22.12 Update 1 Release Notes

The following table provides the release details:
Lagrange, 22.12 Update 1
Release date
Jan 23, 2023
Maintenance release
SHA-256 digest

New Features in Core

Filter Defender by TAS Foundation ID

Introduces a new field value
Manage > Defenders > Deployed Defenders
in the Prisma Cloud Compute user interface to filter Defenders by TAS Foundation ID. You can also use this value in the
query parameter of the API endpoint
GET, /api/vVERSION/defenders
to filter Defenders by TAS Foundation ID.

ARM64 bit twistcli for MacOS platforms

The twistcli binary installer is now supported on ARM64 Mac machines. Download ARM64 Mac compatible version of twistcli under
Manage > System > Utilities
, or via

Support for Talos Linux - container vulnerabilities and compliance

Talos Linux is now supported as a host OS for orchestrator container Defenders. Defenders installed on Talos Linux will allow scanning vulnerability and compliance for the running containers, as well as performing registry scans. To deploy on Talos Linux cluster, use the new "Talos Linux deployment" toggle in the Defenders deployment page, or the new --talos flag in twistcli.

New Features in WAAS

Add OWASP mapping to WAAS events

WAAS events will now be mapped to the appropriate OWASP Top 10 risk and OWASP API Top 10 risk. In addition, WAAS Explorer displays event summaries for each of the OWASP Top 10 and OWASP API Top 10 risks.

Identify Sensitive data by field name

In Lagrange, sensitive data was matched based on request parameter values. With this update, sensitive data patterns can be searched for by matching pattern on either keys or values in request and response parameters.

Indication for Sensitive Data in request/response

With Lagrange, API Discovery was updated to include indications of sensitive data in API requests. With this update, sensitive data-matching indications have been added separately for data matched in requests and data matched in responses.

Addressed Issues

  • Use the API route
    to scan VM images. The API route
    route is not supported anymore.
  • Fixed an issue that showed an incorrect expired certificate warning for Defenders even if the certificate was not in use.
  • WAAS Agentless Observers will now automatically upgrade to match the Console’s version.
  • Serverless WAAS audits were not being scrubbed in Defender logs. This is now fixed.
  • CVSS3 score wasn’t displayed for Harbor 2.5 and up. This issue was caused owing to a change in Harbor.
    Fixed in 22.12.427
    With this fix, Prisma Cloud handles the change.

Recommended For You