Skip to content

Prisma Cloud Compute Defender must reestablish communication to the Console via mutual TLS v1.2 WebSocket session.

An XCCDF Rule

Description

<VulnDiscussion>When the secure WebSocket session between the Prisma Cloud Compute Console and Defenders is disconnected, the Defender will continually attempt to reestablish the session. Without reauthentication, unidentified or unknown devices may be introduced; thereby facilitating malicious activity. The Console must be configured to remove a Defender that has not established a connection in a specified period of days.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-253545r986174_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Navigate to Prisma Cloud Compute's Manage >> Defenders. 

Select the "Manage" tab. Select the "Defenders" tab.

Click "Advanced Settings".