Prisma Cloud DevOps Inventory

Use the DevOps Inventory dashboard to view the scan results from the Prisma Cloud IaC scan plugins or twistcli.
The DevOps Inventory dashboard (
Inventory
DevOps
) provides a snapshot of the scan results across the different Prisma Cloud Plugins that you are using to manage security misconfigurations natively in your development environments before you deploy assets, infrastructure, or code in production.
You can view scan results for the past seven days, by default, from different
asset types
— IDEs, SCMs, CI/CD pipelines—such as Azure DevOps pipeline or IntelliJ IDE. The interactive dashboard provides filters to change the scope of data displayed, so that you can analyze information you want to view in greater detail.
devops-inventory.png
At a glance the DevOps Inventory dashboard has four sections:
  • Scan Summary
    - Shows the overall summary of the scans triggered by Prisma Cloud plugins, the API directly or twistcli. The overall number is split by count to display the templates that passed without any security violations and the templates that failed the scan. For the failure case, you can view the count of the violations sorted for low, medium, and high severity policies.
  • Scan Trend
    —Depicts the overall health of how your processes are improving or worsening over time. The green, blue and red trend lines are overlaid to visually display the pass and failed templates scan results against the total number of templates that have been scanned. The trends depict the overall security posture of IaC scans and how they are performing over time so you can identify sudden surges with failed policy checks or sustained improvements with passing policy checks.
  • Scans By Classification
    —Bar graph grouped by asset name (default), asset type, or resource list that depicts the ratio of passed to failed resources. This interactive graph allows you to drill into the passed and failed resources for details on the corresponding templates that passed or failed policy checks; you can click and drag a section of the chart to zoom in further.
  • Tabular data
    — The table enables you to group the results by scan ID (default), asset name, asset type, or resource list and then drill down to view granular information the filtered results, and download it as a CSV file.
    Each row displays the IaC scan name with details on the tags, scan status, and the failure criteria. The links is each column help you explore and gain the additional context to fix the policy violations that were identified in the scan. For example, you can view the errors reported for a specific template type and resolve them early in the development lifecycle.

Recommended For You