I had this link bookmarked a while ago and now it seems to have been taken down. Is there still native integration? I can't find any documentation around it and it does not show up as an option under enterprise settings->integrations.
I have the thresholds for Unusual Server Port Internal activity set to the most conservative settings to minimize false positives but it seems like the highest port consistently gets flagged as "unusual". In the example below there are 15 ports labe
If you have an AWS EC2 instance with 443 exposed to the internet, you would get an alert but what would be a good way to validate that a particular instance has a WAF protecting it? One thing I was thinking of would be to do a joins looking at the E
I'm fairly new to CWPP and tried some native and free options and looking at commercial products now. VNETs, Traditional compute and private endpoints are not difficult to grasp, while the transition to serverless is sli
Prisma Cloud is a cloud security posture management (CSPM) and cloud workload protection platform (CWPP) that provides comprehensive visibility and threat detection across your organization’s hybrid, multi-cloud infrastructure. And guess what ... it
I'm very new of PrismaCloud and CWPP category. I've tried scan image on ECR following below TECHDOCS but it failed with the error "Registry Scan: Failed to query image details hello-ykym latest failed unmarshaling registry manifest response
At first glance, it looks as if there is no real way to put a setting to the Anomaly Setting for "Port Scan Activity (External)". The rationale behind the question is, you're only looking at the amount of scans for the Conservative Moderate and Aggr
Is it possible to build an RQL query to look at a certain host and determine if it is talking to a suspicious IP address and create an auto-remediation rule that restricts the host traffic and isolates it so it is no longer talking to the suspicious