Features Introduced in June 2022
Learn about the new Code Security capabilities on Prisma™
Cloud Enterprise Edition (SaaS) in June 2022.
The following new features or enhancements are available
for Prisma Cloud Code Security. These capabilities help agile teams
add security checks to their existing IaC (Infrastructure-as-Code)
model and enforce security throughout the build lifecycle.
Policy Updates | Description |
---|---|
Terraform Cloud (Run Tasks) | Integrate Terraform Cloud (Run Tasks) ( Settings Add Repositories Terraform Cloud (Run Tasks) ![]() |
New Configuration Build Policies | The following new build policies are available
on Prisma Cloud Code Security module:
|
Updates to Existing Configuration Run
Policies | The following new Build policies are added
to the existing Configuration Run policies:
|
Build Policy Updates-Metadata | AWS access keys and secrets are
hard coded in infrastructure Changes —The
cloud type for this policy is updated from ANY to AWS.Impact —No
impact on alerts. |
Azure Storage Account Access
Keys Changes —The cloud type for this policy
is updated from ANY to Azure.Impact —No impact on alerts. | |
GCP resources that support labels
do not have labels Changes —The cloud type
for this policy is updated from ANY to GCP.Impact —No
impact on alerts. | |
AWS S3 Bucket BlockPublicPolicy
is set to True Changes —The policy name has
been updated to support Prisma Cloud’s naming guidelines.
Impact —No
impact on alerts. | |
AWS S3 bucket IgnorePublicAcls
is set to True Changes —The policy name has
been updated to support Prisma Cloud’s naming guidelines.
Impact —No
impact on alerts. | |
AWS S3 bucket RestrictPublicBucket
is set to True Changes —The policy name has
been updated to support Prisma Cloud’s naming guidelines.
Impact —No
impact on alerts. | |
S3 bucket MFA Delete is not enabled Changes —The
policy description and recommendation details have been updated
to describe the policy better.Updated Description —Ensure
S3 bucket MFA Delete is enabled.Impact —No impact on alerts. | |
AWS IAM policies that allow full
administrative privileges are created Changes —The
severity level for this policy is updated from Critical to Low .Impact —No
impact on alerts. | |
Lambda function's environment
variables expose secrets Changes —The severity
level for this policy is updated from High to Medium .Impact —No
impact on alerts. | |
SQS queue policy is public and
access is not restricted to specific services or principals Changes —The
severity level for this policy is updated from Medium to High .Impact —No
impact on alerts. | |
Policy Deletions Applies
only if you have enabled the Code Security subscription on Prisma Cloud | The following build policies are deleted from
Prisma Cloud:
Impact —No
impact on alerts. |
Recommended For You
Recommended Videos
Recommended videos not found.