UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide


Overview

Date Finding Count (31)
2022-08-24 CAT I (High): 7 CAT II (Med): 24 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Classified)

Finding ID Severity Title
V-253543 High The configuration integrity of the container platform must be ensured and vulnerabilities policies must be configured.
V-253544 High Prisma Cloud Compute must be configured to scan images that have not been instantiated as containers.
V-253531 High Prisma Cloud Compute host compliance baseline policies must be set.
V-253532 High The configuration integrity of the container platform must be ensured and compliance policies must be configured.
V-253522 High Prisma Cloud Compute Console must use TLS 1.2 for user interface and API access. Communication TCP ports must adhere to the Ports, Protocols, and Services Management Category Assurance Levels (PSSM CAL).
V-253526 High Prisma Cloud Compute Cloud Native Network Firewall (CNNF) automatically monitors layer 4 (TCP) intercontainer communications. Enforcement policies must be created.
V-253529 High The configuration integrity of the container platform must be ensured and runtime policies must be configured.
V-253540 Medium Prisma Cloud Compute must prevent unauthorized and unintended information transfer.
V-253541 Medium Prisma Cloud Compute must not write sensitive data to event logs.
V-253542 Medium The node that runs Prisma Cloud Compute containers must have sufficient disk space to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.
V-253545 Medium Prisma Cloud Compute Defender must reestablish communication to the Console via mutual TLS v1.2 WebSocket session.
V-253546 Medium Prisma Cloud Compute Defender containers must run as root.
V-253547 Medium Prisma Cloud Compute must run within a defined/separate namespace (e.g., Twistlock).
V-253548 Medium Prisma Cloud Compute must protect the confidentiality and integrity of transmitted information.
V-253549 Medium Prisma Cloud Compute must be running the latest release.
V-253535 Medium All Prisma Cloud Compute users must have a unique, individual account.
V-253534 Medium Prisma Cloud Compute must use TCP ports above 1024.
V-253537 Medium Prisma Cloud Compute must be configured with unique user accounts.
V-253536 Medium Prisma Cloud Compute Console must run as nonroot user (uid 2674).
V-253530 Medium Prisma Cloud Compute must be configured to send events to the hosts' syslog.
V-253533 Medium Images stored within the container registry must contain only images to be run as containers within the container platform.
V-253539 Medium Prisma Cloud Compute must be configured to require local user accounts to use x.509 multifactor authentication.
V-253538 Medium Prisma Cloud Compute local accounts must enforce strong password requirements.
V-253552 Medium Prisma Cloud Compute release tar distributions must have an associated SHA-256 digest.
V-253551 Medium Configuration of Prisma Cloud Compute must be continuously verified.
V-253550 Medium Prisma Cloud Compute's Intelligence Stream must be kept up to date.
V-253523 Medium Access to Prisma Cloud Compute must be managed based on user need and least privileged  using external identity providers for authentication and grouping to role-based assignments when possible.
V-253527 Medium Prisma Cloud Compute Defender must be deployed to containerization nodes that are to be monitored.
V-253524 Medium Users requiring access to Prisma Cloud Compute's Credential Store must be assigned and accessed by the appropriate role holders.
V-253525 Medium Prisma Cloud Compute Collections must be used to partition views and enforce organizational-defined need-to-know access.
V-253528 Medium Prisma Cloud Compute must be configured for forensic data collection.