False Failures for Palo Alto Assessment


Product Name

CIS-CAT Pro Assessor v4

Product Version

All

Date

Nov 1, 2023



 

Problem

My Palo Alto assessment report contains false failures.

 

Solution

To confirm if the fails are false, do the following:

  • Generate a CIS-CAT HTML report if you have not already done so.

  • Navigate to the failure in the report.

  • Select “Show assessment evidence” for the failing recommendation.

  • Find the X-path Value and it to your clipboard

  • Search for the X-path in the Palo Alto Configuration XML file.

If the X-path is not present in the Palo Alto Configuration XML, the configuration is not present and the failure is accurate.

If the X-path is present in the Palo Alto Configuration XML, and matches the X-path in the assessment evidence, the failure is false. Please submit a ticket to How Can We Help You?

If the X-path is present in the Palo Alto Configuration XML, but does not match the X-path in the assessment evidence, the Benchmark will need to be customized in WorkBench to match the X-path for your environment. For assistance, submit a ticket to How Can We Help You?

Keywords; Palo Alto

Content by Label


Copyright © 2023

Center for Internet Security®