Prisma Cloud Compute Collections must be used to partition views and enforce organizational-defined need-to-know access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-253525 | CNTR-PC-000130 | SV-253525r960801_rule | CCI-001368 | medium |
| Description | ||||
| Prisma Cloud Compute Collections are used to scope rules to target specific resources in an environment, partition views, and enforce which views specific users and groups can access. Collections can control access to data on a need-to-know basis. | ||||
| STIG | Date | |||
| Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide | 2024-12-06 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-4
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.1.3
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001368
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-253525r960801_chk)
Navigate to Prisma Cloud Compute Console's >> Manage >> Collections and Tags >> Collections tab.
Review the Collections according to organizational policy.
If no organizational-specific Collections are defined, this is a finding.
Fix Text (F-56928r840412_fix)
Navigate to Prisma Cloud Compute Console's >> Manage >> Collections and Tags >> Collections tab.
Create a collection:
- Click "Add Collection".
- Enter a name and description and then specify a filter to target specific resources.
- Click "Save".