Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The configuration integrity of the container platform must be ensured and compliance policies must be configured.
<VulnDiscussion>Consistent application of Prisma Cloud Compute compliance policies ensures the continual application of policies and the asso...Rule High Severity -
SRG-APP-000141-CTR-000320
<GroupDescription></GroupDescription>Group -
Images stored within the container registry must contain only images to be run as containers within the container platform.
<VulnDiscussion>The Prisma Cloud Compute Trusted Images feature allows the declaration, by policy, of which registries, repositories, and ima...Rule Medium Severity -
SRG-APP-000142-CTR-000330
<GroupDescription></GroupDescription>Group -
Prisma Cloud Compute must use TCP ports above 1024.
<VulnDiscussion>Privileged ports are ports below 1024 that require system privileges for their use. If containers are able to use these ports...Rule Medium Severity -
SRG-APP-000148-CTR-000335
<GroupDescription></GroupDescription>Group -
All Prisma Cloud Compute users must have a unique, individual account.
<VulnDiscussion>Prisma Cloud Compute does not have a default account. During installation, the installer creates an administrator. This accou...Rule Medium Severity -
SRG-APP-000148-CTR-000345
<GroupDescription></GroupDescription>Group -
Prisma Cloud Compute Console must run as nonroot user (uid 2674).
<VulnDiscussion>Containers not requiring root-level permissions must run as a unique user account. To ensure accountability and prevent unaut...Rule Medium Severity -
SRG-APP-000153-CTR-000375
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.