1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Release Notes
    5. Prisma™ Cloud Release Information
    6. Features Introduced in 2022
    7. Features Introduced in May 2022

    Features Introduced in May 2022

    Learn what's new on Prisma™ Cloud in May 2022.

    New Features

    FEATURE
    DESCRIPTION
    Burndown Widgets in Adoption Advisor
    The Adoption Advisor now includes two new widgets for risk and incident burndown.
    These widgets show you the number of high severity misconfigurations or risks and incidents detected in your cloud environment, and your team’s progress on remediating these issues. The count of remediated risks and incidents includes alerts that are in the resolve, dismiss, or snoozed states.
    API Ingestions
    Amazon EKS
    aws-eks-node-group
    Additional permissions required:
    • eks:ListClusters
    • eks:DescribeNodegroup
    • eks:ListNodegroups
    Amazon Batch
    aws-batch-compute-environment
    Additional permission required:
    batch:DescribeComputeEnvironments
    Amazon Lake Formation
    aws-lake-formation-setting
    Additional permission required:
    lakeformation:GetDataLakeSettings
    Azure App Service
    azure-app-service-domain
    Additional permission required:
    Microsoft.DomainRegistration/domains/Read
    Azure App Service
    azure-app-service-environment
    Additional permission required:
    Microsoft.Web/hostingEnvironments/Read
    Azure App Service
    azure-app-service-plan
    Additional permission required:
    Microsoft.Web/serverfarms/Read
    Azure Compute
    azure-vm-start-time
    No new permissions, the Reader role includes the required permissions.
    Google Stackdriver Logging
    gcloud-logging-bucket
    Additional permission required:
    logging.buckets.list
    Google Network Intelligence Center
    gcloud-network-intelligence-center-firewall-insight
    Additional permission required:
    recommender.computeFirewallInsights.list
    Google Managed Microsoft AD
    gcloud-managed-microsoft-ad-domain
    Additional permissions required:
    • managedidentities.domains.list
    • managedidentities.domains.get
    • managedidentities.domains.getIamPolicy
    • managedidentities.sqlintegrations.list
    OCI Data Flow
    oci-dataflow-applications
    Additional permissions required:
    • inspect dataflow-application
    • read dataflow-application
    This API is not supported in ap-hyderabad-1 region.
    OCI Streaming
    oci-streaming-streampools
    Additional permissions required:
    • inspect stream-pools
    • read stream-pools
    OCI Streaming
    oci-streaming-streams
    Additional permissions required:
    • inspect streams
    • read streams
    Update
    Azure Storage
    azure-storage-account-list
    This API has been updated to show the following new field in the resource JSON:
    advancedThreatProtectionSettings
    Azure Advanced threat protection settings are not supported in Azure China.
    Update
    gcloud-storage-buckets-list API ingestion
    For new ingestion of this API, the metadata will no longer include the
    timeCreated
     attribute for the bucket. In RQL, the key will not be available in the json.rule attribute for auto completion and you cannot define custom policies based on this key. If you have any saved searches including the
    timeCreated
     attribute, they will now not return resources.

