Prisma Cloud Discussions

Agentless scanning on Google Cloud platform

Hi All,

Hope you are doing well.

Anyone using Agentless scanning for their GCP env? I have a GCP environment with some restrictions ie org policies applied for skip default network creation, external IPs not allowed (but exempted for test project).

...

Unable to get container defender to detect denied IP address on host

For some reason I am unable to see any events being generated for denied IP addresses when running a container defender on one of our hosts.

Did the following:

installed a container defender on a linux host.
created a host policy that targets the ho

...

Resolved! How to triage an EKS Cluster with Prisma Defender daemon set NOT appearing in the console?

So my co-worker has implemented some containerized solution and deployed it to EKS.

I used my access key to create a defender.yaml for him.

twistcli defender export kubernetes \
--address ${PRISMA_CLOUD_COMPUTE_CONSOLE_API_ADDR} \
--user ${PRISMA_ADMIN...

Resolved! Scanning Source-Code for Secrets: Is Prisma Cloud Code Security a rebranding of BridgeCrew?

I am aware of Prisma Cloud Code Security Secrets Scanning.

I am aware of bridgecrew's secrets scanning.

Are these products one-and-the-same?

If not, what's the difference?

when and where is each appropriate?

Resolved! Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

If yes then, which API call?

I can't find it here... https://prisma.pan.dev/api/cloud/cwpp/

Resolved! PCC/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task generates JSON unacceptable to AWS

Given that I navigate to PCCConsole/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task

And I paste the Fargate Task Definition JSON produced by AWS ECS

When I push the 'Generate protected task' button

And

...

how to hide the underlying OS vulnerabilities for a container as we are running aks

We are using AKS and seeing lot of Vulnerabilities on the OS level which are Azure's responsibility to remediate. So how do we suppress seeing these OS vulnerabilities on the Vulnerbility Explorer or when we click an image within a container?

cybersecurity

Prisma cloud[ERROR] Runtime.ImportModuleError: Unable to import module 'twistlock': Failed to import module: lambda_function Traceback (most recent ca

We are getting the following error in our Lambdas,

[ERROR] Runtime.ImportModuleError: Unable to import module 'twistlock': Failed to import module: lambda_function

Traceback (most recent call last):

After troubleshooting, our team identifies tha

...

In the Prisma i can see vulnerabilities pointing on files that are not there anymore

Hello everyone,

In the Prisma compliance check, I see some vulnerabilities that seem outdated.

For example, Prisma reports a vulnerable file that does not exist and, most likely, it's not there for a while.

Is it a bug, or I'm missing some

...

Show (X;Y) doesn't work trying to combine aws-ec2-describe-security-groups and aws-ec2-describe-vpcs

Hi All,

I would really appreciate some help here, as I have tried hundreds of iterations to get this right and it isn't working.

I followed the RQL guidance of the RQL example library, but even a basic example doesn't work with show(X;|Y;)

I tried th

...

Resolved! Given GET PCC/api/v22.06/registry/names, why does API return NULL for only the artifactory registry names?

Given this command

curl -k \
-u "${PRISMA_KEY_ID}" \
-H 'Content-Type: application/json' \
-X GET \
"${PRISMA_CLOUD_COMPUTE_CONSOLE_API_ADDR}/api/v22.06/registry/names"

When it is invoked

Then it returns these ECR and artifactory regsitry names

["jfrog.n...

Tenable.io x Compute Defender Agent - Prisma Cloud

Hello everybody

Please, would anyone have a comparison table between the tenable.io solution and the compute defender from Prisma cloud solution for the vulnerability analysis?

Tks

Issue with nat policies in Prisma ION device

Here is the error on this issue,
I cannot enable the NAT rule after upgrading the ION 2K device to the 5.4.13 version.
NAT extension cannot be enabled for the device having support for nat policy.

Having an issue with NAT extension cannot be enable

...

Resolved! Prisma Cloud Compute custom compliance scripts checking kubernetes pod yaml

Is it possible to use a custom compliance script to check for specific contents within a container's pod yaml? Basically I'm trying to check for a bit of text in the pod spec so that I can block any containers that don't have it.

If anyone has any

...

Discussions

Agentless scanning on Google Cloud platform

Unable to get container defender to detect denied IP address on host

Resolved! How to triage an EKS Cluster with Prisma Defender daemon set NOT appearing in the console?

Resolved! Scanning Source-Code for Secrets: Is Prisma Cloud Code Security a rebranding of BridgeCrew?

Resolved! Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

Resolved! PCC/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task generates JSON unacceptable to AWS

how to hide the underlying OS vulnerabilities for a container as we are running aks

cybersecurity

Prisma cloud[ERROR] Runtime.ImportModuleError: Unable to import module 'twistlock': Failed to import module: lambda_function Traceback (most recent ca

In the Prisma i can see vulnerabilities pointing on files that are not there anymore

Show (X;Y) doesn't work trying to combine aws-ec2-describe-security-groups and aws-ec2-describe-vpcs

Resolved! Given GET PCC/api/v22.06/registry/names, why does API return NULL for only the artifactory registry names?

Tenable.io x Compute Defender Agent - Prisma Cloud

Issue with nat policies in Prisma ION device

Resolved! Prisma Cloud Compute custom compliance scripts checking kubernetes pod yaml

How to list findings via API calls

Prisam cloud

Available operator values for Alerts API Filter?

Cloud Configuration Report for Auditors

Prisma Cloud Compute Multi Tenancy and creating Project

Re: NuGet Serverless defender

Re: Will the Azure Spain region be supported in Prisma Cloud?

Re: How to list findings via API calls

Re: Twistcli scan takes longer with more images on local disk

Re: Kubernetes CIS Scans for EKS and OKE

Unlock your full community experience!

Resolved! How to triage an EKS Cluster with Prisma Defender daemon set NOT appearing in the console?

Resolved! Scanning Source-Code for Secrets: Is Prisma Cloud Code Security a rebranding of BridgeCrew?

Resolved! Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

Resolved! PCC/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task generates JSON unacceptable to AWS

Resolved! Given GET PCC/api/v22.06/registry/names, why does API return NULL for only the artifactory registry names?

Resolved! Prisma Cloud Compute custom compliance scripts checking kubernetes pod yaml