Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
MENU
Home
Prisma
Prisma Cloud
Prisma Cloud Compute Edition Administrator’s Guide
Runtime defense
Runtime defense for serverless functions
Document:
Prisma Cloud Compute Edition Administrator’s Guide
Runtime defense for serverless functions
Download PDF
Last Updated:
Tue May 23 16:14:25 UTC 2023
Current Version:
Self.Hosted 30.xx
Version Prisma Cloud Enterprise Edition
Version Self-Hosted 30.xx
Version Self-Hosted 22.12
Version Self-Hosted 22.06
Version Self-Hosted 22.01
Table of Contents
Filter
Welcome
Releases
Getting started
Product architecture
Support lifecycle
Security Assurance Policy on Prisma Cloud Compute
Licensing
Prisma Cloud Enterprise Edition vs Compute Edition
Utilities and plugins
Install
Getting started
System Requirements
Cluster Context
Deploy the Prisma Cloud Console
Prisma Cloud Container Images
Kubernetes
Deploy the Prisma Cloud Console on Amazon ECS
Console on Fargate
Onebox
Alibaba Cloud Container Service for Kubernetes (ACK)
Azure Container Service (ACS) with Kubernetes
Azure Kubernetes Service (AKS)
Amazon Elastic Kubernetes Service (EKS)
IBM Kubernetes Service (IKS)
OpenShift v4
Deploy Prisma Cloud Defenders
Defender Types
Manage your Defenders
Redeploy Defenders
Uninstall Defenders
Install a Single Container Defender
Deploy a Single Container Defender using the CLI
Install a single Host Defender
Auto-defend hosts
Deploy Windows Defender
Kubernetes
Deploy Orchestrator Defenders on Amazon ECS
Automatically Install Container Defender in a Cluster
Deploy Prisma Cloud Defender from the GCP Marketplace
Deploy Defenders as DaemonSets
VMware Tanzu Application Service (TAS) Defender
Deploy Defender on Google Kubernetes Engine (GKE)
Google Kubernetes Engine (GKE) Autopilot
Deploy Defender on OpenShift v4
Serverless Defender
Deploy Serverless Defender as a Lambda Layer
Auto-defend serverless functions
Deploy App-Embedded Defender
Deploy App-Embedded Defender for Fargate
Default Setting for App-Embedded Defender File System Monitoring
Default Setting for App-Embedded Defender File System Protection
Upgrade
Support lifecycle for connected components
Prisma Cloud’s backward compatibility and upgrade process
Upgrade Onebox
Kubernetes
OpenShift
Helm charts
Amazon ECS
Upgrade the Single Container Defenders
Upgrade Defender DaemonSets
Upgrade Defender DaemonSets (Helm)
Agentless Scanning
Agentless Scanning Modes
Onboard Accounts for Agentless Scanning
Onboard AWS Accounts for Agentless Scanning
Onboard Azure Accounts for Agentless Scanning
Onboard GCP Accounts for Agentless Scanning
Onboard Oracle Cloud Infrastructure (OCI) Accounts for Agentless Scanning
Agentless Scanning Results
Technology overviews
Intelligence Stream
Prisma Cloud Advanced Threat Protection
App-specific network intelligence
Container Runtimes
Radar
Serverless Radar
Prisma Cloud Rules Guide - Docker
Defender architecture
Host Defender architecture
TLS v1.2 cipher suites
Telemetry
Configure
Rule ordering and pattern matching
Backup and restore
Custom feeds
Configuring Prisma Cloud proxy settings
Prisma Cloud Compute certificates
Configure scanning
User certificate validity period
Enable HTTP access to Console
Set different paths for Defender and Console (with DaemonSets)
Authenticate to Console with certificates
Configure custom certs from a predefined directory
Customize terminal output
Collections
Tags
Logon settings
Reconfigure Prisma Cloud
Subject Alternative Names
WildFire Settings
Log Scrubbing
Clustered-DB
Permissions by feature
Authentication
Logging into Prisma Cloud
Integrating with an IdP
Integrate with Active Directory
Integrate with OpenLDAP
Integrate Prisma Cloud with Open ID Connect
Integrate with Okta via SAML 2.0 federation
Integrate Google G Suite via SAML 2.0 federation
Integrate with Azure Active Directory via SAML 2.0 federation
Integrate with PingFederate via SAML 2.0 federation
Integrate with Windows Server 2016 & 2012r2 Active Directory Federation Services (ADFS) via SAML 2.0 federation
Integrate Prisma Cloud with GitHub
Integrate Prisma Cloud with OpenShift
Non-default UPN suffixes
Compute user roles
Assign roles
Credentials Store
Amazon Web Services (AWS) Credentials
Azure Credentials
Google Cloud Platform (GCP) Credentials
IBM Cloud Credentials
Kubernetes Credentials
Cloud Service Providers
Cloud Discovery
Configure Cloud Discovery
Vulnerability management
Prisma Cloud vulnerability feed
Scanning Procedure
Vulnerability Management Policies
Vulnerability Scan Reports
Scan Images for Custom Vulnerabilities
Base images
Vulnerability Explorer
CVSS scoring
CVE Viewer
Registry scanning
Configure Registry Scans
Scan images in Alibaba Cloud Container Registry
Scan images in Amazon Elastic Container Registry (ECR)
Scan images in Azure Container Registry (ACR)
Scan images in Docker Registry v2 (including Docker Hub)
Scan images in Google Artifact Registry
Scan images in Google Container Registry (GCR)
Scan images in Harbor Registry
Scan images in IBM Cloud Container Registry
Scan images in JFrog Artifactory Docker Registry
Scan Images in Sonatype Nexus Registry
Scan images in OpenShift integrated Docker registry
Trigger registry scans with Webhooks
Configure VM image scanning
Configure code repository scanning
Malware scanning
Windows container image scanning
Serverless function scanning
VMware Tanzu Blobstore Scanning
Scan App-Embedded workloads
Troubleshoot vulnerability detection
Compliance
Compliance Explorer
Enforce compliance checks
CIS Benchmarks
Prisma Cloud Labs compliance checks
Serverless functions compliance checks
Windows compliance checks
DISA STIG compliance checks
Custom compliance checks
Trusted images
Host scanning
VM image scanning
App-Embedded scanning
Detect secrets
OSS license management
Runtime defense
Runtime defense for containers
Runtime defense for hosts
Runtime defense for serverless functions
Runtime defense for App-Embedded
Custom runtime rules
Import and export individual rules
ATT&CK Explorer
Runtime Audits
Event Aggregation
Image analysis sandbox
Incident Explorer
Incident types
Altered binary
Backdoor admin accounts
Backdoor SSH access
Brute force
Cryptominers
Execution flow hijack attempt
Kubernetes attacks
Lateral movement
Malware
Port scanning
Reverse shell
Suspicious binary
Other incident types
Access control
Role-based access control for Docker Engine
Admission control with Open Policy Agent
Continuous integration
Jenkins plugin
Jenkins Freestyle project
Jenkins Maven project
Jenkins Pipeline project
Run Jenkins in a container
Jenkins pipeline on Kubernetes
CI plugin policy
Code repo scanning
WAAS
Web-Application and API Security (WAAS)
Deploy WAAS
Deploy WAAS In-Line for Containers
Deploy WAAS Out-Of-Band for Containers
Deploy WAAS In-Line for Hosts
Deploy WAAS Out-Of-Band for Hosts
Deploy WAAS for Containers Protected By App-Embedded Defender
Deploy WAAS for serverless functions
Deploy WAAS Agentless
WAAS Troubleshooting
WAAS Sanity Tests
WAAS Explorer
App Firewall Settings
API Protection
DoS protection
Bot Protection
WAAS Access Controls
Advanced Settings
WAAS Analytics
API Discovery
API definition scan
WAAS custom rules
Detecting unprotected web apps
WAAS Sensitive Data
Firewalls
Cloud Native Network Segmentation (CNNS)
Secrets
Secrets manager
Integrate with secrets stores
Secrets Stores
AWS Secrets Manager
AWS Systems Manager Parameters Store
Azure Key Vault
CyberArk Enterprise Password Vault
HashiCorp Vault
Inject secrets into containers
Injecting secrets: end-to-end example
Alerts
