Skip to content
Log In

II - Mission Support Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000014-CTR-000040

    Group
    Show

  • Prisma Cloud Compute Console must use TLS 1.2 for user interface and API access. Communication TCP ports must adhere to the Ports, Protocols, and Services Management Category Assurance Levels (PSSM CAL).

    Communication to Prisma Cloud Compute Console's User Interface (UI) and API is protected by TLS v1.2+ (HTTPS). By default, only HTTPS communication to the Console's UI and API endpoints is enabled....
    Rule High Severity
    Show

  • SRG-APP-000023-CTR-000055

    Group
    Show

  • Access to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.

    Integration with an organization's existing identity management policies technologies reduces the threat of account compromise and misuse. Centralized authentication services provide additional fu...
    Rule Medium Severity
    Show

  • SRG-APP-000033-CTR-000100

    Group
    Show

  • Users requiring access to Prisma Cloud Compute's Credential Store must be assigned and accessed by the appropriate role holders.

    The container platform keystore is used to store credentials that are used to build a trust between the container platform and an external source. This trust relationship is authorized by the organ...
    Rule Medium Severity
    Show

  • SRG-APP-000038-CTR-000105

    Group
    Show

  • Prisma Cloud Compute Collections must be used to partition views and enforce organizational-defined need-to-know access.

    Prisma Cloud Compute Collections are used to scope rules to target specific resources in an environment, partition views, and enforce which views specific users and groups can access. Collections c...
    Rule Medium Severity
    Show

  • SRG-APP-000039-CTR-000110

    Group
    Show

  • Prisma Cloud Compute Cloud Native Network Firewall (CNNF) automatically monitors layer 4 (TCP) intercontainer communications. Enforcement policies must be created.

    Network segmentation and compartmentalization are important parts of a comprehensive defense-in-depth strategy. CNNF works as an east-west firewall for containers. It limits damage by preventing at...
    Rule High Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules