Features Introduced in April 2020
Learn what’s new on Prisma™ Cloud in April 2020.
Features Introduced on April 21, 2020
Permission Groups to support granular RBAC for Compute
Prisma Cloud administrator who require access to the Compute tab or the Compute APIs, you can have granular access and visibility to perform their job functions. The new
Only for Compute capabilitiespermission group restricts access to only the Compute tab and enables access to the capabilities for protecting your host, containers,and serverless functions without access to the rest of the Prisma Cloud UI or API.
Build and Deploy Securityis another permission group that enables you to restrict access to the DevOps users who need access to a subset of Compute capabilities and/or API access to run IDE, SCM and CI/CD plugins for Infrastructure as Code and image vulnerabilities scans.
Account-Based RBAC for Compute
Visibility to Prisma Cloud Defender data on the
Computetab now corresponds to the AWS, Azure, or GCP cloud accounts that each administrator is allowed to view.
Custom Email Notification Templates
From the Notification Template Hub on Prisma Cloud, you can add a custom email template for alert notification emails. You can customize the message content and include a link in the email notification.
Beta) Coverage for the MITRE ATT&CK Framework
Prisma Cloud adds support for MITRE ATT&CK, a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations, as a compliance standard. The MITRE ATT&CK Cloud Matrix for Enterprise support on Prisma Cloud maps policies to identify and protect you from cloud-based attack techniques on AWS, Azure, and GCP.
Saved Search Addition
The saved search for AWS VPC nearing availability limit enables you to detect if the VPCs per region has reached 80% of the resource availability limit. You can then easily create a policy and generate an alert when the threshold is reached.
Granular list of Permissions for GCP
If you want to create a custom role for onboarding your GCP project or organization on Prisma Cloud, you can now use the list of granular permissions required for successfully onboarding the account.
Unusual User Activity Alerts Enhanced for Service Group Context
If a user typically uses a set of services, and Prisma Cloud detects a new service being used, the alert details include additional context on the anomaly. It alerts you on what was unusual about the activity, and whether the service accessed belongs to the same or a different service group.
APIs to ingest the following services:
The Recommendation instructions for the
Azure Load Balancer diagnostics logs are disabledis updated.
AWS S3 bucket not configured with secure data transportpolicy is enhanced to check whether bucket is exposed publicly before checking on whether it uses secure data transport.
Features Introduced on April 7, 2020
Keyword Search the JSON Payload Within Event Window
On the Prisma Cloud management console, you can now search the event payload within the JSON directly in the event window, without having to copy the payload to a clipboard.
Additional Context for IP Addresses in Usual User Activity Alerts.
For alerts triggered by the unusual user activity anomaly policy on Prisma Cloud, you now have additional context on whether the IP address matched on a threat feed. The
Additional Contextcolumn displays the category for the IP address so that you can quickly figure out which alerts to pay attention to and act on.
API Ingestion Update
New Policies and Policy Updates
Azure Monitoring log profile is not configured to export activity logs
Identifies Azure accounts that do not have at least one monitoring log profile configured to export all activity logs.
Remediation CLI is added to
GCP Storage log buckets have object versioning disabledpolicy, and this policy is now a
RemediablePrisma Cloud Default policy.
Recommended For You
Recommended videos not found.