Prisma Cloud-Discrepancy in the Compliance Report generated by Prisma compared to compliance report generated by the cloud provider

Prisma Cloud-Discrepancy in the Compliance Report generated by Prisma compared to compliance report generated by the cloud provider

759
Created On 04/19/24 08:28 AM - Last Modified 02/28/25 17:34 PM


Symptom


There will be a discrepancy in the compliance report generated by Prisma cloud compared to the compliance report generated by the cloud provider for the same cloud account. 

Eg: If the compliance report is generated for "CIS v1.4.0 AWS", compliance standard in AWS and Prisma cloud. The Compliance report may differ for the same cloud account.

Environment


  • Prisma Cloud
  • Compliance Report

Cause


Compliance report in Prisma Cloud is directly dependant on the status of the policies associated with the respective compliance parameters and the alert rule status for the policies. 

Resolution


  • Ensure that the policies for the respective CIS benchmark are enabled.
  • The Alert rule for these policies should also be enabled.



Refer to below example:

Selecting the Compliance and verifying the policy status

  • Compliance Standard Selected is, " CIS v1.4.0 (AWS) "


image.png

  • Select the Networking parameter under the Compliance Standard

  • Select any policy under Networking and ensure that the policy is enabled 


image.png

Validating the Alert Rule:

  • Select the tab 'Alerts' and view 'Alert Rules'



image.png

  • Verify that the Alert Rule is enabled for the respective AWS Account for which the Compliance standard is required 

  • Select the Account group and the Region


image.png


Note: Policies should be set to 'Enabled' 

image.png
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oPBxCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail