Prisma Cloud Compute Edition is a comprehensive Cloud Native Security Platform (CNSP) which includes container vulnerability management. This scanner was formerly known as Twistlock.
Use the Prisma Cloud connector in Kenna to assist you in reducing risk across your containerized infrastructure.
The Prisma Cloud connector ingests information from containers and the images they run. In Kenna, containers inherit the same CVEs as the images that they are running. You therefore can manage risk by focusing on either containers or images, depending on your preferred workflow.
Important: This connector DOES NOT support the Prisma Cloud Enterprise Edition.
Adding the Prisma Cloud Connector
To add the connector to your environment, navigate to the Connectors tab on the navigation bar and select Add Connector.
Enter the appropriate information in the pop-up window.
Click Save And Verify. Once complete, proceed to upload and run your connector.
On the VM Explore right-hand navigation bar, there are multiple filters that provide the ability to view the assets and vulnerabilities specific to your Prisma Cloud environment.
Note: It is possible to filter based on images, containers or both.
For the purpose of least-privilege access needed, it is recommended you use a Prisma user with the DevSecOps User role for interacting with Kenna.
Important note when using Prisma Collections: For API users that are restricted to a specific set of Prisma Collections, the API requests will fail. For this reason, you must grant your API user access to all Collections.
Prisma Cloud Compute Edition Data in Kenna
When Prisma Cloud Compute Edition is enabled, the new Type column in the Explore page will allow you to easily distinguish one type of asset from another.
Important: Currently, the only supported asset types are container and image; others will not have a Type value.
Note: In order to see the Type column, enable it using the Display dropdown.
Additionally, a new filter shows the counts of the Prisma Cloud asset types - container or image.
Important: Disconnected projects in the Prisma Cloud environment can lead to connector run failures. To prevent this, all disconnected projects within Prisma Cloud must either be reconnected or have access to these projects restricted via the Prisma Cloud console.
The following additional settings can be enabled in your connector.
Custom Ordered Locators
If a custom locator order is required, you must add the following additional two locators to the beginning of that list: container_locator, image_locator, ..., … .
Important: To have these enabled, or for more information, contact your Customer Experience (CX) Team.
Importing Image Data Only
When setting up your connector, you have the option to only import image data. This can be done by selecting the Do Not Import Container Data checkbox.
Frequently Asked Questions
- Why do I see fewer or more containers and images in Kenna than I expect?
First, search Prisma Cloud for the same container or image to determine if assets appear as expected in Prisma Cloud.If assets do not appear as expected in Prisma Cloud, then you can adjust your Prisma scan settings to run more frequently.
Additionally, note that by default Prisma Cloud only present image vulnerabilities for those images which have been used by recent containers. You can disable this behavior, but it is recommended that you keep it enabled.
Next, if the containers and images that expect appear in Prisma Cloud but not in Kenna, then a new connector run may be needed.