From 640038e4a978fc507cfe499783778abdda20b9d1 Mon Sep 17 00:00:00 2001 From: Kamesh-PaloAlto <166385805+Kamesh-PaloAlto@users.noreply.github.com> Date: Wed, 9 Oct 2024 12:10:43 +0530 Subject: [PATCH] CWP-61917 - Multiple Intelligence Builders --- .../technology-overviews/intel-stream.adoc | 22 ++++++++++++++++--- .../intelligence-stream.adoc | 7 +----- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/docs/en/compute-edition/33/admin-guide/technology-overviews/intel-stream.adoc b/docs/en/compute-edition/33/admin-guide/technology-overviews/intel-stream.adoc index 7dc63397d7..9b00d908f8 100644 --- a/docs/en/compute-edition/33/admin-guide/technology-overviews/intel-stream.adoc +++ b/docs/en/compute-edition/33/admin-guide/technology-overviews/intel-stream.adoc @@ -4,16 +4,32 @@ The Prisma Cloud Intelligence Stream (IS) is a real-time feed that contains vuln In addition to the information collected from official feeds, Prisma Cloud feeds are enriched with vulnerability data curated by a dedicated research team. Our security researchers monitor cloud and open source projects to identify security issues through automated and manual means. As a result, Prisma Cloud can detect new vulnerabilities that were only recently disclosed, and even vulnerabilities that were quietly patched. -The Prisma Cloud Console automatically connects to the intelligence server and downloads updates without any special configuration required. The Intelligence Stream (IS) is updated several times per day, and the consoles check continuously for updates. +The Prisma Cloud Console automatically connects to the Intelligence Stream server and downloads updates without any special configuration required. The Intelligence Stream (IS) is updated several times per day, and the consoles check continuously for updates. ifdef::compute_edition[] You can update Console vulnerability and threat data even if it runs in an offline environment. For more information, see xref:../tools/update-intel-stream-offline.adoc[Update Intelligence Stream in offline environments]. endif::compute_edition[] -When the Prisma Cloud Intelligence Stream is updated in a specific release, the changes affect all customers, even if the console isn't on the latest version. +=== Multiple Intelligence Stream (IS) Builders -*Note*: Some updates to the Intelligence Stream might require upgrading the console and Defenders to support the new changes. These dependencies will be notified in the *Intelligence Stream Updates* section of the Prisma Cloud Release Notes. +Prisma Cloud introduces versioning for the Intelligence Stream (IS) to ensure compatibility across different Console and Defender versions. + +The purpose of Intelligence Stream (IS) versioning is to: + +* *Maintain functionality for older Consoles and Defenders*: IS versioning ensures that older Consoles and Defenders continue to operate properly, even if they are unable to support the latest intelligence feeds, such as changes in external data feed formats. + +* *Reduce disruptions*: Versioning helps minimize disruptions caused by updates, such as changes in downloaded JSON file fields that could impact CVE accuracy or result in duplicate CVEs. + +Intelligence Stream (IS) versions will be aligned with specific Console versions. For example, older 31.xx and 32.xx Consoles will be supported by the IS version released for Console 33.00. + +To ensure consistency in vulnerability reporting across all Intelligence Stream (IS) versions, the following approach is implemented: + +* *New Intelligence Stream (IS) logic updates*: These updates will only apply to the latest IS versions. When customers upgrade to the latest Console version, they will receive the most recent IS logic updates. + +* *Vulnerability data*: All IS versions will continue to provide up-to-date vulnerability information, and changes in IS logic or algorithms will not affect the vulnerability metrics and reporting in the Console. + +*Note*: Updates related to the Intelligence Stream will be notified in the *Intelligence Stream Updates* section of the Prisma Cloud Release Notes. diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/runtime-security-components/intelligence-stream.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/runtime-security-components/intelligence-stream.adoc index 850b74bde2..418194ad1e 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/runtime-security-components/intelligence-stream.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/runtime-security-components/intelligence-stream.adoc @@ -5,9 +5,4 @@ The Prisma Cloud Intelligence Stream is a real-time feed that contains vulnerabi In addition to the information collected from official feeds, Prisma Cloud feeds are enriched with vulnerability data curated by a dedicated research team. Our security researchers monitor cloud and open source projects to identify security issues through automated and manual means. As a result, Prisma Cloud can detect new vulnerabilities that were only recently disclosed, and even vulnerabilities that were quietly patched. -The Prisma Cloud console automatically connects to the intelligence server and downloads updates without requiring any special configuration. The Intelligence Stream is updated several times per day, with consoles continuously checking for updates. - -When the Prisma Cloud Intelligence Stream is updated in a specific release, the changes affect all customers, even if the console isn't on the latest version. - -*Note*: Some updates to the Intelligence Stream might require upgrading the console and Defenders to support the new changes. These dependencies will be notified in the *Intelligence Stream Updates* section of the Prisma Cloud Release Notes. - +The Prisma Cloud console automatically connects to the Intelligence Stream server and downloads updates without requiring any special configuration. The Intelligence Stream is updated several times per day, with consoles continuously checking for updates.