CSPM Scans on AWS Accounts
CSPM Scans on AWS Accounts
A CSPM scan would ensure that your environment is assessed and measured against compliances, benchmarks and best practices to determine if there are potentially exploitable misconfigurations.
A quick view of the compliances, benchmarks and best practices is shown below:
Security Posture policies help monitor the risk of your IaaS infrastructure and SaaS Apps. These policies will be used when scanning your IaaS and SaaS configuration. When creating a new policy, you can use the predefined profiles and rules which are based on industry benchmarks like CIS, or you can create custom profiles and custom rules.
To perform CSPM scan on AWS/Azure/GCP accounts, ensure that policies are created for these public clouds. During creation of the policy or while editing an existing policy, ensure that the appropriate instances and profiles are selected applicable for that public cloud.
- Navigate to Policies > Security Policy.
- Select creation of a new policy or edit an existing policy.
- Select the appropriate instance and profiles as shown in the images below.