Features Introduced in July 2021
Account Owner Details For Azure and GCP Accounts
Prisma Cloud now displays the account owners associated with the Azure and GCP cloud accounts in a new column in the details from
When you filter for the GCP and Azure cloud types on
, and click the link in the
Violating Resourcestable displays.
Account Ownerscolumn displays up to five account owners associated with a cloud account in alphabetical order; this column will display by default, but if no values are present then this column will be grayed out. For offline access, when you download ( ) the list of resources the
Account Ownersinformation is included in the CSV file.
You must be on the Alerts subsystem 2.0 to view the account owner column. To identify the alerts subsystem version on your Prisma Cloud instance, select
and check for the
Version: 2above the filter ( ) icon.
Support for Europe Central 2 region on GCP
Prisma Cloud can now ingest data on your resources deployed in the GCP Warsaw region 'Europe Central 2'.
Change in Behavior
When saving filters on
, the time range is saved with the other filters you apply and the choices are preserved for the session.
If you apply a saved filter that has fewer filters than your current preserved session, the additional filters will remain but the selections will be cleared out so that they are not applied, and you will see a combination of your saved filters and your current session filters.
Google Cloud Task
The permissions are included in the primitive Viewer role.
New Policies and Policy Updates
See Look Ahead—Planned Updates on Prisma Cloud to learn what’s coming soon.
Azure Active Directory Security Defaults is disabled
Identifies Azure AD that has security defaults disabled which could impact alerts being generated for all Azure AD with this setting. This policy is mapped to CIS Azure 1.2.0, section 1.3.0, compliance standard 1.22.
Azure AD Users can consent to apps accessing company data on their behalf is enabled
Identifies Azure AD which has the following setting enabled:
Users can consent to apps accessing company data on their behalf. This could impact alerts being generated for all Azure AD which has this setting enabled. This policy is mapped to CIS Azure 1.1.0, sections 1.2.0 and 1.3.0, compliance standard 1.9.
GCP Storage Bucket should not log to itself
Identifies GCP storage buckets that are sending logs to themselves. When storage buckets use the same bucket to send their access logs, a loop of logs will be created which is not recommended. As a best practice, spin up new and different log buckets for storage bucket logging.
GCP Storage Bucket is not configured with default event-based hold
Identifies GCP storage buckets that are not configured with default event-based hold. This setting enables you to protect individual objects which allows an object to persist in your bucket for a specified length of time after a given event occurs.
Policy descriptions update
The following policies descriptions have been updated:
slavewas removed from the policy description.
Impact—No changes on alerts.
New Compliance Benchmarks and Updates
NIST CSF 1.1
The NIST Cybersecurity Framework v.1.1 compliance standard is being updated with more policy mappings across all clouds—AWS, Azure, Alibaba, GCP, and OCI.
REST API Updates
Cloud Account Owners for Azure and GCP
The response object for Alert endpoints will include an array that lists up to five account owners in a new attribute called
cloudAccountOwnersfor the Azure and GCP cloud accounts.
CloudResourceModelobject the new attribute
cloudAccountOwners. is included for the following endpoints:
Recommended For You
Recommended videos not found.