Table of Contents
End-of-Life (EoL)

22.06 Release Notes

The following table outlines the release particulars:
Code name
Release date
June 09, 2022
Major release
SHA-256 Digest

CVE Coverage Update

As part of the 22.06 release, Prisma Cloud has rolled out updates to its vulnerability data for Common Vulnerabilities and Exposures (CVEs) in the Intelligence Stream. The new additions are as follows:
  • Support for Github Security Advisories vulnerabilities including Go, Java, and Python vulnerabilities.
  • Increase of 152% new PRISMA-IDs since the Joule major release.
  • Faster addition of CVEs (pre-filled CVEs).
    The pre-filled CVEs were added to the Intelligence Stream on an average of 56 days before they were analyzed in the NVD. As an example, the SpringShell CVE (CVE-2022-22965) was published on March 31, 2022, and the NVD analysis was completed on April 8, 2022. ‘PRISMA-2022-0130’ was published for the vulnerability on March 30, 2022, and was changed to the CVE as soon as it was published in the NVD.

New Features in the Core Platform

In addition to familiarizing yourself with the new features and enhancements in this release, review the minimum System Requirements for versions that are tested and supported on 22.06.
To download the Prisma Cloud Compute Edition release tarball from the Palo Alto Networks Customer Support Portal (CSP):
  1. Go to
    Updates > Software Updates
    and select
    Prisma Cloud Compute Edition

New Filters in the Vulnerability Explorer

On the Vulnerability Explorer, you can now generate a vulnerabilities report using new filters such as CVSS score and severity threshold. In addition to viewing the filtered results for deployed images, registry images, hosts, and functions under
Vulnerability (CVE) results
, on
Monitor > Vulnerabilities > Vulnerability Explorer
, you can also download a detailed report for CVEs in a CSV format or a detailed report for impacted resources in a CSV format from the Vulnerability Explorer.

Vulnerability Scan Report for Registry Images

With the vulnerabilities report for registry images (
Monitor > Vulnerabilities > Images > Registries
), you can review the top 10 critical CVEs discovered in your registry images and search by a CVE ID to view the results for both registry and deployed images that are impacted by a CVE.

ARM64 Architecture Support

You can now deploy Defenders to protect AWS workloads based on the Linux ARM64 architecture.
With ARM64 support, you can secure your deployments and enhance the cost savings for compute and network-intensive workloads that use cloud-native compute offerings such as the AWS Graviton processor.
To use Prisma Cloud on ARM64 architecture, see the system requirements.

Compliance Alert Triggers for Slack

You can now trigger and send vulnerabilities detected for container and image compliance, and host compliance to your Slack integration.

Integrate with Azure Active Directory Using SAML 2.0

Prisma Cloud Compute now uses the Microsoft Graph API for integrating with Azure Active Directory (AD) resources. This transition is inline with the deprecation notice from Microsoft of the Azure AD Graph API and the Azure Active Directory Authentication Library (ADAL).
For authenticating users on the Prisma Cloud Console, you must replace the Directory.Read.All permission for Azure Active Directory Graph with the Directory.Read.All permission for the Microsoft Graph API. For the correct permissions to use Azure AD with SAML 2.0, see correct permissions.

OIDC User Identity Mapping

You can map OIDC identities to Prisma Cloud users as required by the specification. Instead of using the default sub attribute, you can now use several more friendly attributes like email or username.

Improvements in Runtime Protection

The container model learning is improved to reduce false positive audits when a binary is modified during container creation. The grace time for binaries added after the container has started is now at 10 seconds. Additionally, for CI/CD environments where dedicated containers are used to pull images, you can now allow pulling images. For example, if a container was started with podman as one of its startup processes, the Dockerfile will allow this action and ignore runtime audits.

Enhanced Coverage for Certificate Authentication with Azure

You can now authenticate with Azure using a certificate for the following integrations:
  • Cloud discovery
  • Azure Key Vault
  • ACR registry scanning
  • Azure serverless function scanning
  • Azure VM image scanning

GKE Autopilot Deployment Improvement

When deploying Defenders into your Kubernetes deployment for GKE Autopilot, you have a new toggle in the console and a corresponding twistcli flag that makes the workflow easier. The improvements automatically remove the mounts that are not relevant to the Autopilot deployment and enable you to add the annotation required to deploy Defenders successfully.
On the console,
, select
and enable the
Nodes use Container Runtime Interface (CRI), not Docker
GKE Autopilot deployment
The --gke-autopilot flag in twistcli adds the annotation to the YAML file or Helm chart.

New Features in Container Security

Vulnerability and Compliance Scanning for Workloads Protected by App-Embedded Defenders

App-Embedded Defenders can now scan the workloads they protect for vulnerabilities and compliance issues. They can also collect and report package information and metadata about the cloud environments in which they run.
Go to
Monitor > Vulnerabilities > Images > Deployed
Monitor > Compliance > Images > Deployed
to review the scan reports.

Improved Visibility for CaaS Workloads Protected by App-Embedded Defenders

For CaaS (Container as a Service) workloads protected by the App-Embedded Defenders, you can now view more metadata on the cloud environment on which it is deployed, forensics, and runtime audits on the
Monitor > Runtime > App-Embedded observations
page. You can filter the workloads in the table by a number of facets, including collections, account ID, and clusters.

Runtime File System Audits for App-Embedded Defenders

App-Embedded Defender runtime defense now includes support for container file systems so that you can continuously monitor and protect containers from suspicious file system activities and malware.

Automatically Extract Fargate Task Entrypoint at Embed-Time

To streamline the embed flow and eliminate manual intervention (that is updating task definitions to explicitly specify entrypoints), Prisma Cloud can automatically find the image entrypoint and set it up in the protected task definition.
Now, when Prisma Cloud generates a protected task definition, it knows the entrypoint and/or cmd instructions of the container image during the first run of the App-Embedded Defender.

CloudFormation Template (CFT) Support for Fargate Task Definitions

You can now generate protected Fargate task definitions in the CFT format for embedding an App-Embedded Defender.

Additional Checks for CIS Benchmark for OpenShift

In 22.06, we’ve added support for more checks from the CIS OpenShift benchmark.
For more information, see CIS Benchmarks.

Support for Vulnerability and Compliance Scanning for Windows Containers

Windows Container Defender on hosts with the containerd runtime can now scan Windows containers for vulnerabilities and compliance issues. This is supported on AKS only.
In addition, deployed Windows Container Defenders can now be configured to scan Windows images in registries.
twistcli for Windows has also been extended to scan Windows images on Windows hosts with containerd installed.

Support for Google Artifact Registry

Registry Scanning Enhancements

Enhanced registry scanning progress status within the Prisma Cloud Console UI and logs.
The enhancements provide the option to choose whether to stop or continue an in-progress scan when saving the registry settings.
After you configure registry scanning, Prisma Cloud automatically scans the images within for vulnerabilities using an improved flow.

Scan Image Tar Files with twistcli

This enhancement enables support for vendors who deliver container images as tar files, not via a registry, and the integration with Kaniko, a tool that builds images in a Kubernetes cluster from a Dockerfile without access to a Docker daemon.

Rule to Allow Activity in Attached Sessions

When you start a session inside pods or containers running in your deployment using commands such as kubectl exec or docker exec, you can now explicitly specify whether the rule should allow the activity in attached sessions. This option on
Defend Runtime Container Policy > Add rule > Processes
helps you reduce the volume of alerts generated for the allowed activities and processes.
When enabled, process, network, and filesystem activity executed in an attached session such as kubectl exec, is explicitly allowed without additional runtime analysis.
Only Defender versions 22.06 or later will support this capability.

New Features in Agentless Security

Support for Microsoft Azure

Agentless scanning is now available for vulnerability scanning and compliance scanning on Azure. To configure and onboard agentless scanning on Azure, see configure agentless scanning.

Support for Google Cloud

Agentless scanning is now available for vulnerability scanning and compliance scanning on Google Cloud. To configure and onboard agentless scanning on Google Cloud, see configure agentless scanning.

Compliance and Custom Compliance Support

With agentless scanning you can now scan hosts from all three major cloud providers—AWS, Azure, and Google Cloud—against compliance benchmarks. In addition to out of-the-box checks, you can apply user defined custom compliance checks and scan against the host file system.

Unpatched OS Detection

In addition to vulnerabilities and compliance scanning, you can now track pending OS security updates in this release with agentless scanning.

Unscanned Cloud Account Detection

You can now easily discover regions within AWS, Azure, or Google Cloud accounts where agentless scanning is not enabled, and enable scanning for those cloud accounts.

Proxy Support

In this release, you can manage how scanners connect to the Prisma Cloud Console for agentless scanning. If you use a proxy, you can configure the proxy configuration in the scan settings for accounts under
Manage > Cloud Accounts

New Features in Host Security

Auto-Defend Host Process Update

When you set up the process to automatically deploy Defenders on hosts, this update ensures that Host Defenders are not deployed on container hosts. Hosts running containers require Container Defenders to protect and secure both the host and the containers on it.

CIS Linux Benchmark Update

The CIS Linux Benchmark now includes 13 additional checks. You can find the additional controls in the
Defend > Compliance > Hosts > CIS Linux

New Features in Serverless Security

Runtime Protection for Azure Functions

Serverless Defenders now offer runtime protection for Azure Functions. Functions implemented in C# (.NET Core) 3.1 and 6.0 are supported.

New features in Web Application and API Security (WAAS)

WAAS Out of Band Detection

Out of band is a new mode for deploying Web Application and API Security (WAAS). It enables you to inspect HTTP messages to an application based on a mirror of the traffic, without the need for setting up WAAS as an inline proxy, so that you can receive alerts on malicious requests such as OWASP top alerts, bot traffic, and API events. It provides you with API discovery and alerting without impacting the flow, availability, or response time of the protected web application.
Out of band detection also allows you to extend your WAAS approach:
  • You can monitor your resources deployed on AWS with VPC traffic mirroring from workloads. This option gives you the flexibility to monitor environments without deploying Defenders.
  • If you have deployed Defenders in your environment, but are not using the WAAS capabilities on Compute, you can mirror traffic for an out of band inspection without requiring any additional configuration.
After you configure a custom rule for out of band mode (
Defend > WAAS > Out of band
), all the detections are applied on a read-only copy of the traffic. And you can view the out of band traffic details on
Monitor > WAAS > API observations > Out of band observations

OpenAPI Definition File Scanning

You can scan OpenAPI 2.X and 3.X definition files in either YAML or JSON formats, and generate a report for any errors or shortcomings such as structural issues, gaps in adherence to security guidelines and best practices.
You can initiate a scan through twistcli, upload a file to the Console, or import a definition file in to a WAAS app. The scan reports are available under
API definition scan

Automatic Port Detection of WAAS Applications for Containers or Hosts

When you enable the automatic detection of ports in WAAS
, or
Out of band
rules, you can secure ports used by unprotected web applications. The automatic detection of ports makes it easier to deploy WAAS at scale because you can protect web applications without the knowledge of which ports are used. Additionally, you can add specific ports to the protected HTTP endpoints within each app in your deployment.

Customization of Response Headers

You can append or override names and values in HTTP response headers for
, and
App Embedded
deployments that are sent from WAAS protected applications.

WAAS Actions for HTTP Messages that Exceed Body Inspection Limits

You can now apply the
, or
WAAS actions for HTTP messages that exceed the body inspection limit and ensure that messages that exceed the inspection limit are not forwarded to the protected application.
To enforce these limitions, you must have a minimum Defender version of 22.01 (Joule).
And with custom rules (
Out of band
), you can apply
actions for HTTP messages that exceed the body inspection limit.

Attacker IP Addition to a Network List

When a WAAS event includes an attacker IP address, you can now directly click a link to add the attacker IP address to an existing or new network list from
Aggregated WAAS events

Regex Match in Forensics Message

When defining a custom rule, you can now define a regular expression to match for strings and include the matched information in the forensics message.

