Prisma Cloud Enterprise Edition (SaaS) | How-to guides | Howto

Welcome
- Welcome
- Getting started
- Upgrade announcements
- Compute SaaS maintenance updates
- NAT gateway IP addresses
- Product architecture
- Support lifecycle
- Upcoming support lifecycle changes
- Licensing
- Prisma Cloud Enterprise Edition vs Compute Edition
- Utilities and plugins
Install
- Install
- Getting started
- System requirements
- Prisma Cloud container images
- Kubernetes
- OpenShift 4
- OpenShift 3.11
- VMware Tanzu Kubernetes Grid
- Amazon ECS
- Docker Swarm
- Windows
- Defender types
- Install Defender
Upgrade
- Upgrade
- Upgrade process
- Kubernetes
- OpenShift
- Helm charts
- Docker Swarm
- Amazon ECS
- Manually upgrade single Container Defenders
- Manually upgrade Defender DaemonSets
- Manually upgrade Defender DaemonSets (Helm)
- Manually upgrade Swarm Defender global service
Technology overviews
- Technology overviews
- Prisma Cloud Advanced Threat Protection
- App-specific network intelligence
- Container runtimes
- Radar
- Serverless Radar
- Prisma Cloud rules guide for Docker
- Defender architecture
- Telemetry
Configure
- Configure
- Rule ordering and pattern matching
- Disaster recovery
- Custom feeds
- Proxy configuration
- Configure scan intervals
- User certificate validity period
- Enable HTTP access to Console
- Set different paths for Console and Defender (with daemon sets)
- Authenticate to Console with certificates
- Customize terminal output
- Collections
- Tags
- WildFire settings
Authentication
- Authentication
- Access keys
- Prisma Cloud user roles
- Compute user roles
- Assign roles
- Credentials store
Vulnerability management
- Vulnerability management
- Prisma Cloud vulnerability feed
- Vulnerability Explorer
- Vulnerability management rules
- Search CVEs
- Scan reports
- Customize image scanning
- Registry scanning
- Configuring registry scans
- VM image scanning
- Code repository scanning
- Malware scanning
- Risk trees
- Detect vulnerabilities in unpackaged software
- CVSS scoring
- Google Cloud Container Builder
- Windows image scanning
- Serverless function scanning
- VMware Tanzu blobstore scanning
Access control
- Access control
- Docker role-based access control
- Admission control
Compliance
- Compliance
- Compliance Explorer
- Manage compliance
- CIS Benchmarks
- Prisma Cloud compliance checks
- Serverless functions
- Windows compliance checks
- DISA STIG for Docker Enterprise
- Custom compliance checks
- Trusted images
- Host scanning
- VM image scanning
- Fargate scanning
- Detect secrets
- Cloud discovery
- OSS license management
Runtime defense
- Runtime defense
- Runtime defense for containers
- Runtime defense for hosts
- Runtime defense for AWS Fargate
- Event Aggregation
- Custom runtime rules
- Import and export individual rules
- ATTACK explorer
- Runtime audits
- Incident Explorer
- Incident types
Continuous integration
- Continuous integration
- Jenkins plugin
- Jenkins Freestyle project
- Jenkins Maven project
- Jenkins Pipeline project
- Run Jenkins in a container
- Jenkins pipeline on K8S
- CloudBees Core pipeline on K8S
- Set policy in the CI plugins
- Code repo scanning
Web-Application and API Security (WAAS)
- Web-Application and API Security (WAAS)
- Overview
- Deployment
- App firewall
- API protection
- DoS protection
- Bot protection
- Access control
- Advanced settings
- Analytics
- API observations
- Custom rules
Firewalls
- Firewalls
- Cloud Native Network Firewall (CNNF)
Secrets
- Secrets
- Secrets manager
- Integrate with a secrets store
- Secrets stores
- Inject secrets into containers
- Injecting secrets example
Alerts
- Alerts
- Alert mechanism
- AWS Security Hub
- Cortex XSOAR
- Email
- Google Cloud Pub/Sub
- Google Cloud SCC
- IBM Cloud Security Advisor
- JIRA
- PagerDuty
- ServiceNow Security Incident Response
- ServiceNow Vulnerability Response
- Slack
- Webhook
Audit
- Audit
- Event viewer
- Host activity
- Admin activity
- Annotate audits
- Delete audit logs
- Syslog and stdout integration
- Log rotation
- Throttling
- Prometheus
- Kubernetes auditing
Tools
- Tools
- twistcli
- Scan images with twistcli
- Scan code repos with twistcli
- Scan IaC files with twistcli
Deployment patterns
- Deployment patterns
- DNS and certificate management
- Caps
- Performance planning
API
- API
How-to guides
- Howto
- Deploy Defenders External to an OpenShift cluster
- Disable automatic learning
- Review debug logs

1. Overview

1. Overview

This section contains guides for deploying various advanced setups.