Question 47 - PCSFE discussion

Prisma Cloud Compute offers workload security at runtime by automatically building an allow-list security model for every container and service. Workload security is a type of security that protects applications and data from cyberattacks across different stages of the software development lifecycle, such as development, testing, staging, and production. Runtime security is a type of security that monitors and analyzes workload behavior in real time to detect and prevent malicious activities or anomalous behaviors. Prisma Cloud Compute is a cloud-native solution that provides comprehensive security and visibility across hybrid and multi-cloud environments, covering hosts, containers, serverless functions, and web applications. Prisma Cloud Compute offers workload security at runtime by automatically building an allow-list security model for every container and service, which defines the expected network connections, processes, file system activity, and system calls for each workload based on its baseline behavior. Prisma Cloud Compute then enforces the allow-list security model and blocks any deviations or violations from the expected behavior. Prisma Cloud Compute does not quarantine containers that demonstrate increased CPU and memory usage, automatically patch vulnerabilities and compliance issues for every container and service, or work with the identity provider (IdP) to identify overprivileged containers and services and restrict network access, as those are not methods or features of Prisma Cloud Compute for workload security at runtime. Reference: [Palo Alto Networks Certified Software Firewall Engineer (PCSFE)], [Prisma Cloud Compute Datasheet], [Prisma Cloud Compute Overview], [Prisma Cloud Compute Runtime Defense]