    New Policies and Policy Updates

    See the look ahead updates for planned changes and policy updates in 22.6.1.
    POLICY UPDATES
    DESCRIPTION
    New Policies
    Azure Virtual Desktop session host is not configured with managed identity
    Identifies Virtual Desktop session hosts that are not configured with managed identity. Managed identity can be used to authenticate to any service that supports Azure AD authentication, without having credentials in your code. Storing credentials in a code increases the threat surface in case of exploitation and also managed identities eliminate the need for developers to manage credentials. So as a security best practice, it is recommended to have the managed identity to your Virtual Desktop session hosts.
    config from cloud.resource where api.name = 'azure-virtual-desktop-session-host' AND json.rule = session-hosts[*] is not empty and session-hosts[*].properties.resourceId exists as X; config from cloud.resource where api.name = 'azure-vm-list' AND json.rule = powerState equal ignore case "PowerState/running" as Y; filter '$.X.session-hosts[*].properties.resourceId equal ignore case $.Y.id and ($.Y.identity does not exist or $.Y.identity.type equal ignore case None)'; show Y;
    AWS IAM Policy permission may cause privilege escalation
    Identifies AWS IAM Policy which have permission that may cause privilege escalation. AWS IAM policy having weak permissions could be exploited by an attacker to elevate privileges. It is recommended to follow the principle of least privileges ensuring that AWS IAM policy does not have these sensitive permissions.
    config from cloud.resource where cloud.type = 'aws' and api.name = 'aws-iam-get-policy-version' AND json.rule = isAttached is true and document.Statement[?any(Effect equals Allow and (Action contains iam:CreatePolicyVersion or Action contains iam:SetDefaultPolicyVersion or Action contains iam:PassRole or Action contains iam:CreateAccessKey or Action contains iam:CreateLoginProfile or Action contains iam:UpdateLoginProfile or Action contains iam:AttachUserPolicy or Action contains iam:AttachGroupPolicy or Action contains iam:AttachRolePolicy or Action contains iam:PutUserPolicy or Action contains iam:PutGroupPolicy or Action contains iam:PutRolePolicy or Action contains iam:AddUserToGroup or Action contains iam:UpdateAssumeRolePolicy or Action contains iam:*))] exists
    Azure Spring Cloud service is not configured with virtual network
    Identifies Azure Spring Cloud services that are not configured with a virtual network. Spring Cloud configured with a virtual network isolates apps and service runtime from the internet on your corporate network and provides control over inbound and outbound network communications for Azure Spring Cloud. As best security practice, it is recommended to deploy Spring Cloud service in a virtual network.
    config from cloud.resource where cloud.type = 'azure' AND api.name = 'azure-spring-cloud-service' AND json.rule = properties.powerState equals Running and sku.tier does not equal Basic and properties.networkProfile.serviceRuntimeSubnetId does not exist
    Policy Updates—RQL
    GCP Firewall rule allows all traffic on HTTP port (80)
    Changes
    —The RQL is modified to check if the firewall rule is disabled and includes IPv6 check. The remediation CLI is modified to disable the vulnerable firewall rule instead of deleting it.
    Additional permissions required:
    • compute.firewalls.update
    • compute.networks.updatePolicy
    Current RQL
    config from cloud.resource where cloud.type = 'gcp' AND api.name='gcloud-compute-firewall-rules-list' AND json.rule= 'sourceRanges[*] contains 0.0.0.0/0 and allowed[?any(ports contains _Port.inRange(80,80) or (ports does not exist and (IPProtocol contains tcp or IPProtocol contains udp)) )] exists'
    Updated RQL
    config from cloud.resource where cloud.type = 'gcp' AND api.name = 'gcloud-compute-firewall-rules-list' AND json.rule = disabled is false and direction equals INGRESS and (sourceRanges[*] equals ::0 or sourceRanges[*] equals 0.0.0.0 or sourceRanges[*] equals 0.0.0.0/0 or sourceRanges[*] equals ::/0 or sourceRanges[*] equals ::) and allowed[?any(ports contains _Port.inRange(80,80) or (ports does not exist and (IPProtocol contains tcp or IPProtocol contains udp)))] exists
    Updated CLI
    gcloud compute --project=${account} firewall-rules update ${resourceName} --disabled
    Impact
    —Low.
    GCP Firewall rule allows all traffic on Telnet port (23)
    Changes
    —The RQL is modified to check if the firewall rule is disabled and includes IPv6 check. The remediation CLI is modified to disable the vulnerable firewall rule instead of deleting it.
    Additional permissions required:
    • compute.firewalls.update
    • compute.networks.updatePolicy
    Current RQL
    config from cloud.resource where cloud.type = 'gcp' AND api.name='gcloud-compute-firewall-rules-list' AND json.rule= 'sourceRanges[*] contains 0.0.0.0/0 and allowed[?any(ports contains _Port.inRange(23,23) or (ports does not exist and (IPProtocol contains tcp or IPProtocol contains udp)) )] exists'
    Updated RQL
    config from cloud.resource where cloud.type = 'gcp' AND api.name = 'gcloud-compute-firewall-rules-list' AND json.rule = disabled is false and direction equals INGRESS and (sourceRanges[*] equals ::0 or sourceRanges[*] equals 0.0.0.0 or sourceRanges[*] equals 0.0.0.0/0 or sourceRanges[*] equals ::/0 or sourceRanges[*] equals ::) and allowed[?any(ports contains _Port.inRange(80,80) or (ports does not exist and (IPProtocol contains tcp or IPProtocol contains udp)))] exists
    Updated CLI
    gcloud compute --project=${account} firewall-rules update ${resourceName} --disabled
    Impact
    —Low impact on new alerts that were generated based on IP checks included in the updated RQL.

    REST API Updates

    CHANGE
    DESCRIPTION
    Last Updated Timestamps for List Alert V2 API
    The
    lastUpdated
     attribute is now added to the List Alerts V2 response for the
    POST /v2/alert
     endpoint.
    This attribute contains a timestamp to indicate when an alert was last updated. It also includes a timestamp for resource updates, policy updates, alert rule updates, alert status changes, and so on.

    New Features Introduced in 22.5.1

    New Features

    FEATURE
    DESCRIPTION
    Update
    Onboarding Cloud Accounts UI
    The cloud accounts onboarding has an updated UI and Prisma Cloud displays the onboarding information in a new and improved way.
    resource.state RQL Attribute
    You can now use the optional
    source/dest.resource.state
     RQL attribute to find resources that are active, for example an EC2 instance that has state as running or inactive or an EC2 instance that has state as stopped on Prisma Cloud. The available values are Active or Inactive.
    For example:
    config from network where source.network = '0.0.0.0/0' and address.match.criteria = 'full_match' and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS' and dest.resource.state = 'Active'
    When
    source/dest.resource.state
     is not specified in the query, then the RQL query displays both Active and Inactive resources in the result.
    Change in Existing Behavior
    Resolve Undeletes for Google Cloud Resources
    All the resources for
    gcloud-container-describe-clusters
    ,
    gcloud-compute-nat
    , and
    gcloud-iam-service-accounts-list
     will be deleted once and then regenerated on the management console. Existing alerts corresponding to these resources will be resolved as
    Resource_Updated
     and new alerts will be generated against policy violations.
    API Ingestions
    Amazon ECR
    aws-ecr-registry-scanning-configuration
    Additional permission required:
    ecr:GetRegistryScanningConfiguration
    AWS ACM Private Certificate Authority
    aws-acm-pca-certificate-authority
    Additional permissions required:
    • acm-pca:ListTags
    • acm-pca:GetPolicy
    • acm-pca:ListCertificateAuthorities
    Azure Data Box Gateway
    azure-databox-gateway
    Additional permission required:
    Microsoft.DataBoxEdge/dataBoxEdgeDevices/read
    Azure Availability Sets
    azure-vm-availability-set
    Additional permission required:
    Microsoft.Compute/availabilitySets/read
    Azure Notification Hubs
    azure-notification-hub-namespace
    Additional permission required:
    Microsoft.NotificationHubs/Namespaces/read
    Azure Notification Hubs
    azure-notification-hub
    Additional permission required:
    Microsoft.NotificationHubs/Namespaces/NotificationHubs/read
    Azure Local Network Gateways
    azure-local-network-gateways
    Additional permission required:
    Microsoft.Network/localnetworkgateways/read
    Azure NetApp Files
    azure-netappfiles-account
    Additional permission required:
    Microsoft.NetApp/netAppAccounts/read
    Azure Database for PostgreSQL
    azure-postgresql-flexible-server
    Additional permissions required:
    • Microsoft.DBforPostgreSQL/flexibleServers/read
    • Microsoft.DBforPostgreSQL/flexibleServers/firewallRules/read
    • Microsoft.DBforPostgreSQL/flexibleServers/configurations/read
    Azure Database for MySQL
    azure-mysql-flexible-server
    Additional permissions required:
    • Microsoft.DBforMySQL/flexibleServers/read
    • Microsoft.DBforMySQL/flexibleServers/firewallRules/read
    • Microsoft.DBforMySQL/flexibleServers/configurations/read
    OCI IAM
    oci-iam-identityproviders
    Additional permission required:
    inspect identity-providers
    Google Essential Contacts
    gcloud-essential-contacts-project-contact
    Additional permission required:
    essentialcontacts.contacts.list
    Google Service Directory
    gcloud-service-directory-namespace
    Additional permissions required:
    • servicedirectory.namespaces.list
    • servicedirectory.namespaces.getIamPolicy
    Google Organization Policy
    gcloud-organization-policy-project-constraint
    Additional permissions required:
    • orgpolicy.constraints.list
    • orgpolicy.policy.get
    Google Access Approval
    gcloud-access-approval-org-approval-setting
    Additional permission required:
    accessapproval.settings.get
    Change in Existing Behavior
    gcloud-compute-internal-lb-backend-service API Ingestion
    Prisma Cloud displays the
    gcloud-compute-internal-lb-backend-service
     region on the
    Investigate
     page.
    This change will cause a one-time delete of resources and alerts, which will be re-opened.