Defender Compatibility with Custom Rules

To make it easier to review and make sure that all Defenders meet the minimum version requirement for a rule, you can now view the minimum Defender version required to use each rule. The Defender version information is displayed in a new column within the custom rules table.

WAAS Proxy Error Statistics

WAAS connectivity monitor
you can view WAAS proxy statistics for blocked requests, count of requests when the inspection limit was exceeded, and parsing errors.

DISA STIG Scan Findings and Justifications

Every release, we perform an SCAP scan of the Prisma Cloud Compute Console and Defender images. The process is based upon the U.S. Air Force’s Platform 1 "Repo One" OpenSCAP scan of the Prisma Cloud Compute images. We compare our scan results to IronBank’s latest approved UBI8-minimal scan findings. Any discrepancies are addressed or justified.

API Changes

GET /stats/vulnerabilities

Introduces a change in the existing API endpoint that fetches the vulnerabilities (CVEs) affecting an environment. The data for each CVE, such as impacted packages, highest severity, and so on, is now based on the entire environment irrespective of the collections filter, assigned collections, or assigned accounts.
Also, the impacted resources and distribution counts are not retrieved and are returned as zero when you apply filters or are assigned with specific collections or accounts.
One more change in this API endpoint is that the value of the status field will now be empty. In the context of a CVE, there can be multiple fix statuses, depending on the impacted package. Therefore, providing a fix status per CVE is incorrect and was removed. To get the right fix status according to the package, use additional endpoint to fetch the resources impacted by the CVE and their details.

GET /stats/vulnerabilities/impacted-resources

Introduces new optional query parameters such as
resource type
to the existing API endpoint. To enable backward compatibility, if you don’t use these optional query parameters, the API response will display results without pagination and registry images, and similar to the response in the previous releases (Joule or earlier).
Make sure to update your scripts before the Newton release. Starting with the Newton release, the API response will no longer support requests without the pagination and resource type query parameters.

GET /stats/vulnerabilities/download

Introduces a new API endpoint that downloads a detailed report for CVEs in a CSV format.

GET /stats/vulnerabilities/impacted-resources/download

Introduces a new API endpoint that downloads a detailed report for impacted resources in a CSV format.

PUT policies/firewall/app/out-of-band

Introduces a new API endpoint that updates or edits a WAAS custom rule for
out of band traffic

GET policies/firewall/app/out-of-band

Introduces a new API endpoint that discovers and detects the HTTP traffic for an existing WAAS out of band custom rule.

GET policies/firewall/app/out-of-band/impacted

Introduces a new API endpoint that fetches the impacted resources list for an existing WAAS out of band custom rule.

POST waas/openapi-scans

Introduces a new API endpoint that scans the API definition files and generates a report for any errors, or shortcomings such as structural issues, compromised security, best practices, and so on. API definition scan supports scanning OpenAPI 2.X and 3.X definition files in either YAML or JSON formats.

GET profiles/app-embedded

Introduces a new API endpoint that fetches the app-embedded runtime metadata.

GET profiles/app-embedded/download

Introduces a new API endpoint that downloads the app-embedded runtime profiles in a CSV format.

GET util/arm64/twistcli

Introduces a new API endpoint that downloads an x64 bit Linux ARM architecture twistcli in a ZIP format.

Addressed Issues

  • Fixed an issue where fixedDate for Windows vulnerabilities did not update.
  • The Intelligence Stream is updated to fix an issue where some Red Hat Enterprise Linux (RHEL) packages were incorrectly reported as vulnerable.
    This issue occurred because Red Hat had duplicate records of the same CVE in their OVAL feed, where one was fixed and the other one was not.
  • Security Fixes
    In accordance with the security assurance policy, this release contains updates to resolve older vulnerabilities in packaged dependencies:
    Console & Defender
    • Upgraded Go Lang version
    • Removed mongodb-tools binaries
    • Containerd updates for Kubernetes (
    • Open Policy Agent updates (
    • Runc updates (
    • Kubernetes (
    • Mongod
    • Mongodb Go driver (
    • AWS SDK for Go (
    • Dependency updates for:
      • Package xz (
      • YAML for Go package (
    • Dependency updates for

End of Support Notifications

The following list of items are no longer supported in 22.06.
  • With the RedHat EOL announcement for OpenShift 3.11, Prisma Cloud no longer supports Openshift 3.11.

Supported Host Operating Systems

Prisma Cloud now supports hosts running x86 architecture on multiple platforms and hosts running ARM64 architecture on AWS.
Review the full system requirements for all supported operating systems.

x86 Architecture

In this release, Prisma Cloud added support for the following host operating systems on x86 architecture:
  • Bottlerocket OS 1.7
  • Latest Amazon Linux 2
  • Latest Container-Optimized OS on Google Cloud
  • Ubuntu 22.04 LTS


In this release, Prisma Cloud added support for the following host operating systems on ARM64 architecture running on AWS:
  • Amazon Linux 2
  • Ubuntu 18.04 LTS
  • Debian 10
  • RHEL 8.4
  • CentOS 8
  • Photon OS 4

Changes in Existing Behavior

  • For short-lived containers, that is when a container is created and immediately terminated, the image will not be scanned. In previous versions, the image was scanned by monitoring pull events from the registry.
  • An additional permission is added to AWS agentless scanning template.
    For existing accounts that are enabled for agentless scans you will need to update the permissions.
  • Credentials for AWS, GCP, and Azure cloud accounts are now under
    Manage > Cloud Accounts
  • In 22.01 update 2, we updated how the scanning process impacts artifact metadata in JFrog Artifactory. The scanning process no longer updates the
    Last Downloaded
    date for all manifest files of all the images in the registry.
    In 22.06, we’ve further refined how this works:
    As part of the process for evaluating which images should be scanned, in addition to reviewing the manifest files, Prisma Cloud also examines the actual images. Now the
    Last Downloaded
    date won’t change unless the image is actually pulled and scanned.
    "Transparent security tool scanning" is
    supported for anything other than Local repositories. If you select anything other than
    in your scan configuration (including virtual repositories backed by local repositories), then Prisma Cloud automatically uses the Docker API to scan all repositories (local, remote, and virtual). When using Docker APIs, the
    Last Downloaded
    field in local JFrog Artifactory registries will be impacted by scanning.
    If you’ve got a mix of local, remote, and virtual repositories, and you want to ensure that the
    Last Downloaded
    date isn’t impacted by Prisma Cloud scanning, then create separate scan configurations for local repositories and remote/virtual repositories.
  • The data collection for incidents in the Prisma Cloud Compute database is capped to 25,000 incidents or 50 MB, whichever limit is reached first.
    When upgrading from 22.01 to 22.06, if the size of your incident collection exceeds this limit, then the oldest incidents that exceed the limit will be dropped.
    As part of this change, the serial number field for incidents will now be empty. The serial number was a running count of the incidents according to the size of the data collection. Now that the collection is capped, the serial number is no longer available. To uniquely identify incidents, use the ID field instead.
  • A new field
    is now available for incidents alert integration with Webhook and Splunk to identify the incident type.
  • With 22.06, all App-Embedded collections including Fargate tasks, will be grouped together in collections using the
    App ID
    Until now, collections of Fargate tasks were specified using the
    field in vulnerability, compliance, and incidents pages.
    After upgrading to 22.06, update your existing collections to use the
    App IDs
    field rather than the
    field to maintain the correct grouping of resources for filtering, assigning permissions, and scoping vulnerability and compliance policies.
    Also, the CSV file export for vulnerability scan results, compliance scan results, and incidents has changed. Fargate tasks protected by App-Embedded Defender will be reported under the
    column instead of the

Known Issues

  • The --tarball option in twistcli does not scan for compliance checks. Currently, only vulnerabilities are detected successfully.
  • When Defender is installed on Windows hosts in AWS, and Prisma Cloud Compute Cloud Discovery is configured to scan your environment for protected hosts, the Windows hosts running Defender are reported as unprotected.
  • For custom compliance checks for Kubernetes and OpenShift on CRIO, when
    Reported results
    is configured to show both passed and failed checks, if a check doesn’t run, Prisma Cloud still reports it as
  • If you have the same custom compliance rule in use in a host policy (effect: alert) and a container policy (effect: block), the rules will enforce your policy (as expected), but the audit message for a blocked container will incorrectly refer to the host policy and host rule name.
  • On the Radar > Containers, K3s clusters are not displayed. You can view the containers within these clusters under
    Non-cluster containers

Upcoming Deprecation Notifications

  • Support for Windows Server 2022 will be added with or before the next release, Lagrange. With support for Windows Server 2022, Windows Server 2016 will no longer be supported. Microsoft has announced the EOL for Windows Server 2016 as of January,2022.
  • Support for Docker Access Control is being deprecated along with the Access User role.
    Support will be removed in the Newton release.
  • Support for scanning your code repositories from the Prisma Cloud Compute console (
    Monitor > Vulnerabilities > Code repositories
    ) is being deprecated. Twistcli for code repository scanning is also being deprecated. You can use the Code Security module on Prisma Cloud to scan code repositories and CI pipelines for misconfigurations and vulnerabilities.
    Support for code repo scanning using Prisma Cloud Compute will be removed in the Newton release.

Backward Compatibility for New Features

Feature name
Unsupported Component (Defender/twistcli)
Support for Google Artifact Registry
Old defenders will not be supported for scanning Artifact Registry.
Registry Scan Enhancements
A new log record was added for Defender finished scanning image, which adds pull, analysis and total duration. For older defenders, the following fields will be zero: ImagePullDuration, ImageAnalysisDuration, ImageScanDuration.
Vulnerability and compliance for Workloads Protected by App-Embedded Defenders
Old app-embedded Defenders (except for ECS Fargate Defenders) will not be supported for vulnerabilities, compliance, and package info. The images running with these Defenders will not be returned in the GET images API. Also, for old ECS Fargate Defenders, the Environment → Apps tab within the image dialog will be empty, even though there are running tasks and their count is displayed on the main images page under the Apps column.
Runtime File System Audits for App-Embedded Defenders
Old app-embedded Defeders will not be able to have the filesystem capability, so the workloads protected by them can not be monitored for FS.
Rule to Allow Activity in Attached Sessions
Old Defenders will not support the new functionality as they don’t have the backend implementation part of this toggle
Support ARM: Add vulnerabilities support for ARM to the IS ARM support
Defenders, twistcli, Console and Intelligence Stream
Old defenders and consoles won’t support ARM64 since there isn’t any the dedicated implementation. The Intelligence Stream is updated with ARM64 CVEs for all consoles, but as we predict, it won’t be common to get an ARM related CVE for each x86 CVE. ARM64 Defenders are required to scan ARM-based images. Make sure to assign the appropriate collections in your Registry Scanning Scope for x86_64 images and ARM64 images to prevent errors in the registry scanning. The ALL collection automatically includes the ARM64 Defenders.
Windows defender for Vulnerability and Compliance with Containers
Defenders, twistcli
Old Defendersand twistcli will not support the new functionality as they don’t have the updated implementation
Improved Visibility for CaaS workloads protected by App-Embedded Defenders
Old App-Embedded Defenders will not be supported, the new capability of fetching the workload cloud metadata to App-Embedded profile
Authenticate with Azure Container Registry using certificate
We will have a problem with using the new credential in scanning with older defenders, they will not be able to use this credential
Extract Fargate task Entrypoint and Command Params, Support Fargate Task Definition in CloudFormation Template format #33033
New implementation for Fargate Task defenders in twistcli
Support image tar files scanning with twistcli
Old twistcli version doesn’t have this implementation
Support for Azure VMs and Containers being reported into SaaS - Unified Inventory (#tbd)
Older than Kepler Defenders will not be able to report on Azure VMs, due to the lack of the VM Id in proper format support. It will need users to upgrade their defenders to Kepler.

Recommended For You