STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide

V-253544

CAT I (High)

Prisma Cloud Compute must be configured to scan images that have not been instantiated as containers.

Rule ID

SV-253544r961473_rule

STIG

Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-000381

Discussion

Prisma Cloud Compute ships with "only scan images with running containers" set to "on". To meet the requirements, "only scan images with running containers" must be set to "off" to disable or remove components that are not required.

Check Content

Navigate to Prisma Cloud Compute Console's >> Manage >> System >> Scan tab. 

Verify that for Running images, For Running images, "Only scan images with running containers" is set to "Off".

If "Only scan images with running containers" is set to "On", this is a finding.

Fix Text

Navigate to Prisma Cloud Compute Console's >> Manage >> System >> Scan tab. 

For Running images:
- Set "Only scan images with running containers" = "Off".
- Click "Save".