    New Policies and Policy Updates

    POLICY UPDATES
    DESCRIPTION
    New Policies
    AWS IAM policy overly permissive to Lambda service
    Identifies the IAM policies that are overly permissive to Lambda service. AWS provides serverless computational functionality through their Lambda service. Serverless functions allow organizations to run code for applications or backend services without provisioning virtual machines or management servers. It is recommended to follow the principle of least privileges, ensuring that only restricted Lambda services for restricted resources.
    config from cloud.resource where cloud.type = 'aws' and api.name = 'aws-iam-get-policy-version' AND json.rule = isAttached is true and document.Statement[?any(Effect equals Allow and (Action equals lambda:* or Action[*] equals lambda:*) and (Resource equals * or Resource[*] equals *) and Condition does not exist)] exists
    AWS Lambda IAM policy overly permissive to all traffic
    Identifies AWS Lambda IAM policies that are overly permissive to all traffic. It is recommended that the Lambda should be granted access restrictions so that only authorized users and applications have access to the service.
    config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-iam-get-policy-version' AND json.rule = isAttached is true and document.Statement[?any((Condition.ForAnyValue:IpAddress.aws:SourceIp contains 0.0.0.0/0 or Condition.IpAddress.aws:SourceIp contains 0.0.0.0/0 or Condition.IpAddress.aws:SourceIp contains ::/0 or Condition.ForAnyValue:IpAddress.aws:SourceIp contains ::/0) and Effect equals Allow and Action anyStartWith lambda:)] exists
    AWS Lambda function communicating with ports known to mine Monero
    Identifies AWS Lambda function which are communicating with ports known to mine Monero. AWS Lambda functions when infected with Denonia malware installs a XMRig mining software which is used for minning Monero. It is highly recommended to restrict Lambda function to known hosts or services only.
    network from vpc.flow_record where source.publicnetwork IN ( 'Internet IPs' , 'Suspicious IPs' , 'AWS IPs', 'Azure IPs', 'GCP IPs' ) and protocol IN ( 'TCP' ) and dest.port = 3333 and dest.resource IN ( resource where role IN ( 'AWS Lambda' ) ) and bytes > 0
    AWS RDS PostgreSQL exposed to local file read vulnerability
    Identifies AWS RDS PostgreSQL which are exposed to local file read vulnerability. AWS RDS PostgreSQL installed with vulnerable 'log_fdw' extension is exposed to local file read vulnerability, due to which attacker could gain access to local system files of the database instance within their account, including a file which contained credentials specific to PostgreSQL. It is highly recommended to upgrade AWS RDS PostgreSQL to the latest version.
    config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-rds-describe-db-instances' AND json.rule = dbinstanceStatus equals available and engine equals postgres and engineVersion is member of ('13.2','13.1','12.6','12.5','12.4','12.3','12.2','11.11','11.10','11.9','11.8','11.7','11.6','11.5','11.4','11.3','11.2','11.1','10.16','10.15','10.14','10.13','10.12','10.11','10.10','10.9','10.7','10.6','10.5','10.4','10.3','10.1','9.6.21','9.6.20','9.6.19','9.6.18','9.6.17','9.6.16','9.6.15','9.6.14','9.6.12','9.6.11','9.6.10','9.6.9','9.6.8','9.6.6','9.6.5','9.6.3','9.6.2','9.6.1','9.5','9.4','9.3')
    AWS Aurora PostgreSQL exposed to local file read vulnerability
    Identifies AWS Aurora PostgreSQL which are exposed to local file read vulnerability. AWS Aurora PostgreSQL installed with vulnerable 'log_fdw' extension is exposed to local file read vulnerability, due to which attacker could gain access to local system files of the database instance within their account, including a file which contained credentials specific to Aurora PostgreSQL. It is highly recommended to upgrade AWS Aurora PostgreSQL to the latest version.
    config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-rds-describe-db-instances' AND json.rule = dbinstanceStatus equals available and engine equals aurora-postgresql and engineVersion is member of ('10.11','10.12','10.13','11.6','11.7','11.8')
    Azure Recovery Services vault is not configured with managed identity
