...
...
...
...
...
...
| Table of Contents |
|---|
General
...
What is CSPM?
Cloud Security Posture Management is a tool for monitoring a cloud environment and ensuring compliance against a variety of mandates such as HIPAA or PCI Compliance.
What can CSPM not do?
It does not currently provide any incident management response and automated remediation.
Who is this for?
Anyone interested in securing a cloud environment.
...
A control is a configuration check. Each check applies to a specific service/resource. Here are some examples:
MFA should be enabled for console user - applies to AWS IAM Service and IAM User Resource
Password policy should have upper case letter enforced - applies to AWS IAM Service
Security group should not allow inbound access on port 22 from 0.0.0.0 - applies to EC2/VPC services and Security Group Resource
What is a resource?
A Resource is an entity that you can work with. Resources appear in CSPM if they are in scope of a control when a Report is run. Examples include an Amazon EC2 instance, IAM User, or Security Group. Resource discovery requires the creation of a connector.
...
| Expand | ||
|---|---|---|
| ||
|
We support controls for following Azure resources:
| Expand | ||
|---|---|---|
| ||
|
We support controls for following Google Cloud Platform (GCP) resources:
| Expand | ||
|---|---|---|
| ||
|
Pass/Fail - In an interactive report, the Control Pass/Fail displays the compliance status for a particular control.
...
Remediation instructions are dependent on resource type and are provided in the details of the report. For more information see the Remediation section in the Reports documentation.
After I remediate an issue, how do I see that update on my report?
...
They are created at the following levels:
AWS - account level
Azure - subscription level
GCP - project level
Resources
...
Why can't I see all of my resources in the Resources tab?
The Resources tab only shows those resources that have been evaluated per the controls of a given mandate in the preparation of a report. If Reports do not require the evaluation of a resource, then it will not be included in the Resources tab.
Controls
...
Can I customize or disable controls?
That is not possible at this time.
Data Lake
...
What is a data lake?
A centralized repository that allows storage of structured and unstructured data. In this case it is used to store all data related to CSPM.
...
The data lake can be used to see changes over time to reports, examine data related to specific controls or resources, or be used to create visualizations.
Was this helpful?
Table of Contents