Skip to content

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000023-CTR-000055

    <GroupDescription></GroupDescription>
    Group
  • Access to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.

    &lt;VulnDiscussion&gt;Integration with an organization's existing identity management policies technologies reduces the threat of account compromis...
    Rule Medium Severity
  • SRG-APP-000033-CTR-000100

    <GroupDescription></GroupDescription>
    Group
  • Users requiring access to Prisma Cloud Compute's Credential Store must be assigned and accessed by the appropriate role holders.

    &lt;VulnDiscussion&gt;The container platform keystore is used to store credentials that are used to build a trust between the container platform an...
    Rule Medium Severity
  • SRG-APP-000038-CTR-000105

    <GroupDescription></GroupDescription>
    Group
  • Prisma Cloud Compute Collections must be used to partition views and enforce organizational-defined need-to-know access.

    &lt;VulnDiscussion&gt;Prisma Cloud Compute Collections are used to scope rules to target specific resources in an environment, partition views, and...
    Rule Medium Severity
  • SRG-APP-000039-CTR-000110

    <GroupDescription></GroupDescription>
    Group
  • Prisma Cloud Compute Cloud Native Network Firewall (CNNF) automatically monitors layer 4 (TCP) intercontainer communications. Enforcement policies must be created.

    &lt;VulnDiscussion&gt;Network segmentation and compartmentalization are important parts of a comprehensive defense-in-depth strategy. CNNF works as...
    Rule High Severity
  • SRG-APP-000097-CTR-000180

    <GroupDescription></GroupDescription>
    Group
  • Prisma Cloud Compute Defender must be deployed to containerization nodes that are to be monitored.

    &lt;VulnDiscussion&gt;Container platforms distribute workloads across several nodes. The ability to uniquely identify an event within an environmen...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules