Can we combine 2 Investigate Query types like "Asset" and "Vulnerability"?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can we combine 2 Investigate Query types like "Asset" and "Vulnerability"?

L0 Member

Hello,

 

I'd like to look up all Critical and High vulnerabilities that are Patchable and Exploitable in a Cloud Account with a certain Asset type. I see that if I pick the "Vulnerability" query type with Risk factors - Patchable and Exploitable, it doesn't let me pick the Cloud Accounts that I want. 

In addition to that, I'd like to generate this report so I can send to the Cloud Account owners so it's easy to let them know the exact CVEs and their patches.

 

Thank you,

Jennifer

1 REPLY 1

L3 Networker

Hi Jennifer,

Your observation is correct. Today we can't query all of that data from Assets or Vulnerabilities, or join the results in some way. At least not by default. I was able to confirm that it will be possible in future since more features or filters, etc will be added to asset queries. However, I don't have any ETA.

 

Right now, it would take some custom scripting to get results from more than one API call, and then cross reference results depending on on which fields the results have in common,  etc.

 

Regards,

Brandon Goldstein, Sr. Customer Success Engineer, Prisma Cloud | PCCSE, GCP PCSE
  • 888 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!