Prisma Cloud: Workload incident alerts overlap in both CSPM and CWPP

1. What are Prisma Cloud alerts? How to enable them?
2. What does the policy type "Workload Incidents" correspond to on Prisma Compute?

• Prisma Cloud/Compute - SaaS

Prisma Cloud alerts and how to enable them:

• Prisma Cloud continually monitors all of your cloud environments to detect misconfigurations (such as exposed cloud storage instances), advanced network threats (such as cryptojacking and data exfiltration), potentially compromised accounts (such as stolen access keys), and vulnerable hosts. Prisma Cloud then correlates configuration data with user behavior and network traffic to provide context around misconfigurations and threats in the form of actionable alerts. Enable Prisma Cloud Alerts
   

• The policy type "Workload Incidents" on the Prisma Cloud side (Policies > Overview > Policy Coverage > Workload Incidents) falls under Workload Protection Policies on the Prisma Cloud side (CSPM).

• The incidents/alerts generated on the CSPM side for the set policy correspond to policies as well as results for Runtime defense on the Prisma Compute side in general, and results seen on the Incident Explorer to be specific.

• The results/incidents/alerts seen under Compute > Monitor > Runtime > Incident Explorer may include several Incident types and the output is generated based on the rules set under Compute > Defend > Runtime.

• To conclude this, any incident/alerts seen under Incident explorer page on the CWP platform shall show up under alerts for the policy type "Workload Incidents" on the CSPM platform.