All Prisma Cloud Compute users must have a unique, individual account.
An XCCDF Rule
Description
<VulnDiscussion>Prisma Cloud Compute does not have a default account. During installation, the installer creates an administrator. This account can be removed once other accounts have been added. To ensure accountability and prevent unauthenticated access, users must be identified and authenticated to prevent potential misuse and compromise of the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-253535r879589_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Navigate to Prisma Cloud Compute Console's >> Manage >> Authentication >> Users tab.
Ensure only the break glass administrator account is a "local" account.
Delete all other local accounts and use the SAML identity provider for all authentication and authorization to the Prisma Cloud Compute Console.