Improvements, fixes, and performance enhancements

Adds a published date for vulnerabilities with the PRISMA-* identifier. With this fix, grace periods in vulnerability policies now work properly for PRISMA-* vulnerabilties.

Adds for support for AKS 1.22.6 for Linux and Windows with containerd.

Fixes an issue with code repo scanning when the policy specifies that Prisma Cloud should create pull requests with fixes. Previously, a new branch with the fixes was created, but no pull request was created, and a comment meant for the Prisma Cloud PR was added to a different, pre-existing, unrelated (wrong) PR. Now PRs are properly created.

Fixes a regression where the scan results returned from running twistcli with the --containerized option crashed the Console UI.

Fixes an issue with the autocomplete mechanism for input fields in the Console UI when there is a large amount of data.

Signs the Prisma Cloud Compute Host Defender binary for Windows so that it isn’t quarantined by Microsoft Defender.

[SaaS] Fixes a navigation issue in the SaaS Console, where system admins, who have access to all Compute Console pages, are initially redirected to the
Radars > Containers
page with an "Invalid path" error when navigating to a page in Compute Console from a page outside Compute Console.

Fixes an issue in Cloud Discovery where the results returned in the Console UI were just HTTP 429 rate limit error messages.

Fixes an issue where a reverse shell attack wasn’t properly identified on Alpine Linux.

Fixes an issue where Red Hat Enterprise Linux (RHEL) packages were incorrectly reported as vulnerable (for example, libxml2-python 2.9.1-6.el7_9.6).

Updates how the Prisma Cloud Compute scanning process impacts artifact metadata in JFrog Artifactory. The scanning process no longer updates the
Last Downloaded
date for all manifest files of all the images in the registry.
The
Last Downloaded
date of the manifest files of the images that are eventually pulled for scanning, based on your registry scan policy, will be updated. The scan process first evaluates which images to scan by retrieving all manifest files for all images. In this phase of the scan, the
Last Downloaded
date will no longer be impacted. In the next phase, where Prisma Cloud actually pulls an image to be scanned, the manifest file’s
Last Downloaded
date will be updated. Often, the number of images scanned will be a subset of all images in the registry, but that’s based on your scan policy.
Just because an image has been selected for scanning, doesn’t mean that it will actually be pulled. If an image’s hash hasn’t changed, it won’t be pulled for scanning, so the
Last Downloaded
date will be unchanged.
As part of the process for evaluating which images should be scanned, in addition to reviewing the manifest files, Prisma Cloud also examines the actual images. As part of examining the image files, the
Last Downloaded
date for these images files is updated. In the next release of Prisma Cloud, this will be fixed so that the
Last Downloaded
date won’t change unless the image is actually pulled and scanned.
This new capability is supported on JFrog Artifactory 7.21.3 and later. When configuring Prisma Cloud registry settings, version must be set to
JFrog Artifactory
. This capability isn’t supported when version is set to
Docker v2
.

Fixes an issue with runtime protection where audits and incidents were raised even when the events occurred in whitelisted file system paths.

Updates open source packages used in Prisma Cloud Compute.