Documentation for Twistlock
Is there a detailed documentation to use AWS ECS with Prisma Cloud compute (twistlock) ? I'm trying to setup Prisma Cloud Compute with AWS for the first time and would appreciate a step by step guide.
Is there a detailed documentation to use AWS ECS with Prisma Cloud compute (twistlock) ? I'm trying to setup Prisma Cloud Compute with AWS for the first time and would appreciate a step by step guide.
This has been an ongoing issue for at least a few days now. I have an issue I want to get support on but the support form does not allow for completion.
The first dropdown: technology - works fine.
second dropdown: product - presumably auto-filled af
...
I am sure someone has had this issue.
We want to get an alert if we allow access to all IP's on all ports. The policy is based on this example:
filter '$.X.state.name equals running and $.X.publicIpAddress exists and $.X.securityGroups[*].groupId c
...
Hi,
very basic general question.
How can I give feedback if a Recommendation is wrong / can not be followed?
My example is
Threat Detection on SQL databases is set to Off
1. Login to Azure Portal.
2. Go to SQL databases
3. For each DB instance
4. Click o
...
Dear Friends,
Can someone explain what is all about the compute in prisma cloud tool??It's showing empty. How can i leverage it for effecting threat hunting of the misconfigurations/abnormalities/fraud user activity/network anomalies?
Hi Friends,
We have a policy called "Azure SQL Server audit log retention is less than 91 days" with several alerts triggered for this.Now we have cloned the same policy with modified query inside the policy as 90 days.Here my doubt is what will happ
...
Hi everyone.
I want to be able to list any AWS account that is not monitored by Prisma
We have AWS Organizations configured. However I don't see any RQL to interrogate that to show the accounts in Organizations and compare to _AWSCloudAccount.isRedL
...
Hi,
Can someone help me with an RQL to display the list of Users, policies attached, and the actions allowed in the policies.
I want to be able to export this into a CSV. Any help here is much appreciated.
Thanks,
Sultan
Hello,
I have an error when we are implementing a RQL query in the Investigate tab.
We make a join query searching in a VMs list and a NICs list in the prisma platform over a Azure suscription.
The problem seems to be over the filter part when we use t
...
Hi All,
I just Integrated Slack with my Redlock Account, and during test run, I got the message from the username
"Prisma cloud test notification"
I want to change it from this to "Redlock",
Please guide me how to do it.
Thanks.
@all
Im running a query in Investigate, like
event where cloud.account = 'XXX ' AND crud = 'login'
and IP addresses are not converted to locations, the Location and Country columns are displaying Unknown.
am I overlooking something?
Hi Team,
I am curious to know when prisma-cloud team is coming up with new feature multi-line aws cli command in auto remediation.Can we expect it in next release?
Hi guys.
I am looking at a implementation that has been running for over a year - however little work has been done just yet. The system has 54000 OPEN alerts. I want to check which alerts are still valid (ie. do the resource at the end of the alert
...
RQL:
network where src.publicnetwork in ('Suspicious IPs','Internet IPs') and dest.port in (1433, 1521, 3306, 5000, 5432, 5984, 6379, 6380, 8080, 9042, 11211, 27017, 28015, 29015, 50000) AND dest.resource IN ( resource where tag ( 'Aviatrix-Created-R
...
We have a custom AWS security checklist that we are manually running against each AWS account, and in that, we have a check to see if key pairs of all EC2 instances are created per function and per region when creating an instance with AMI. I'm looki
...Subject | Likes |
---|---|
1 Like |