Prisma Cloud Discussions

RQL to unassociated/unused security group in AWS/Azure

Do you guys have any experience of using custom policies to find unused/unattached security group in any cloud environment? Would like to see and take reference. Thanks

Where do I investigate Radars/Hosts => Network/Outbound destinations?

On the Network tab for my hosts in the Radars/Hosts view, Cuba is being flagged as an outbound destination.
I'm curious how to drill down into why that's the case to determine whether this is erroneous or not.

This is on a self-hosted deployment versio

RQL query for tag-based exception

Hi,

I'm trying to help a customer filter out false-positives in the Prisma Cloud policies. For instance, we have a customised "Internet exposed instances" where they previously have white listed specific IP addresses, which is not very dynamic. Instea

twistcli with buildah?

Hi There,

We have a build process that we are migrating to a rootless containerized builder, and are using buildah to build and push the images instead of docker. If I pull an image with buildah, it downloads the image but when I run twistcli on that

Not Able to triggered alert on Prisma cloud after integration with Service now

Hi Team,

We recently integrated our Prisma Cloud Solution with Service Now tool to get the auto generated ticket on service now. 

we reverify the configuration and looks good.

Thereafter , we violate the policy from AWS account but alert is not gettin

Trying to find a way to generate TW_POLICY key value pair for deploying serverless single defender using Prisma Cloud SAAS APIs

Hi Everyone,

• My team is trying to find a way to generate TW_POLICY key value pair for deploying serverless single defender using Prisma Cloud SAAS APIs and any help in this regard will be much appreciated.
• Also, we observed that the value of the TW_PO

Panorama PANOS up-gradation

Hi,

My Panorama PANOS version is 9.1.6 and Prisma cloud configured on it. and we will upgrade the PANOS to 10.0.6

for Prisma Access, the plugin has been already updated to cloud_services-2.0.0-preferred

Kindly confirm if the Data Plane version can be up

Container image scanning for Images built in JIB library or Ko

Our current CI build uses Jib and Ko libraries to build container images. Would like to explore if Twistcli can scan those images which are not built using Docker or Podman?

Container scanning image through GitHub Action 401 Unauthorized error.

I'm trying to inject this https://github.com/PaloAltoNetworks/prisma-cloud-scan Prisma Cloud Scan Action in my GitHub Action. Failed with 401 Unauthorized Error. Also, tried with twislockcli and getting same error. Prisma Cloud admin reset the passwo

How to get Device SN, Auth Code, or Parent Order Number for Support for Prisma Compute user

I need to add more users to our support portal. They support Prisma Cloud, Compute Edition.  I have sent them to the support portal, and when they go to register, they need the Customer Id, which I have, and either the Device Serial Number, the Auth

RQL Query - Trying to Link Security Groups that are not linked to a particular Transit Gateway ID. but getting Bad Request Error

Trying to Join 2 API: aws-ec2-describe-security-groups & aws-vpc-transit-gateway-attachment

1. List of Security Groups that allow everything:

config from cloud.resource where cloud.type = 'aws' AND api.name= 'aws-ec2-describe-security-groups' AND jso

prismaCloudScanImage doesn't find vulnerabilities that are otherwise discovered with runtime radars

We have setup twistlock / prisma cloud to scan our images for vulnerabilities and compliance. While given the same rules, the runtime defence radars discover 2 vulnerabilities and 2 compliance violations in a particular image, when I run a scan with 

Support to externalize MongoDB used in twistlock console

I'm using twistlock console as a docker container running in Kubernetes cluster with the default configuration. I wanted twistlock console to use the external mongo db instance I have in my cluser instead of its internal DB.

Is there any configuratio

Python requirements.txt

For Python, Prisma Cloud picks up vulnerabilities found in packages defined in the requirements.txt file in codebases. However, I could easily set up a Docker image to run `pip install dangerous-package==1.1.2`, and that would run long before any cod

Prisma Cloud Compute function scan on Azure does not detect change in package.json dependency

Prisma Cloud newbie here. I'm trying to figure out why the vulnerability scan for functions in Prisma Cloud does not detect changes to a CVE that was fixed in a dependency of an Azure function app in our environment. It does detect the Azure function