Prisma Cloud Compute must run within a defined/separate namespace (e.g., Twistlock).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-253547 | CNTR-PC-001380 | SV-253547r961608_rule | CCI-002530 | medium |
| Description | ||||
| Namespaces are a key boundary for network policies, orchestrator access control restrictions, and other important security controls. Prisma Cloud Compute containers running within a separate and exclusive namespace will inherit the namespace's security features. Separating workloads into namespaces can help contain attacks and limit the impact of mistakes or destructive actions by authorized users. | ||||
| STIG | Date | |||
| Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide | 2024-12-06 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
SC-39
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-002530
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-253547r961608_chk)
Inspect the Kubernetes namespace in which Prisma Cloud Compute is deployed:
$ kubectl get pods -n twistlock
NAME READY STATUS RESTARTS AGE
twistlock-console-855744b66b-xs9cm 1/1 Running 0 4d6h
twistlock-defender-ds-99zj7 1/1 Running 0 58d
twistlock-defender-ds-drsh8 1/1 Running 0 58d
Inspect the list of pods.
If a non-Prisma Cloud Compute (does not start with "twistlock") pod is running in the same namespace, this is a finding.
Fix Text (F-56950r840478_fix)
Deploy the Prisma Cloud Compute Console and Defender containers within a distinct namespace.