False Failures for Palo Alto Assessment

Product Name

CIS-CAT Pro Assessor v4

Product Version

All

Date

Nov 1, 2023

Problem

My Palo Alto assessment report contains false failures.

Solution

To confirm if the fails are false, do the following:

Generate a CIS-CAT HTML report if you have not already done so.
Navigate to the failure in the report.
Select “Show assessment evidence” for the failing recommendation.
Find the X-path Value and it to your clipboard
Search for the X-path in the Palo Alto Configuration XML file.

If the X-path is not present in the Palo Alto Configuration XML, the configuration is not present and the failure is accurate.

If the X-path is present in the Palo Alto Configuration XML, and matches the X-path in the assessment evidence, the failure is false. Please submit a ticket to http://cisecurity.org/support

If the X-path is present in the Palo Alto Configuration XML, but does not match the X-path in the assessment evidence, the Benchmark will need to be customized in WorkBench to match the X-path for your environment. For assistance, submit a ticket to http://cisecurity.org/support

Keywords; Palo Alto

Content by Label

Page:

Feature Enhancement Requests for CIS Products

Center for Internet Security®

Privacy Policy