Versions Compared

Old Version 20

changes.mady.by.user Former user

Saved on

compared with

New Version 21

changes.mady.by.user Luke Fritz (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
id1748741948
Section
id1748741968
Section
background-color$lightGrayColor
id1748741947

Table of Contents
maxLevel3
minLevel3

Section
id1748741958

Reports in CSPM provide a pass/fail score percentage for a selected mandate against resources in a cloud environment. Mandates are made up of controls that your environment is evaluated against. The accumulation of these pass/fail metrics is delivered as the report.


Anchor
Create a New Report
Create a New Report
Create a New Report

Users can Create a Report to begin using new connectors to evaluate environments. The cloud environment associated with the report will be scanned based on the mandate selected.

Info
Duplicate reports cannot be configured for a connector.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Reports under Compliance.

  2. Click the New Report button.
    1. The New Report form will slide into view from the right side of the screen.
  3. Click the icon of the appropriate Cloud provider.
    1. Amazon Web Services
    2. Google
    3. Microsoft Azure
  4. Select the Mandate to be used for the environment.
  5. Create a descriptive name for the report.
  6. Select the connector or connectors you wish to include in the report.
    1. Selecting multiple connectors will roll each of those environments up into this one report.
  7. Click the Create Report button.


View An Existing Report

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Reports under Compliance.
  2. Click the link to the Report listed in the Name column.
    1. Expanding the view of the report will display the Connector, Policy name, and Created On date for the report.
      1. AMP will only display the most recent report.

In the Overview screen, hovering over a report will then display three dots you can click on . From here, users can:

  • Rerun Report, which updates the results.
    • Action is limited to once every 4 hours
  • Delete a report
  • View Policies within a report, which takes the user to the Policies tab
    • Tab is filtered to display policies included in the report

Image Added


Clicking on the drop down arrow next to the name of the report shows additional details:

  • Connector - connector name associated with the report
  • Created On - the created on date for the report
  • Policy Name - grouping of policies that are associated with the report

Image Added


Users can click the Policy Name link to view a list of policies belonging to the mandate selected when the report was created.

Image Added


Understanding Reports

Users can click on the name of the report to view the report details page which contains the results of the environment scan. Depending on the mandate selected for that report, the details will be displayed and should look something like the below:

Image Added


The report summary section at the top contains:

  • Pass/Fail rate with the number of resources associated.
  • Controls - This is how many total controls are part of this report.
  • Policies - This is how many policies the selected mandate contains.
  • Requirements - Total number of requirements as part of the mandate.
  • Evaluations - Total number of resources in the cloud environment that were evaluated.

At the bottom of the report details are options to export the report to CSV or PDF.

Here all the requirements for the mandate selected when creating the report are visible. The report will display the Pass/Fail percentages at each level as the requirements and sub-requirements are expanded. At the lowest level the individual controls that make up the requirements are shown as displayed below:

Image Added


At this level the control id is on the left and the pass rates for each individual control are on the right as well as how many resources were evaluated for that control. Under each control there are two links: Remediation and Advanced Query.

Note

All data in CSPM is driven by reports. Report data is not automatically updated. If changes have been made to the environment, to see the effects of those changes, a report will need to be re-run. Re-running a report will update relevant data on all the tabs. How to re-run a report is explained in the View An Existing Report section of this page.


Anchor
Remediation
Remediation
Remediation

For each control, there are remediation steps and the resources that were examined for that particular control. Following the remediation steps for each resource that did not pass will allow that control to become a pass after the report is run again.

The Remediation link will open up additional tabs in a sidebar where you can get the remediation steps and resources for the control as shown below:


Image Added


Resources

The Resources tab shows only the resources that have been evaluated per the mandate chosen for a report. Mandates test against specific controls, so if a resource is not in scope for a control, it will not appear in the Resources tab. In other words, the Resources tab is not a table of all a customer's assets, but rather a list of those assets that have been included in a report.

Due to the large volume of data for resources, it can take a while for the data to populate even after the report has been run and has results. Shown below, by clicking on the Export button resources can be exported to CSV.


Image Added

By clicking on the resource name, details for the resource can be seen as shown below:


Image Added






Was this helpful?