STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide

Version

V2R3

Release Date

Feb 13, 2026

SCAP Benchmark ID

PAN_Prisma_Cloud_Compute_STIG

Total Checks

31

Tags

network
CAT I: 8CAT II: 23CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (31)

V-253522HIGHPrisma Cloud Compute Console must use TLS 1.2 for user interface and API access. Communication TCP ports must adhere to the Ports, Protocols, and Services Management Category Assurance Levels (PSSM CAL).V-253523MEDIUMAccess to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.V-253524MEDIUMUsers requiring access to Prisma Cloud Compute's Credential Store must be assigned and accessed by the appropriate role holders.V-253525MEDIUMPrisma Cloud Compute Collections must be used to partition views and enforce organizational-defined need-to-know access.V-253526HIGHPrisma Cloud Compute Cloud Native Network Firewall (CNNF) automatically monitors layer 4 (TCP) intercontainer communications. Enforcement policies must be created.V-253527MEDIUMPrisma Cloud Compute Defender must be deployed to containerization nodes that are to be monitored.V-253528MEDIUMPrisma Cloud Compute must be configured for forensic data collection.V-253529HIGHThe configuration integrity of the container platform must be ensured and runtime policies must be configured.V-253530MEDIUMPrisma Cloud Compute must be configured to send events to the hosts' syslog.V-253531HIGHPrisma Cloud Compute host compliance baseline policies must be set.V-253532HIGHThe configuration integrity of the container platform must be ensured and compliance policies must be configured.V-253533MEDIUMImages stored within the container registry must contain only images to be run as containers within the container platform.V-253534MEDIUMPrisma Cloud Compute must use TCP ports above 1024.V-253535MEDIUMAll Prisma Cloud Compute users must have a unique, individual account.V-253536MEDIUMPrisma Cloud Compute Console must run as nonroot user (uid 2674).V-253537MEDIUMPrisma Cloud Compute must be configured with unique user accounts.V-253538MEDIUMPrisma Cloud Compute local accounts must enforce strong password requirements.V-253539MEDIUMPrisma Cloud Compute must be configured to require local user accounts to use x.509 multifactor authentication.V-253540MEDIUMPrisma Cloud Compute must prevent unauthorized and unintended information transfer.V-253541MEDIUMPrisma Cloud Compute must not write sensitive data to event logs.V-253542MEDIUMThe node that runs Prisma Cloud Compute containers must have sufficient disk space to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.V-253543HIGHThe configuration integrity of the container platform must be ensured and vulnerabilities policies must be configured.V-253544HIGHPrisma Cloud Compute must be configured to scan images that have not been instantiated as containers.V-253545MEDIUMPrisma Cloud Compute Defender must reestablish communication to the Console via mutual TLS v1.2 WebSocket session.V-253546MEDIUMPrisma Cloud Compute Defender containers must run as root.V-253547MEDIUMPrisma Cloud Compute must run within a defined/separate namespace (e.g., Twistlock).V-253548HIGHPrisma Cloud Compute must protect the confidentiality and integrity of transmitted information.V-253549MEDIUMPrisma Cloud Compute must be running the latest release.V-253550MEDIUMPrisma Cloud Compute's Intelligence Stream must be kept up to date.V-253551MEDIUMConfiguration of Prisma Cloud Compute must be continuously verified.V-253552MEDIUMPrisma Cloud Compute release tar distributions must have an associated SHA-256 digest.