False Failures for Palo Alto Assessment

Owned by Nick Romanzo, created
Last updated: Nov 01, 2023 by Amanda McGown
2 min read

Product Name

CIS-CAT Pro Assessor v4

Product Version

All

Date

Nov 1, 2023

Ā 

Problem

My Palo Alto assessment report contains false failures.

Ā 

Solution

To confirm if the fails are false, do the following:

  • Generate a CIS-CAT HTML report if you have not already done so.

  • Navigate to the failure in the report.

  • Select ā€œShow assessment evidenceā€ for the failing recommendation.

  • Find the X-path Value and it to your clipboard

  • Search for the X-path in the Palo Alto Configuration XML file.

If the X-path is not present in the Palo Alto Configuration XML, the configuration is not present and the failure is accurate.

If the X-path is present in the Palo Alto Configuration XML, and matches the X-path in the assessment evidence, the failure is false. Please submit a ticket to http://cisecurity.org/support

If the X-path is present in the Palo Alto Configuration XML, but does not match the X-path in the assessment evidence, the Benchmark will need to be customized in WorkBench to match the X-path for your environment. For assistance, submit a ticket to http://cisecurity.org/support

Keywords; Palo Alto

Content by Label

Copyright Ā© 2023

Center for Internet SecurityĀ®

Ā