I got an AHA/Idea (aka RFE) for Prisma Cloud's Network Anomaly of Port Scan Activity (external) as Prisma Cloud just alerts as-is if someone is knocking at our door regardless if the port is secure otherwise.
We want some intelligence built-in to check first if that port scanned is a real threat with a risky configuration but if it is hardened and secured then it should NOT alert at all to not add to the noise.
Here's my IDEA- please vote for it for the vendor to work into adding more checks and intelligence to the Policy:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!