elastic · benironside · Jan 8, 2026 · Jan 6, 2026 · Jan 6, 2026 · Jan 6, 2026
@@ -48,7 +48,8 @@
 * [Microsoft Defender for Cloud](/solutions/security/integrations/microsoft-defender-for-cloud.md)
 * [Microsoft Defender for Endpoint](/solutions/security/integrations/microsoft-defender-for-endpoint.md)
 * [Microsoft Defender XDR](/solutions/security/integrations/microsoft-defender-xdr.md)
+* [Palo Alto Prisma Cloud](/solutions/security/integrations/prisma-cloud.md)
 * [Qualys VMDR](/solutions/security/integrations/qualys.md)
 * [Rapid7 InsightVM](/solutions/security/integrations/rapid7.md)
 * [Tenable VM](/solutions/security/integrations/tenablevm.md)
 * [Wiz](/solutions/security/integrations/wiz.md)
@@ -0,0 +1,27 @@
+---
+applies_to:
+  stack: ga 9.3
+  serverless:
+    security: ga
+products:
+  - id: security
+  - id: cloud-serverless
+---
+
+# Prisma Cloud
+
+This page explains how to make data from the Prisma Cloud integration appear in the following places within {{elastic-sec}}:
+
+- **Findings page**: Data appears on the [Vulnerabilities](/solutions/security/cloud/findings-page-3.md) tab and the [Misconfiguations](/solutions/security/cloud/findings-page.md) tab.
+- **Alert and Entity details flyouts**: Applicable data appears in the [Insights section](/solutions/security/detect-and-alert/view-detection-alert-details.md#insights-section).
+
+
+In order for Prisma Cloud data to appear in these workflows:
+
+* Follow the steps to [set up the Prisma Cloud integration](https://docs.elastic.co/en/integrations/prisma cloud).
+* Make sure the integration version is at least 4.0.0.
+* Ensure you have `read` privileges for the following indices: `security_solution-*.misconfiguration_latest`, `security_solution-*.vulnerability_latest`.
+
+
+Your Prisma Cloud data should now appear throughout {{elastic-sec}}.
+
@@ -1,3 +1,3 @@
 project: "Solutions and use cases"
 toc:
  - file: index.md
@@ -686,18 +686,19 @@
               - file: security/cloud/capture-environment-variables.md
       - file: security/integrations/ingest-third-party-security-data.md
         children:
-          - file: security/integrations/cncf-falco.md
-          - file: security/integrations/aws-security-hub.md
-          - file: security/integrations/wiz.md
-          - file: security/integrations/qualys.md
-          - file: security/integrations/tenablevm.md
-          - file: security/integrations/rapid7.md
           - file: security/integrations/aws-config.md
           - file: security/integrations/aws-inspector.md
+          - file: security/integrations/aws-security-hub.md
+          - file: security/integrations/cncf-falco.md
+          - file: security/integrations/google-security-command-center.md
           - file: security/integrations/microsoft-defender-for-cloud.md
           - file: security/integrations/microsoft-defender-for-endpoint.md
           - file: security/integrations/microsoft-defender-xdr.md
-          - file: security/integrations/google-security-command-center.md
+          - file: security/integrations/prisma-cloud.md
+          - file: security/integrations/qualys.md
+          - file: security/integrations/rapid7.md
+          - file: security/integrations/tenablevm.md
+          - file: security/integrations/wiz.md
       - file: security/investigate.md
         children:
           - file: security/investigate/timeline.md