In the Prisma i can see vulnerabilities pointing on files that are not there anymore

Show (X;Y) doesn't work trying to combine aws-ec2-describe-security-groups and aws-ec2-describe-vpcs

Hi All,

I would really appreciate some help here, as I have tried hundreds of iterations to get this right and it isn't working.

I followed the RQL guidance of the RQL example library, but even a basic example doesn't work with show(X;|Y;)

I tried th

Tenable.io x Compute Defender Agent - Prisma Cloud

Hello everybody

Please, would anyone have a comparison table between the tenable.io solution and the compute defender from Prisma cloud solution for the vulnerability analysis?

Tks

Issue with nat policies in Prisma ION device

Here is the error on this issue,
I cannot enable the NAT rule after upgrading the ION 2K device to the 5.4.13 version. 
NAT extension cannot be enabled for the device having support for nat policy.

Having an issue with NAT extension cannot be enable

Automatically check Prisma Cloud account status?

Is there a mechanism to automate checks/provide notification of the status of a cloud account in Prisma Cloud?

(i.e. If we are relying on Prisma Cloud to provide detection capabilities how can we monitor that the service itself is functioning and has

Deployment of AWS SecurityHub and PrismaCloud

I'm a new Prisma Cloud user and I'm here to ask for help. I have AWS Security Hub with all the rules allowed forwarding logs to Prisma Cloud, but I cannot validate that the logs are being forwarded correctly to Prisma Cloud.
Even using the alerts sess

Where can I browse the Prisma Cloud Compute Alerts? Why are Alerts generated by CVEs failing Alert provider AWSSecurityHub?

I have configured Prisma CloudCompute Console/Manage/Alerts/Manage/Alert providers/AWSSecurityHub.

When I <Send Test Alert>, the console reports success and the status of that integration is green, "Connected".

I have also configured Registry scans

Automate Newly created cloud account in Prisma cloud

Hi,

Can anyone direct me to a document or script that can be used to automate account onboarding whenever a new AWS account is created in the organisation. I have this on github but the seems to be the entire process of onboarding Prisma cloud;

https:/

Prisma Cloud Support for - AWS IDP OIDC

We need to be able to inventory, search, and create policies related to OIDC type IDPs within AWS. AWS supports via CLI with the use of: list-open-id-connect-providers

https://docs.aws.amazon.com/cli/latest/reference/iam/list-open-id-connect-providers

How to write RQL to check the log activity/operations with respect any host name of the resource??

Is there a way to write RQL to check the traffic towards that resource/to know the operations/activity details with respect to particular resource host name?In the circumstances where we are not aware of the cloud type??and if can't atleast with clou

RQL AWS Failed Login attempts > 5

Hello team.

I can look for an event to see failed login attempts with;

event where operation = 'ConsoleLogin' and json.rule = $.responseElements.ConsoleLogin != 'Success'

Is there a way to count these (like we see in config with 'as X; count(X) greater

What is the reason for the RQL filter of the RDS Multi-AZ disabled Policy?

Policy Name : AWS RDS instance with Multi-Availability Zone disabled.

Policy Mode : Prisma Cloud Default

RQL : config where cloud.type = 'aws' AND api.name = 'aws-rds-describe-db-instances' AND json.rule = '(engine does not contain aurora and engine do