Command Center Dashboard

Learn more about quickly assessing the most urgent activity taking place across your cloud environments.
The Command Center dashboard provides you with a unified view of the top cloud security incidents and risks uncovered across the assets monitored by Prisma™ Cloud. It provides security teams with an at a glance picture of the highest priority incidents and risks that require attention across the following attack vectors:
  • Incidents
  • Misconfigurations
  • Exposures
  • Identity Risks
  • Data Risks
Alerts represented on the dashboard are restricted to High and Medium severity.
The Command Center dashboard is only available to users with a System Admin role.

Total Urgent Alerts

The
Total Urgent Alerts
bar provides a tally of alerts grouped by Incidents, Misconfigurations, Exposures, Identity, and Data Risks. The
Filter
controls above the Alerts bar allow you to narrow your investigation to a specific
Time Range
or
Account Group
. You can select multiple account groups at once to view data from multiple account sources. Filter data retrieved is updated across all the alert visualizations on the dashboard. The revert icon on the right above the Total Urgent Alerts bar allows you to revert back to default filter settings.

Alerts Visualization

Actionable alert data is further grouped into five areas by risk type:
  • Incidents
    : Retrieves data for alerts generated by Anomalies, Network and Workload Incidents and Audit Events.
  • Misconfigurations
    : Captures data for alerts generated by policies with configuration errors.
  • Exposures
    : Retrieves data for alerts generated by violations in network policies in addition to the policy subtype config.
  • Identity Risks
    : Lists alerts generated by violations in Identity and Access Management policies. This view is only available by subscription.
  • Data Risks
    : Retrieves data for alerts generated by exceptions in the policy type Data. This view is only enabled by subscription.

Alerts Actions

Each alerts visualization allows you to further drill down and view the source of the alert by the policy name or the asset it originated from:
The Incidents widget above for instance, provides three visualizations of urgent alert activity:
  • Urgent Incidents
    : Provides a donut chart visualization of high and medium severity Incidents. Select any alert for an in depth look at anomalies, network and workload incidents and audit events.
  • Top Incidents by Policy
    : Lists the top five policies that triggered a high or medium severity alert. Select a policy or an alert total for a detailed view of policy coverage incidents. You can also investigate alerts within individual policies on the Alerts Overview page.
  • Top Incidents by Asset
    : Lists top five incidents by asset name, number of alerts, service, and account name. See more details on alerts generated in a specific asset on the Assets Explorerpage.

Generate Reports

You can also share Command Center reports with stakeholders to keep them abreast of the security and compliance status of your cloud assets. Select the
Generate Report
button to create and download a report. This generates the
Top Cloud Risks and Incidents Report
for that specific time range and selected account group(s).
The generated report captures the top five alerts listed under each widget and also includes an
Executive Summary
as shown above, capturing the top five urgent incidents across your organizations’ cloud assets.

Recommended For You