[Compute CWP-39605]: Clarify denied listening ports for App-embedded

PaloAltoNetworks · Apr 10, 2023 · a7035fc · a7035fc
1 parent 4fb108e
commit a7035fc
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/compute/admin_guide/runtime_defense/runtime_audits.adoc b/compute/admin_guide/runtime_defense/runtime_audits.adoc
@@ -325,7 +325,7 @@ Hosts
 |Explicitly Denied Listening Port
 |Indicates a container process is listening on a port that is explicitly listed in the *Listening ports* list, under *Denied & fallback*.
 
-For App-embedded and Serverless, this indicates ports that are not listed in the Allowed Listening ports list.
+For App-embedded, this indicates ports that are not listed in the Allowed Listening ports list, or they are on denied list.
 
 |Process <process name> is listening on port <port> explicitly denied by a runtime rule
 
@@ -338,7 +338,7 @@ App-embedded
 |Explicitly Denied Outbound Port
 |Indicates a container process uses an outbound port that is explicitly listed in the *Outbound internet ports* list under *Denied & fallback*.
 
-For App-embedded and Serverless, this indicates ports that are not listed in the *Outbound ports* list under *Allowed*.
+For App-embedded, this indicates ports that are not listed in the *Outbound ports* list under *Allowed*, or they are on denied list.
 
 |Outbound connection <process> to port <destination port> (IP: <destination ip>) is explicitly denied by a runtime rule.