Cloud Command Center - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Administrator Guide

Product
Cortex XSIAM
Creation date
2024-02-26
Last date published
2024-05-22
Category
Administrator Guide
Abstract

See a dynamic overview of the cloud activities on your tenant on the Cloud Command Center.

Notice

This feature requires a Cortex XSIAM Enterprise Plus license.

The Cloud Command Center dashboard provides a dynamic overview of your cloud-based security operations with details about your cloud assets and projects, related incidents, risks and vulnerabilities. From the dashboard you can drill down to dedicated views for further investigation into your cloud platform.

Cloud_command_center.png

The following table describes each section on the Cloud Command Center:

Section

Details

Cloud Assets

Displays information about your cloud platforms, the total number of assets configured per platform, and the total number of cloud projects from of all of your cloud platforms. Hover over the total number of assets to see a breakdown by category.

Line colors represent the connectivity status of the assets. You can hover over the lines to see a breakdown of data ingestion, or details of collection errors.

Note

The data ingestion breakdown is not supported by the Safari web browser. We recommend that you view the dashboard with an alternative web browser.

If you have the enabled the Unified Inventory, you can click on a cloud platform to drilldown to the assets for the selected platform.

Incidents

Displays the total number of incidents opened in the timeframe that are associated with your cloud assets, broken down by severity. Incidents are broken down into automated and manual incidents, where automated incidents contain at least one playbook. You can also see the top nine open incidents as ranked by SmartScore.

Key performance indicators

  • Risks identified by Prisma Cloud, including attack paths, vulnerabilities, and misconfigurations.

  • Total number of assets discovered in the cloud.

  • Cloud data ingested by your cloud platforms in the timeframe, including flow logs and audit logs.