In Prisma Cloud, runtime rules are created to monitor and control the behavior of applications and services during their execution to ensure compliance with security policies. The three types of runtime rules that can be created in Prisma Cloud are:
Processes: These rules monitor and control the execution of processes within the environment. They can be used to detect unauthorized or malicious processes and take actions such as alerting, blocking, or terminating the processes.
Network-outgoing: These rules govern the outbound network connections from the applications or containers. They help in controlling access to external resources, preventing data exfiltration, and ensuring that the communication complies with the security policies.
Filesystem: Filesystem rules are related to the access and modification of the file system by applications or containers. These rules can help in detecting unauthorized access, changes to sensitive files, and ensuring that the applications adhere to the least privilege principle in terms of file access.
These runtime rules are essential for maintaining the security and integrity of applications running in cloud environments, especially in dynamic and distributed architectures where traditional perimeter-based security controls may not be sufficient.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit