README.md

Palo Alto Channel Prisma Cloud UNOFFICIAL Partner Wiki

Created and Maintained by:

• Kyle Butler
• Goran Bogojevic
• John Chavanne
• Dan Weaver

Everything in this repo is community sourced. None of the labs are officially supported by Palo Alto Networks. Everything should be considered best effort. Please feel free to email me directly if you have any issues.

Purpose

To enable internal Palo Alto Network Solutions Architects and channel partner engineers / architects more efficiently and effectively by providing a collaborative space where individuals are able to share, edit, and create documentation specific to Prisma Cloud Enterprise and Compute Edition.

Make sure you read this page! It covers community guidelines and a quick primer on Markdown. Enjoy and thank you!

DevSecOps contents - Links -seperating out for easier navigation.

Prisma Cloud Risk Assessment Resources

• Link to Prisma Cloud Product Certifications
• Link to the Self-Paced Learning (requires a Prisma Cloud License)
• NextWave Deal Registration Form
• Prisma Terraform Provider
• Prisma PCA API Report Script
• Prisma Simple Resource Type Inventory Script
• Prisma Cloud Sales Kit

New Customer Tenant Setup

• Setting Up a New Customer Tenant

Event Tools from Palo Alto Networks

• Prisma Cloud Ultimate Test Drive - An on-demand lab environment
• Prisma Cloud Capture the Flag Event Webpage

Prisma Quoting Selling Calculators and Scripts

• Code Security Per Developer Sizing Script
• Prisma Cloud Enterprise Pricing Guide
• Prisma Cloud Code Security Sizing Script using Checkov
• Prisma Cloud Compute Edition Pricing Guide
• Prisma Cloud Sizing Script for Calculator
• Prisma Cloud Credit Estimator

Environments

• Read-Only Two Day Access Prisma Cloud Enterprise

Service Enablement

• Enable Access to the Prisma Cloud Console -allow communication
• How to avoid alert fatigue in Prisma Cloud
• ProServ Prisma Cloud Enablement Workshop
• Performance Planning for Prisma Cloud Compute
• Prisma Cloud Enterprise Playbook
• Prisma Cloud Architecture & How It Works
• Prisma Cloud Compute Edition Playbook
• Prisma Cloud Compute Operationalize Guide
• Prisma Cloud Compute Troubleshooting Guide
• Operationalize the CSPM side of Prisma Cloud
• Knowledge Base Video Library for Prisma Cloud
• Securing Containerized Applications in Kubernetes: Architecture Guide CN-Series and Prisma Cloud
• Public Cloud Security Overview
• AWS Architecture Guide - VM Series
• Azure Architecture Guide - VM Series & Prisma Cloud
• GCP Architecture Guide - VM Series & Prisma Cloud
• Prisma Cloud Deployment Methodology
• Prisma - Public Cloud Track: Description and Prereqs
• Prisma Session Recordings and Presentation Materials
• Prisma Cloud CPSP Workshop Matrix
• Live Community Prisma Global SASE and Prisma Cloud
• Prisma Compute As-Built
• Prisma Cloud Enterprise As-Built
• Set up VM Image Scanning
• Set up Agentless Scanning
• Prisma Cloud Field Guide

Sales Presentation Materials

• FedRamp PANW Marketplace
• Prisma FedRamp page
• ROI for Prisma Cloud
• Customer Presentation Deck - needs to be updated. Reach out to me or our team directly if you'd like a copy of the most recent presentation/golden pitch deck.
• Cloud Threat Defense
• WildFire Prisma Cloud Blog
• Why Microsegmentation Policy as Code is Important for DevOps

Data/Overview Sheets

• Code Security Datasheet
• CWPP Datasheet
• CIEM DataSheet
• Secure Managed Kubernetes
• Prisma Cloud for Azure Quick Overview Sheet
• Prisma Cloud for AWS Quick Overview Sheet
• Prisma Cloud for GCP Quick Overview Sheet
• NCCG Security Report on Istio

Partner sourced blogs and content - Please add to this!

• Optiv Blog on Cloud Security - Thank you Ramy
• Optiv Blog on K8s and Prisma Cloud
• Optiv Blog on Container Security and Prisma Cloud
• Unit42 Blog on Azure Container Service
• Optiv Blog on IaC
• Insight Sourced Article on the challenges of Kubernetes - Thank you Chase
• Insight Sourced Podcast on Kubernetes - Thank you Chase

Walkthroughs and Tutorials for Demo Environments/Pre-Sales Beginner CWPP Labs:

Link to the Self Paced Learning (requires a Prisma Cloud License)

These labs were created or curated by Kyle Butler, John Chavanne, and Goran Bogojevic in order to learn different aspects of the technology and gain familiarity with the Prisma platform:

• Labs for Self-Hosted Compute (note: some require access to our OVA where some components are already pre-built)

  • Minikube VM Prisma Cloud Compute Deployment - self-hosted mini lab - DVWA - Docker - Kubernetes - App Embedded Defenders
  • Prisma Cloud Compute OneBox on K3S for demo lab environment - Maintains State after reboot
  • Prisma Cloud Compute - Lab Set-up Docker Compose Tutorial
  • WAAS - DVWA - SQL Injection - Demo Instructions
  • Prisma Cloud Compute - Docker Role Based Access Control Tutorial
  • Runtime defense - WAAS - Command Injection - Demo
  • Build a CI Pipeline test to scan containers for vulnerabilities and configuration issues - requires the lab set-up referenced here or the ova Prisma Compute Lab
  • Build a CI Pipeline test to scan IaC Templates - requires the lab set-up referenced here or the ova Prisma Compute Lab

• Labs for Prisma Cloud Enterprise - requires access to an Enterprise license

  • Prisma Cloud Code Security integration with Terraform Cloud - Run Tasks & Sentinel Policies
  • Prisma Cloud CSPM RESTFUL API Tutorial with Hashicorp Vault
  • AWS ECR (Elastic Container Repository) Deployment
  • Install Defenders in Public Cloud
  • Runtime Defense & WAAS - SpringShell Attack & Protect on AWS with optional Shift-Left capabilities
  • Microsegmentation lab

• Labs for either Enterprise or Compute - written to be agnostic and should be able to use with either version

  • Defending Against Kernel Vulnerabilities Like Dirty Pipe Using Custom Compliance Checks
  • Twistcli Manual Docker Image Scan

• Labs not requiring Prisma Cloud license

  • Show Security Risks of Running a Container in Privileged Mode

Official Palo Alto documentation for setting up a lab environment

• Prisma Cloud Compute How to create custom Runtime Rules
• Using Prisma Cloud Microsegmentation to Secure Hipster-Shop a GKE Microservices Demo
• OneBox Deployment Guide - Easiest lab deployment
• Prisma - Cloud Bees Integration with Kubernetes
• AWS ECR (How to set-up registry scanning in Prisma)
• Prisma Cloud Compute System Requirements
• Add a New Compliance Report
• Create Custom Compliance Standard
• Prisma Cloud RQL
• RQL Reference Guide
• RQL Example Library
• Configure Auto Remediation Alerts
• Create a Policy
• Manage Prisma Cloud Alerts
• Compliance Dashboard

On-board a cloud account

• AWS Onboarding for Prisma Cloud Enterprise
• Azure Onboarding for Prisma Cloud Enterprise
• GCP Onboarding for Prisma Cloud Enterprise

Learning Resources

• Prisma Cloud Blast Guide
• Link for Prisma Cloud Official Partner Portal
• QWIK LABS - Securing Cloud Applications with Prisma Cloud by Palo Alto Networks
• PAN Digital Learning Center
• Registration for bi-weekly Prisma Learning Webinar

Certification specific to Prisma

• Certification Page

Official Palo Alto Documentation for Admins/Dev

• Prisma Cloud Data Security
• Prisma Cloud IaC
• Prisma Enterprise Dev RQL & API Documentation
• Prisma Compute API Documentation
• Prisma Cloud Documentation from Palo Alto--Look at the bottom of the page
• MicroSegmentation Documentation
• Prisma Cloud Compute - Admin Guide
• Prisma Cloud - Admin Guide
• Prisma Cloud Compute Operationalize Guide
• Prisma Cloud Data Processing, Privacy, & Retention

Integrations:

• Prisma Cloud Integrations
• Integrate with Amazon SQS
• Integrate with AWS Inspector
• Integrate with Amazon GuardDuty
• Integrate with AWS Security Hub
• Integrate with Cortex XSOAR
• Integrate with Google Cloud Security Command Center
• Integrate with Jira
• Integrate with Microsoft Teams
• Integrate with PagerDuty
• Integrate with Slack
• Integrate with Splunk
• Integrate with ServiceNow
• Integrate with Tenable
• Integrate with Qualys
• Integrate with Webhooks
• Integrations - Supported Capabilities
• Prisma Cloud Compute Data Dog Integration

Cloud Infrastructure Tutorials

• MS365 Graph API
• Terraform Tutorials
• Digital Ocean Terraform Tutorials

Prisma Cloud Overviews and Demos

• Prisma Cloud Learning Guide
• Prisma Cloud At a Glance
• Prisma Cloud Compute At a Glance
• Prisma Cloud: Securing AWS
• Prisma Cloud: Securing GCP
• Prisma Cloud: Securing Azure
• Prisma Cloud: Secure Managed Kubernetes
• Demo- Cloud Monitoring and Compliance

Compliance Information

• CISA/NSA OWASP top 10 CI/CD Risks Executive Briefing
• DoD Kubernetes Hardening Guidelines
• Software Assurance Maturity Model (SAMM)
• DOD Cloud Security Guidelines
• CCPA
• What is GDPR the EU's new data protection law?
  • GDPR
• What are STIGS?
  • STIG Viewer
  • DISA STIG PAGE
• What is the NIST SP 800-171 and Who Needs to follow it?
  • Carnegie Mellon University NIST 800-171 Overview
  • NIST 800-171 Rev 2.
• PCI-DSS Security
• MITRE ATTACK FRAMEWORK OVERVIEW
  • Working with the MITRE ATT&CK Framework
• About the CIS
  • CIS Benchmarks

Industry Reports

• Innovation Insight for Cloud-Native Application Protection Platforms - Gartner
• Supply Chain Security Paper - CNCF
• Is the Cloud Secure - Gartner
• Unit 42 Cloud Threat Report, 1H 2021 - Palo Alto Networks
• Cloud Computing Statistics - Cloudwards
• Global Ransomware Damage Costs (multiple reports) - Cybersecurity Ventures:
  • 2017 Report
  • 2021 Report
• 2019/2020 Official Annual Cybersecurity Jobs Report - Cybersecurity Ventures & MIT
• Gartner Hype Cycle for Cloud Security, 2021
• The Total Economic Impact of Prisma Cloud, June 2021 - Forrester
• 2021 State of DevOps report - Puppet
• The Life and Times of Cybersecurity Professionals 2021 Volume V - ESG & ISSA

Experiments and Projects

• The XDR and Prisma Cloud Better Together Experiment

MISC

• Bridgecrew Deal Referral Program for Nextwave Partners
• Prisma Cloud Administrator Permissions

Entertainment

• Cloud Security Strategy
• Feeling overwhelmed by the technology ecosystem?
• Chase's Entertainment Section Contribution