a way to onboard an AWS Organization using Terraform and bypass the need of using the old CloudFormation template.

So when deploying the CFT (for basic features) we get 4 custom policies + SecurityAudit attached to a "Pri

Help with RQL or API

I need to generate a Report with the following informations:

- All Assets, with the creation time information. 
- Status of the asset based on specific compliance Standard, for exemple: CIS v1.4.0 (AWS).

My objective is filter on a specific date(ex: 03/

Docker image is not detecting

I encountered with the PrismaCloud image scanning tool. I have updated the Dockerfile with a new version to address a vulnerability and pushing the updated image to the GCP Artifactory registry, the changes have not been reflected in the PrismaCloud

Feature Request

For Twistlock, is there a way to track when a vulnerability is first found on a host? if not, I think this would be a very helpful feature for vulnerability management. 

Multiple Azure Subscriptions with Single Azure AD Tenant

The onboarding documents assume a 1:1 relationship between Azure Subscriptions/Tenants and Azure AD Tenants. Does anyone have instructions for Multiple Azure Subscriptions with a single Azure AD Tenant? Prisma Cloud 

Code Security: Policy Ids for Errors

When scanning IAC with Bridgecrew GitHub action, an error may be returned as "Check: 8060797_AWS_1672940525627: "AWS Lambda function is not configured for function-level concurrent execution Limit" with a link to https://docs.bridgecrew.io/docs/ensur

no connectivity to console through ingress

PCC self-hosted on Azure Kubernetes Service, sits behind an App Gateway that serves as a proxy/ingress/firewall

Attempting to deploy defenders to VMs that sit outside the App Gateway - connectivity fails through the ingress to the Console regardles