Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Prisma Cloud Compute must not write sensitive data to event logs.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-253541 | CNTR-PC-000880 | SV-253541r961167_rule | Medium |
| Description |
|---|
| The determination of what is sensitive data varies from organization to organization. The organization must ensure the recipients for the event log information have a need to know and the log is sanitized based on the audience. |
| STIG | Date |
|---|---|
| Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide | 2024-06-10 |
Details
| Check Text ( C-56993r840459_chk ) |
|---|
| Navigate to Prisma Cloud Compute Console's >> Manage >> System >> General tab. Inspect the Log Scrubbing section. If "Automatically scrub secrets from runtime events" is "off", this is a finding. |
| Fix Text (F-56944r840460_fix) |
|---|
| Navigate to Prisma Cloud Compute Console's >> Manage >> System >> General tab. In the Log Scrubbing section, set "Automatically scrub secrets from runtime events" to "on" and click "Save". |