: Features Introduced in July 2023

Features Introduced in July 2023

Table of Contents

Features Introduced in July 2023

Learn about the new Compute capabilities on Prisma™ Cloud Enterprise Edition (SaaS) in July 2023.
The host, container, and serverless capabilities on the
tab are being upgraded starting on July 16, 2023. When upgraded, the version will be 30.03.122.

New Features in Prisma Cloud Compute

Package URL (pURL) Format Support for Vulnerabilities
Prisma Cloud now adds package URLs (pURL) for packages and vulnerabilities while scanning the images using twistcli. This helps to reliably reference the same software package using a simple and expressive syntax and conventions based on familiar URLs.
As you scan images with twistcli, you can filter the CVEs based on the pURL format in the CVE viewer.
Registry Scan Scale Support Increased to 100k Images
Registry image scan limit has been increased to 1,000,000 from 100,000 for all image types.
Support for GitLab Container Registry
Added support for scanning GitLab Container Registry without using admin credentials to manage and get a full list of all container registries/images.
New Features in Agentless Security
Malware Support through Wildfire Integration
Added enhanced malware agentless scanning through an integration with Palo Alto Networks Advanced WildFire, the industry’s leading malware scanning feed. Malware scanning is supported across all Cloud Service Providers for Linux and Windows hosts and Linux container images, covering files suspected as Malware or Grayware. Malware scanning supports ELF binaries in Linux and supports binaries and shared libraries in Windows, providing comprehensive protection.
Scan Errors Visibility Improvements in Agentless Scanning
To get the most out of agentless scanning, this update categorizes issues during the agentless scan process, provides detailed information on their nature, source, and troubleshooting steps, and offers a seamless user interface experience. Easily understand and resolve issues, improving scan coverage and streamlining your scanning process.
As a side effect, this update might display erroneous scan details, that would be auto-remediated by a maximum of 2 agentless scan cycles.
Added Support for Parallel Agentless Scans of Accounts/Regions
Added the ability for agentless scanning to scan accounts and regions within those accounts in parallel.
The changes include the following enhancements.
  • The UI shows the status of an ongoing scan for specific accounts. For example scanning or completed.
  • You can see the general progress of an ongoing scan on the Compute Cloud Accounts page instead of in the progress bar.
  • Your hub account is treated as an account dedicated for agentless scanning, which is used only to scan other accounts, and no longer scans itself.
  • You can manage the agentless scanning configuration centrally for all target accounts in the hub account configuration. You aren’t required to duplicate the configuration across all target accounts. For example, you can set custom networking configuration only on the hub account.
New Features in Host Security
Enhanced the Syslog to include the same fields as the API
Added fields to enhance the syslog output in alignment with the API call responses. Fields were added for container runtime audits, host runtime audits, container incidents, and host incidents.

API Changes

Registry Settings API supports GitLab Container Registry
Starting with 30.03, you no longer need to add GitLab Container Registry through Docker V2 registry which required administrative permissions to scan all images.
You can now directly add GitLab Container Registry in the POST, settings/registry endpoint by using the new schema gitlabRegistrySpec in the request body.
To add, you must specify the following parameters:
  • version
    : Specify the value
    for GitLab Container Registry.
  • registry
    : Specify the GitLab registry URL address. Example, for native registries, you can specify the address as "https://registry.gitlab.com"
  • credentialID
    : Specify the GitLab credential that you added in the credential store in Prisma Cloud Compute. For example, an API token that has atleast the
  • gitlabRegistrySpec
    : Specify at least one of the following fields:
  • userID
    : Specify your GitLab user ID to add all registries associated with it.
  • projectIDs
    : Specify the project IDs to add all registries associated with a GitLab project.
  • groupIDs
    : Specify the group ID to add all registries associated with a GitLab group.
  • excludedGroupIDs
    : Specify the top-level group IDs that you don’t want to add.
Old (30.02 and earlier releases)
Example request body schema:
{ "version": "2", "registry": "", "credentialID": "<GitLab Token>", "repository": "library/ubuntu", "tag": "16.04", "os": "linux", "cap": 5, "scanners": 2, "collections": ["All"] }
New (in release 30.03)
Example request body schema showing
that contains the
to add and scan all registries associated with it:
{ "version":"gitlab", "registry":"https://registry.gitlab.com", "namespace":"", "repository":"", "tag":"", "credentialID":"<GitLab Token>", "os":"linux", "harborDeploymentSecurity":false, "collections":["All"], "cap":5, "scanners":2, "versionPattern":"", "gitlabRegistrySpec":{"userID":"14631394"} }

Recommended For You