This section contains guidance for the implementation of Prisma Cloud Compute in public-sector organizations. Please check up on this site as guidance may change over time.

Document revisions

Date Comment


Initial release of this guidance.


DISA STIG scan findings and justifications for every release

Federal Risk and Authorization Management Program (FedRAMP)

Prisma Cloud Enterprise Edition is in process for FedRAMP Moderate certification. The Prisma Cloud Compute module is not within the boundaries of this certification and is not available within the FedRAMPed Prisma Cloud Console. Customers requiring FedRAMP certification should use the self-hosted version, Prisma Cloud Compute Edition. For customers offering their own FedRAMP services that use Prisma Cloud Compute to facilitate in their service’s FedRAMP certification, GSA has drafted guidance for the FedRAMP Vulnerability Scanning Requirements for the Deployment and use of Containers.

The configuration settings for Prisma Cloud Compute’s features and functions to support an organization’s FedRAMP certification can be found here.

Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs)

The findings based upon the vulnerability severity category codes can be found here.

DISA STIG scan findings and justifications for every Prisma Cloud Compute release

Every release of Prisma Cloud Compute we perform an SCAP scan of the Console and Defender images. The scan is performed using OpenSCAP using:

  • Benchmark URL: scap-security-guide-<latest>/ssg-rhel8-ds.xml

  • Benchmark ID: xccdf_org.ssgproject.content_benchmark_RHEL-8

  • Profile ID: xccdf_org.ssgproject.content_profile_stig

from the Compliance as Code GitHub repository. All Prisma Cloud Compute findings are posted here.