Prisma Cloud Discussions

Welcome to the Prisma Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Compliance Report by Account

Hello,

I have created custom compliance report in Prisma Cloud but I would like the the report to show findings by AWS account or AWS account owner. Is this possible?

Resolved! twistcli app-embedded embed command format for EKS containers on Fargate?

Most of my API and twistcli commands work but I cannot get an app-embedded defender to be returned…. I have tried these two commands returns the same error…

declare -x PRISMA_CLOUD_COMPUTE_CONSOLE_API_ADDR="https://us-east1.cloud.twistlock.com/us-1-X

...

Resolved! Curl command to generate App Embedded Defender zip file for Deployment Type, Dockerfile

Given that I want to automate the generation of App Embedded Defender zip file

And there exists a CWPP API documented here, https://prisma.pan.dev/api/cloud/cwpp/defenders#operation/post-defenders-app-embedded

When I attempt to use the example comman

...

Resolved! CWPP API Documentation or Examples on usage of query parameters search and fields

I want to see ALL of the docker labels for a scanned image so I am trying this API, https://prisma.pan.dev/api/cloud/cwpp/registry#operation/get-registry

Invoking that API with query parameter name...

curl -k \
-u "${PRISMA_KEY_ID}:${PGE_PRISMA_SECR...

Why are EKS Clusters defended with daemonsets NOT rendering in PCC/Radars/Containers?

Navigating to PCC/Radars/Containers, the console renders a single cluster.

But we have many other clusters where Cloud Discovery reports the Clusters are Defended.

for example...

Why are neither of these two EKS Clusters that I defended with daemon

...

Why are EKS Clusters defended with daemonsets NOT rendering in PCC/Manage/Defenders/Manage DaemonSets?

Navigating to PCC/Manage/Defenders/Manage DaemonSets, I see NO EKS daemonsets rendering in the console.

However, Cloud Discovery renders these two EKS clusters Defended=True.

What am I doing wrong? Is it supposed to work this way? Or, What ha

...

Resolved! Search public ip in any resource

Hello everyone,
Is there any RQL that searches for a public ip in the cloud? I don't know which resource is EC2, ALB... I only have the public ip and I don't know how to find it.

TKS

Agentless scanning on Google Cloud platform

Hi All,

Hope you are doing well.

Anyone using Agentless scanning for their GCP env? I have a GCP environment with some restrictions ie org policies applied for skip default network creation, external IPs not allowed (but exempted for test project).

...

Unable to get container defender to detect denied IP address on host

For some reason I am unable to see any events being generated for denied IP addresses when running a container defender on one of our hosts.

Did the following:

installed a container defender on a linux host.
created a host policy that targets the ho

...

Resolved! How to triage an EKS Cluster with Prisma Defender daemon set NOT appearing in the console?

So my co-worker has implemented some containerized solution and deployed it to EKS.

I used my access key to create a defender.yaml for him.

twistcli defender export kubernetes \
--address ${PRISMA_CLOUD_COMPUTE_CONSOLE_API_ADDR} \
--user ${PRISMA_ADMIN...

Resolved! Scanning Source-Code for Secrets: Is Prisma Cloud Code Security a rebranding of BridgeCrew?

I am aware of Prisma Cloud Code Security Secrets Scanning.

I am aware of bridgecrew's secrets scanning.

Are these products one-and-the-same?

If not, what's the difference?

when and where is each appropriate?

Resolved! Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

If yes then, which API call?

I can't find it here... https://prisma.pan.dev/api/cloud/cwpp/

Resolved! PCC/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task generates JSON unacceptable to AWS

Given that I navigate to PCCConsole/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task

And I paste the Fargate Task Definition JSON produced by AWS ECS

When I push the 'Generate protected task' button

And

...

how to hide the underlying OS vulnerabilities for a container as we are running aks

We are using AKS and seeing lot of Vulnerabilities on the OS level which are Azure's responsibility to remediate. So how do we suppress seeing these OS vulnerabilities on the Vulnerbility Explorer or when we click an image within a container?

Discussions

Welcome to the Prisma Cloud Discussions!

Rules and Best Practices

Resolved! Compliance Report by Account

Resolved! twistcli app-embedded embed command format for EKS containers on Fargate?

Resolved! Curl command to generate App Embedded Defender zip file for Deployment Type, Dockerfile

Resolved! CWPP API Documentation or Examples on usage of query parameters search and fields

Why are EKS Clusters defended with daemonsets NOT rendering in PCC/Radars/Containers?

Why are EKS Clusters defended with daemonsets NOT rendering in PCC/Manage/Defenders/Manage DaemonSets?

Resolved! Search public ip in any resource

Agentless scanning on Google Cloud platform

Unable to get container defender to detect denied IP address on host

Resolved! How to triage an EKS Cluster with Prisma Defender daemon set NOT appearing in the console?

Resolved! Scanning Source-Code for Secrets: Is Prisma Cloud Code Security a rebranding of BridgeCrew?

Resolved! Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

Resolved! PCC/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task generates JSON unacceptable to AWS

how to hide the underlying OS vulnerabilities for a container as we are running aks

cybersecurity

How Prisma Cloud Protects its SAAS platform

Container defender installation fails on ARM64

invalid_src_credentials on REST API Login to prismacloud.io

RQL query to list the VMs having a public IP address

Prisma Cloud Enterprise pairing with Cortex XDR

Unlock your full community experience!

Rules and Best Practices

Resolved! Compliance Report by Account

Resolved! twistcli app-embedded embed command format for EKS containers on Fargate?

Resolved! Curl command to generate App Embedded Defender zip file for Deployment Type, Dockerfile

Resolved! CWPP API Documentation or Examples on usage of query parameters search and fields

Resolved! Search public ip in any resource

Resolved! How to triage an EKS Cluster with Prisma Defender daemon set NOT appearing in the console?

Resolved! Scanning Source-Code for Secrets: Is Prisma Cloud Code Security a rebranding of BridgeCrew?

Resolved! Is it possible to Query Prisma Cloud Compute for Alerts? I am not interested in Prisma Cloud Alerts.

Resolved! PCC/Manage/Defenders/Deploy/Defender/Single Defender/Container Defender - App Embedded/Fargate task generates JSON unacceptable to AWS