False Failures for Palo Alto Assessment
Product Name
CIS-CAT Pro Assessor v4
Product Version
All
Date
Nov 1, 2023
Ā
Problem
My Palo Alto assessment report contains false failures.
Ā
Solution
To confirm if the fails are false, do the following:
Generate a CIS-CAT HTML report if you have not already done so.
Navigate to the failure in the report.
Select āShow assessment evidenceā for the failing recommendation.
Find the X-path Value and it to your clipboard
Search for the X-path in the Palo Alto Configuration XML file.
If the X-path is not present in the Palo Alto Configuration XML, the configuration is not present and the failure is accurate.
If the X-path is present in the Palo Alto Configuration XML, and matches the X-path in the assessment evidence, the failure is false. Please submit a ticket to http://cisecurity.org/support
If the X-path is present in the Palo Alto Configuration XML, but does not match the X-path in the assessment evidence, the Benchmark will need to be customized in WorkBench to match the X-path for your environment. For assistance, submit a ticket to http://cisecurity.org/support
Keywords; Palo Alto
Content by Label
Ā