Palo Alto Prisma Cloud

Palo Alto Prisma Cloud is a robust cloud security platform that safeguards data and applications across various cloud environments. It offers threat detection, vulnerability management, and compliance monitoring in a unified solution. Prisma Cloud provides real-time visibility and control over cloud resources.

Integration: API
Tables: Compliance Finding

Events: Device information, Alerts, Compute, Web Resources

This integration has been tested against Palo Alto Prisma Cloud platform v2 version.

Prisma Cloud Configuration

1. In Palo Alto Prisma Cloud Platform, navigate to Settings > Access Control

2. Select Access Keys and then click on Add Button which is on right upper corner.

1. Add the name of that access key and click on Save.

3. Copy the Access Key ID, Secret Access Key. This is your unique API_SECRET_KEY.

Note: You will not be able to view the API Key again after you complete this step. Ensure that you copy it before closing the notification.

For detailed Prisma Cloud documentation, refer to https://pan.dev/prisma-cloud/api/cspm/

DataBee Configuration

1. To configure the Data Source, login into the DataBee UI, click the Data tab and click on Add New Data Source. Search and click on the Palo Alto Prisma Cloud

2. Click on the API Ingest option for collection method. Give the name of the Data Source and other relevant information as mentioned below.

3. In the connection dialog, enter the following:

4. Authorization Method: Token URL Auth

5. Username: Paste the Access Key ID saved earlier

6. Password: Paste the Secret Access Key saved earlier

7. API_URL: Replace the <instance> placeholder with your tenant subdomain information

   

   8. Click Submit