Prisma Cloud Discussions

Welcome to the Prisma Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! RQL query to detect external port exposure across AWS, GCP, Azure

Hello Everyone,

Wanting to see if anyone has queries for each cloud provider in relation to checking for external exposure to ports such as 443, 22, 3389, etc..

We would like to be able to see what ports/endpoints we have open to the world from a 0

...

Prisma Cloud Compute Defender missing iptables executables

I'm using Prisma Cloud Compute Edition 22.01.880 in a Kubernetes cluster. Under Radars > Settings > Network Monitoring, I have container and host network monitoring turned on. I deploy the Defenders to the Kubernetes nodes using a DaemonSet. When

...

Issue in reported vulnerability

Hi Prismacloud team,

We are getting below three golang vulnerabilities in all images and hosts which don't have golang installed.

These go vulnerabilities are reported even in all the node based docker images and also in all hosts which don’t have any

...

Is this CVE for node.js or next.js?

My console is flagging node.js v16.14.0 with CVE-2021-43803 which appears to be targeting Next.js instead. I checked the CVE and it looks like it was recently updated from OR to and AND rule. Could this be an outdated rule? My intelligence stream is

...

Resolved! Does Prima Cloud install agents on the kubernetes containers or it uses the CN-Series container firewall for control?

Hello,

I am still not so good with Prisma Cloud, so I have to ask if Prima Cloud installs agents on the kubernetes containers or it uses the CN-Series container firewall for control? As prima cloud can control the container communication I have

...

Prisma Cloud - Vulnerability Management

Hii,

I would like to know why Primsa Cloud keeps showing vulnerabilities in images or vulnerable packages that have been fixed.

Thanks

Issue when configuring SSO - "Prisma Cloud Access SAML URL" field

Hello,

I have the following error code when I try to type *anything* in the "Prisma Cloud Access SAML URL" field.

The GUI immediately fails with the following error code: 3b1b16703754455989b01793f0ef4fd7

Kind regards

Prisma cloud compute does not update scan result under Monitor section

Stumbled on this when searching for answer: https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/prisma-cloud-compute-function-scan-on-azure-does-not-detect/m-p/446923#M424

Seems like it hasn't been answer but the issue still happen, not s

...

Image Pull back on new node in Kuberenetes

All of sudden i have getting below issue on new nodes which are part of daemonset installation

Normal BackOff 74s (x554 over 126m) kubelet Back-off pulling image "registry-auth.twistlock.com/tw_u5ko4ug7ddtzhneqzja4fcyf1eekkuxc/twistlock/defender:de

...

I cannot check the detailed json file for a specific resource in Prisma Cloud Asset.

You can see the following message in the Prisma cloud Asset menu.
I wonder what this means.

Resolved! Twistlock扫描Github公共代码仓库示例

Twistlock扫描Github公共代码仓库示例

以github上其中⼀个public仓库 https://github.com/hashicorp/packer 为例:
1. 添加配置

或者:

PS. 下⾯Rules部分可以添加合规性规则

2. 保存

3.保存后会⾃动扫描

4.查看扫描结果, ⼀个是漏洞结果, ⼀个是合规性结果:

PS. 点击截图中红⾊圆圈的scan就可以⼿动触发扫描

"Failed to resolve RBAC resources for defender" - Repeating defender ERRO in console logs.

Every 15 minutes for several agents from different k8s clusters, such an error appears in the console:

ERRO 2022-01-30T21:38:05.885 pubsub_defender.go:2154 Failed to resolve RBAC resources for defender *defender_name*: {*k8s_cluster_name* {Get "htt

...

Enhanced auto-remediation

Hi Folks,

I use that enhanced auto-remediation (https://github.com/PaloAltoNetworks/Prisma-Enhanced-Remediation#getting-started) trying to auto remediate alerts detected in Prisma.
For some reasons some alerts that can not be remediated due to lack o

...

Serverless function Scan specific region

Hi Expert ,

I would like to know that we can specify some regions with not scan all-region for serverless function scan ? or in this case we will restrict account with IAM to specific region

Thank you

Resolved! Is the Palo Alto Prisma Cloud WAAS a host based WAF or a Runtime Application Self Protection (RASP) solution?

Hello,

I was curious if is the Palo Alto Prisma Cloud WAAS just a host based WAF or a Runtime Application Self Protection (RASP) solution? My idea is that RASP is getting popular as way to block 0 day server web attacks even without signatures us

...

Discussions

Welcome to the Prisma Cloud Discussions!

Rules and Best Practices

Resolved! RQL query to detect external port exposure across AWS, GCP, Azure

Prisma Cloud Compute Defender missing iptables executables

Issue in reported vulnerability

Is this CVE for node.js or next.js?

Resolved! Does Prima Cloud install agents on the kubernetes containers or it uses the CN-Series container firewall for control?

Prisma Cloud - Vulnerability Management

Issue when configuring SSO - "Prisma Cloud Access SAML URL" field

Prisma cloud compute does not update scan result under Monitor section

Image Pull back on new node in Kuberenetes

I cannot check the detailed json file for a specific resource in Prisma Cloud Asset.

Resolved! Twistlock扫描Github公共代码仓库示例

"Failed to resolve RBAC resources for defender" - Repeating defender ERRO in console logs.

Enhanced auto-remediation

Serverless function Scan specific region

Resolved! Is the Palo Alto Prisma Cloud WAAS a host based WAF or a Runtime Application Self Protection (RASP) solution?

How Prisma Cloud Protects its SAAS platform

Container defender installation fails on ARM64

invalid_src_credentials on REST API Login to prismacloud.io

RQL query to list the VMs having a public IP address

Prisma Cloud Enterprise pairing with Cortex XDR

Re: How Prisma Cloud Protects its SAAS platform

Re: Failed to onboard AWS account in Prisma Cloud

Unlock your full community experience!

Rules and Best Practices

Resolved! RQL query to detect external port exposure across AWS, GCP, Azure

Resolved! Does Prima Cloud install agents on the kubernetes containers or it uses the CN-Series container firewall for control?

Resolved! Twistlock扫描Github公共代码仓库示例

Resolved! Is the Palo Alto Prisma Cloud WAAS a host based WAF or a Runtime Application Self Protection (RASP) solution?