    Identifies Recovery Services vaults that are not configured with managed identity. Managed identity can be used to authenticate to any service that supports Azure AD authentication, without having credentials in your code. Storing credentials in a code increases the threat surface in case of exploitation and also managed identities eliminate the need for developers to manage credentials. So as a security best practice, it is recommended to have the managed identity to your Recovery Services vault.
    config from cloud.resource where cloud.type = 'azure' AND api.name = 'azure-recovery-service-vault' AND json.rule = properties.provisioningState equals Succeeded and (identity does not exist or identity.type equal ignore case "None")
    GCP Firewall rule exposes GKE clusters by allowing all traffic on port 10250
    Identifies GCP Firewall rule allowing all traffic on port 10250 which allows GKE full node access. The port 10250 on the kubelet is used by the kube-apiserver (running on hosts labeled as Orchestration Plane) for exec and logs. As per security best practice, port 10250 should not be exposed to the public.
    config from cloud.resource where cloud.type = 'gcp' AND api.name = 'gcloud-compute-firewall-rules-list' AND json.rule = disabled is false and direction equals INGRESS and (sourceRanges[*] equals ::0 or sourceRanges[*] equals 0.0.0.0 or sourceRanges[*] equals 0.0.0.0/0 or sourceRanges[*] equals ::/0 or sourceRanges[*] equals ::) and allowed[?any(ports contains _Port.inRange(10250,10250) or (ports does not exist and (IPProtocol contains tcp or IPProtocol contains udp or IPProtocol contains "all")))] exists as X; config from cloud.resource where api.name = 'gcloud-container-describe-clusters' AND json.rule = status equals RUNNING as Y; filter '$.X.network contains $.Y.networkConfig.network' ; show X;
    Permissions required to run the CLI:
    • compute.firewalls.update
    • compute.networks.updatePolicy
    Policy Updates—RQL
    AWS Network Load Balancer (NLB) is not using the latest predefined security policy
    Changes
    —AWS updated the recommended security policy for network load balancer configured with TLS. Due to this change, the policy RQL, description, and recommendation steps have been updated accordingly.
    Updated Description
    —Identifies Network Load Balancers (NLBs) are not using the latest predefined security policy. A security policy is a combination of protocols and ciphers. The protocol establishes a secure connection between a client and a server and ensures that all data passed between the client and your load balancer is private. A cipher is an encryption algorithm that uses encryption keys to create a coded message. It is recommended to use the latest predefined security policy which uses only secured protocol and ciphers.
    It is recommended to use ELBSecurityPolicy-TLS13-1-0-2021-06 policy if you require Forward Secrecy (FS) and use ELBSecurityPolicy-2016-08 policy to meet compliance and security standards that require disabling certain TLS protocol versions or to support legacy clients that require deprecated ciphers.
    Current RQL
    config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-elbv2-describe-load-balancers' AND json.rule = 'type equals network and listeners[?any(protocol equals TLS and sslPolicy exists and (sslPolicy does not contain ELBSecurityPolicy-FS-1-2-Res-2020-10 and sslPolicy does not contain ELBSecurityPolicy-TLS-1-2-Ext-2018-06))] exists'
    Updated RQL
    config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-elbv2-describe-load-balancers' AND json.rule = state.code equals active and type equals "network" and listeners[?any(protocol equals TLS and sslPolicy exists and sslPolicy does not contain ELBSecurityPolicy-TLS13-1-0-2021-06 and sslPolicy does not contain ELBSecurityPolicy-2016-08)] exists
    Impact
    —Medium. The alerts for resources which had older security policy will be resolved as ‘Policy_Updated’ and new alerts will be created if the security policy for network load balancer configured with TLS is not the same as recommended by AWS.
    GCP User managed service accounts have user managed service account keys
    Changes
    —The policy RQL is updated to exclude Prisma-cloud specific service account and the description is modified based on the updated RQL.
    Updated Description
    —Identifies user managed service accounts that use user managed service account keys instead of Google-managed. For user-managed keys, the User has to take ownership of key management activities. Even after owner precaution, keys can be easily leaked by common development malpractices like checking keys into the source code or leaving them in downloads directory or accidentally leaving them on support blogs/channels. It is recommended to limit the use of User-managed service account keys and instead use Google-managed keys which can not be downloaded.
    This policy might alert the service accounts which are not created using Terraform for cloud account onboarding. These alerts are valid because no user-managed service account should be used for cloud account onboarding.
    Current RQL
    config from cloud.resource where api.name = 'gcloud-iam-service-accounts-keys-list' as X; config from cloud.resource where api.name = 'gcloud-iam-service-accounts-list' as Y; filter '($.X.name contains iam.gserviceaccount.com and $.X.name contains $.Y.email and $.X.keyType contains USER_MANAGED)' ; show X;
    Updated RQL
    config from cloud.resource where api.name = 'gcloud-iam-service-accounts-keys-list' as X; config from cloud.resource where api.name = 'gcloud-iam-service-accounts-list' as Y; filter '($.X.name does not contain prisma-cloud and $.X.name contains iam.gserviceaccount.com and $.X.name contains $.Y.email and $.X.keyType contains USER_MANAGED)' ; show X;
    Impact
    —Medium. The RQL modification will resolve alerts associated with Prisma-cloud specific service accounts.
    Policy Updates—Metadata
    AWS EMR cluster is not enabled with local disk encryption using CMK
    Changes
    —The policy name and description are updated.
    Current Name
    —AWS EMR cluster is not enabled with local disk encryption using CMK
    Updated Name
    —AWS EMR cluster is not enabled with local disk encryption using Custom key provider
    Updated Description
    —Identifies AWS EMR clusters that are not enabled with local disk encryption using Custom key provider. Applications using the local file system on each cluster instance for intermediate data throughout workloads, where data could be spilled to disk when it overflows memory. With Local disk encryption at place, data at rest can be protected.
    Impact
    —No impact on existing alerts.
    Azure Policies
    Changes
    —The recommendations steps for the following policies are updated as per the Azure UI changes:
    • Azure SQL databases Defender setting is set to Off
    • Azure SQL server Defender setting is set to Off
    • Azure SQL Databases with disabled Email service and co-administrators for Threat Detection
    • Azure SQL Server ADS Vulnerability Assessment 'Also send email notifications to admins and subscription owners' is disabled
    • Azure SQL Server ADS Vulnerability Assessment is disabled
    • Azure SQL Server ADS Vulnerability Assessment 'Send scan reports to' is not configured
    • Azure SQL Server ADS Vulnerability Assessment Periodic recurring scans is disabled
    Impact
    —No impact on existing alerts.
    Policy Deletions
    Azure Policies
    Changes
    —The following policies are deleted because the Setting feature is no longer available in the Azure UI:
    • Azure SQL Server threat logs retention is less than 91 days
    • Azure SQL Database with Threat Retention less than or equals to 90 days
    • Azure SQL Server threat detection alerts not enabled for all threat types
    • Send alerts on field value on SQL Databases is misconfigured
    • Threat Detection types on SQL databases is misconfigured
    Impact
    —Previously generated alerts will be resolved as Policy_Deleted.
    The compliance mapping for the above listed policies is removed due to which the compliance score can get affected. The affected compliance standards are:
    APRA, CMMC_1_02, CSA_CCM_V4, HITRUST942, ISO_27002_2013, ISO_27017_2015, LGPD, NIST_800_171R2, NIST_800_172, NIST_800_53_R4_AZU_LEG, NIST_800_53_R5_AZURE, NIST_CSF_V_1_1, PCIDSS_321, AZURE_CCPA, AZURE_PIPEDA, MLPS20_AZURE, AZURE_CSA_CCM_V301, AZURE_HITRUST_V93, AZURE_NIST_CSF, AZURE_SOC2, CIS_AZURE_120, CIS_AZURE_V1.1, ISO_27018_2019
    Impact
    —Low impact on existing alerts.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo