Command Center Dashboard
Learn more about quickly assessing the most urgent activity taking place across your cloud environments.
The Command Center dashboard provides you with a unified view of the top cloud security incidents and risks uncovered across the assets monitored by Prisma™ Cloud. It provides security teams with an at a glance picture of the highest priority incidents and risks that require attention across the following attack vectors:
- Incidents
- Misconfigurations
- Vulnerabilities
- Exposures
- Identity Risks
- Data Risks
The Command Center dashboard is only available to users with a System Admin role.
Total Urgent Alerts
The
Total Urgent Alerts
bar provides a tally of alerts grouped by Incidents, Misconfigurations, Exposures, Identity, and Data Risks. The Filter
controls above the Alerts bar allow you to narrow your investigation to a specific Time Range
or Account Group
. You can select multiple account groups at once to view data from multiple account sources. Filter data retrieved is updated across all the alert visualizations on the dashboard. The revert icon on the right above the Total Urgent Alerts bar allows you to revert back to default filter settings.
Alerts Visualization
Actionable alert data is further grouped into the following areas by risk type:
- Incidents: Retrieves data for alerts generated by Anomalies, Network and Workload Incidents and Audit Events.
- Misconfigurations: Captures data for alerts generated by policies with configuration errors.
- Vulnerabilities: Provides insight into potentially compromised assets in your cloud environment, capturing the top five assets with vulnerabilities that triggered the most number of Critical and High alerts. Click on any listed image or asset to access the Assets Explorer to investigate further and take remedial action if necessary.
- Exposures: Retrieves data for alerts generated by violations in network policies in addition to the policy subtype config.
- Identity Risks: Lists alerts generated by violations in Identity and Access Management policies. This view is only available by subscription.
- Data Risks: Retrieves data for alerts generated by exceptions in the policy type Data. This view is only enabled by subscription.
Alerts Actions
Each alerts visualization allows you to further drill down and view the source of the alert by the policy name or the asset it originated from:
The Incidents widget above for instance, provides three visualizations of urgent alert activity:
- Urgent Incidents: Provides a donut chart visualization of Critical and High severity Incidents. Select any alert for an in depth look at anomalies, network and workload incidents and audit events.
- Top Incidents by Policy: Lists the top five policies that triggered an alert. Select a policy or an alert total for a detailed view of policy coverage incidents. You can also investigate alerts within individual policies.
- Top Incidents by Asset: Lists top five incidents by asset name, number of alerts, service, and account name. Learn more about responding to alerts generated in a specific asset.
Generate Reports
You can also share Command Center reports with stakeholders to keep them abreast of the security and compliance status of your cloud assets. Select the
Generate Report
button to create and download a report. This generates the Top Cloud Risks and Incidents Report
for that specific time range and selected account group(s).
The generated report captures the top alerts listed under each widget and also includes an
Executive Summary
as shown above, capturing the top urgent incidents across your organizations’ cloud assets.