Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-253527 | CNTR-PC-000240 | SV-253527r879565_rule | Medium |
Description |
---|
Container platforms distribute workloads across several nodes. The ability to uniquely identify an event within an environment is critical. Prisma Cloud Compute Container Runtime audits record the time, container, corresponding image, and node where the event occurred. Satisfies: SRG-APP-000097-CTR-000180, SRG-APP-000100-CTR-000200 |
STIG | Date |
---|---|
Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide | 2023-06-05 |
Check Text ( C-56979r840417_chk ) |
---|
Navigate to Prisma Cloud Compute Console's >> Manage >> Defenders >> Manage tab. Verify Prisma Cloud Compute Defenders have been deployed to all container runtime nodes to be monitored. Review the list of deployed Defenders. If a Defender is missing, this is a finding. |
Fix Text (F-56930r840418_fix) |
---|
Navigate to Prisma Cloud Compute Console's >> Manage >> Defenders >> Manage tab. Deploy Defender to containerization node: - Select the method of Defender deployment. - Configure the Defender policy. |