1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma Cloud Administrator’s Guide (Compute)
    5. Vulnerability management
    6. Malware scanning

    Malware scanning

    Besides detecting software vulnerabilities (CVEs) and compliance issues (such as images configured to run as root), Prisma Cloud also detects malware in your container images. No special configuration is required to enable this feature.
    Malware data is sourced from commercial providers, Prisma Cloud Labs, and open source lists. The image scanner looks for malware in binaries in the image layers, including the base layer.
    Malware scanning and detection is supported for Linux container images only. Windows containers are not supported.

    Detecting malware

    When Prisma Cloud detects malware in an image, it logs the vulnerability in the image scan report.
    To review the results of an image scan:
    1. Open Console, then go to
      Monitor > Vulnerabilities > Images
      .
    2. Click on an image to get a detailed report from the last image scan.
    3. In the detailed report, click on the
      Compliance
       tab.
      Issues with vulnerability ID 422 means that your image contains a file with an md5 signature of known malware.

    What’s next?

    Custom malware data can be uploaded to Prisma Cloud. After uploading your data, it is used in all subsequent images scans.
    For more information about uploading custom malware data to Console, see Import custom malware data.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2021 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo