Continuous checks on the security posture of your cloud accounts are essential to have a secure cloud environment. The Security Posture provides visibility on the following 3 aspects across all of your cloud accounts. The summary section provides the consolidated counts across all accounts and the grid provides account wise details.
- Threats: These are security alerts and threats that originate from the cloud native threat management services such as AWS GuardDuty, Azure Security Center (Standard) are consolidated and displayed here.
- Vulnerabilities: These are the result of vulnerability assessments of the workloads running in your clouds, which is an essential part of cyber security programs. Again these vulnerabilities are fetched from cloud native services including AWS Inspector, Azure Security Center across all your cloud accounts.
- Guardrail Findings: These are policy violations identified in your cloud accounts based on the GuardRails configured for the accounts. These guardrails are industry standards and best practices including those recommended by AWS, Azure. Any violations to such checks are listed here so that appropriate actions can be taken.
To ensure that CoreStack is able to fetch the Threats and Vulnerabilities from the native cloud services, it is required that the respective cloud services are enabled in the preferred regions. Please note that there will be cost impact in enabling these services – but they do go a long way in ensuring security and save huge costs incurred in case of a security breach.
- Refer this link for Azure Security Center pricing: https://azure.microsoft.com/en-in/pricing/details/security-center/
- Refer this link for AWS GuardDuty pricing: https://aws.amazon.com/guardduty/pricing/
- Refer this link for AWS Inspector pricing: https://aws.amazon.com/inspector/pricing/
You can select the View (Eye icon) option in the grid against a specific cloud account to view more details about the no. of threats, vulnerabilities and policy violations. You will be redirected to another tab where you can see:
- Toggle option between Threats, Vulnerabilities and GuardRail Policy Violations. Based on your selection you can view the details.
- Filters for Tenant, Cloud and Cloud Account. Though you come to this view by selecting a specific account, you can just choose a different account right in this view and get the details.
- Account wise count of the no. of findings – shown in a graphical view by severity
- Resource Type wise no. of findings as a widget. You can maximize it to view more details or click VIEW ALL to see the actual list of findings in a grid.
- Findings by Types such as Host, Network, End-point, Monitoring etc, are displayed in another widget. You can maximize it to view more details or click VIEW ALL to see the actual list of findings in a grid.
Updated 2 months ago