Whitelisting specific assets in prisma cloud.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Whitelisting specific assets in prisma cloud.

L0 Member

Hi team, 

 

The team is given a high privilege set of permissions only when a change request is filed or if the team will have to implement such activities and once the activity is done the set of permission is removed in their access. In line with this the permission related policies triggers in the prisma cloud console and resolves on its own with a resolution status of scheduled since no significant changes is made on the cloud account. 

 

We would like to know if there is a way in the prisma cloud console to whitelist specific assets to limit the number of alerts that triggers the policy and at the same time we still be able to monitor such broad permissions. 

 

Thanks, 

Alera

1 accepted solution

Accepted Solutions

L0 Member

Hi @arbantayan 

May I suggest to identify the assets and the type of activities involved during these changes so the scope is fully identified; then you can explore playing with Prisma Cloud Alert rules that allow you to have control over specific account groups,  even have some cloud accounts excluded, but most importantly assign only the policies in your use-case scope.  
Be aware that leaving an asset out of any alert rule will cause to stop triggering alerts about such asset , and even when the asset is visible and you can see its findings at any time it is recommended to focus on the policies triggering the alerts that matter

Please take a look to the following documentation for reference:

https://docs.prismacloud.io/en/enterprise-edition/use-cases/secure-the-source/risk-prevention

 

View solution in original post

2 REPLIES 2

L0 Member

Hi @arbantayan 

May I suggest to identify the assets and the type of activities involved during these changes so the scope is fully identified; then you can explore playing with Prisma Cloud Alert rules that allow you to have control over specific account groups,  even have some cloud accounts excluded, but most importantly assign only the policies in your use-case scope.  
Be aware that leaving an asset out of any alert rule will cause to stop triggering alerts about such asset , and even when the asset is visible and you can see its findings at any time it is recommended to focus on the policies triggering the alerts that matter

Please take a look to the following documentation for reference:

https://docs.prismacloud.io/en/enterprise-edition/use-cases/secure-the-source/risk-prevention

 

L0 Member

Please help out other users and click “Accept as Solution” if a post helps solve your problem! Here’s how and why to accept solutions.

  • 1 accepted solution
  • 931 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!