Detecting unprotected web apps

Prisma Cloud scans your environment for containers and hosts that run web apps, and reports any that aren’t protected by WAAS.
During the scan, Prisma Cloud detects HTTP servers listening on exposed ports and flags them if they are not protected by WAAS.
Unprotected web apps are flagged on the radar view and are also listed in
Monitor > WAAS > Unprotected web apps
.
Unprotected web apps scan is available for containers
The following screenshot shows how Radar shows an unprotected web app:

Report for unprotected web apps

The following screenshot shows how unprotected web apps are reported in
Monitor > WAAS > Unprotected web apps
:
In the Containers tab, the report lists the images containing unprotected web apps, the number of containers running those images, and the ports exposed in the running containers.
In the Hosts tab, the report lists the hosts on which unprotected web apps are running, the number of processes running those apps, process names and the ports exposed in the hosts.
This information can be used when adding new WAAS rules to protect containers and hosts.
Above the table is the date of the latest scan. The report can be refreshed by clicking the refresh button.
Users can export the list in CSV format. The CSV file has the following fields:
  • Containers
    - Image, Host, Container, ID, Listening ports
  • Hosts
    - ID, Unprotected processes

Disabling scans for unprotected web apps

By setting the Scan for unprotected web applications toggle to the
Disabled
position, users are able to disable periodic scanning for unprotected web applications and APIs.
The toggle in either the `Containers or `Hosts tabs will disable scanning of containers and hosts simultaneously when disabled.

Recommended For You