Overview
The initial scan is a comprehensive assessment that evaluates different aspects of your cloud security depending on the protection level (Basic or Advanced) you’ve selected. This scan provides the foundation for ongoing security monitoring and compliance reporting.Basic Package Scan
For users who select the Basic package, the initial scan will focus on essential Cloud Security Posture Management (CSPM) checks.Key Assessments
1. Misconfigurations Cloudnosys checks for misconfigured resources in your cloud account, including:- Security Groups: Incorrectly configured security groups with overly permissive rules
- IAM Roles: Overly permissive IAM roles and policies
- Storage Security: Unencrypted storage buckets and databases
- Network Configuration: Misconfigured VPCs and subnets
- Access Controls: Improper access control configurations
- Permission Verification: Ensures the service account has valid permissions
- Access Validation: Confirms access to the resources it needs to monitor
- Role Verification: Validates that necessary roles exist and are properly configured
- Authentication Method: Verifies that the authentication method (IAM role, service account) is set up correctly
- Secure Communication: Ensures that Cloudnosys can securely interact with your cloud resources
- Permission Validation: Confirms that authentication provides necessary access
- Resource Discovery: Ensures Cloudnosys can discover and access cloud resources
- Permission Verification: Confirms access to EC2 instances, storage buckets, and IAM roles
- Scope Validation: Verifies that the scan covers all intended resources
- Data Retrieval: Confirms that Cloudnosys can retrieve information about cloud resources
- Analysis Capability: Ensures the platform can analyze security and compliance status
- Coverage Verification: Validates that all intended resources are accessible for scanning
Scan Results
Once the scan is completed, Cloudnosys will provide you with a summary of findings, highlighting any misconfigurations or security risks that need attention.Advanced Package Scan
For users who select the Advanced package, the scan includes all the checks in the Basic package, with additional features for enhanced security and real-time monitoring.Additional Advanced Features
1. Enhanced Misconfiguration Detection- Comprehensive Coverage: All Basic package misconfiguration checks
- Advanced Rules: Additional security rules and compliance checks
- Custom Policies: Support for custom security policies
- Role Verification: Confirms that the Cloudnosys-Security-Role has been successfully fetched
- Permission Validation: Ensures the role has necessary permissions for comprehensive scanning
- Cross-Account Access: Validates access across multiple accounts and regions
- Multi-Factor Authentication: Support for MFA-enabled accounts
- Cross-Service Authentication: Validates authentication across multiple cloud services
- Advanced Security: Enhanced security measures for authentication
- Full Resource Discovery: Enhanced resource discovery capabilities
- Cross-Service Scanning: Ability to scan resources across multiple cloud services
- Advanced Permissions: Support for complex permission structures
- Real-time Monitoring: Continuous monitoring of cloud resources
- Threat Detection: Real-time detection of suspicious activities
- Alert System: Immediate alerts for security incidents
- Incident Response: Automated response to detected threats
- Malware Detection: Scans for known malware in your workloads
- Vulnerability Scanning: Identifies OS and application vulnerabilities
- Container Security: Scans container images for security issues
- Continuous Monitoring: Regular scans to detect new threats
Scan Configuration
Pre-Scan Setup
Before the scan begins, ensure:- Account Connection: Your cloud account is properly connected
- Permissions: All necessary permissions are granted
- Resource Access: Cloudnosys can access your resources
- Network Configuration: Proper network access is configured
Scan Parameters
Basic Package Parameters- Scan Scope: All connected resources
- Scan Frequency: Initial scan + scheduled scans
- Resource Types: All supported resource types
- Compliance Frameworks: Basic compliance checks
- Enhanced Scope: Extended resource coverage
- Real-time Monitoring: Continuous threat detection
- Advanced Compliance: Extended compliance frameworks
- Custom Rules: Support for custom security rules
Scan Scheduling
Initial Scan- Automatic: Starts immediately after account setup
- Comprehensive: Full scan of all connected resources
- One-time: Initial assessment of security posture
- Regular Intervals: Automated scans at regular intervals
- Incremental: Scans for changes since last scan
- Customizable: Configurable scan frequency and scope
Understanding Scan Results
Scan Status Indicators
✅ Successful Checks- Green Indicators: Resources that pass security checks
- Compliant Resources: Resources that meet security standards
- Secure Configurations: Properly configured security settings
- Yellow Indicators: Resources with minor security issues
- Recommendations: Suggested improvements for security
- Best Practices: Recommendations for better security posture
- Red Indicators: Resources with critical security issues
- Immediate Action: Issues that require immediate attention
- High Priority: Security risks that need urgent remediation
Scan Reports
Executive Summary- Overall Security Score: High-level security assessment
- Critical Issues Count: Number of critical security issues
- Compliance Status: Current compliance with security standards
- Recommendations: Top-level recommendations for improvement
- Resource-Specific Issues: Detailed issues for each resource
- Remediation Steps: Step-by-step remediation instructions
- Compliance Mapping: Mapping to compliance frameworks
- Risk Assessment: Risk level for each finding
Post-Scan Actions
Immediate Actions
- Review Critical Issues: Address high-priority security issues immediately
- Implement Fixes: Apply recommended security configurations
- Verify Changes: Confirm that fixes are properly implemented
- Re-scan: Run additional scans to verify improvements
Ongoing Monitoring
- Set Up Alerts: Configure alerts for new security issues
- Schedule Regular Scans: Set up automated scanning schedules
- Monitor Trends: Track security posture improvements over time
- Compliance Tracking: Monitor compliance with security standards
Best Practices
Scan Optimization
- Resource Selection: Choose appropriate resources for scanning
- Timing: Schedule scans during low-usage periods
- Scope Management: Balance comprehensive scanning with performance
- Cost Consideration: Consider costs of advanced scanning features
Security Maintenance
- Regular Reviews: Regularly review scan results and findings
- Remediation Tracking: Track progress on fixing security issues
- Policy Updates: Keep security policies up to date
- Training: Ensure team members understand security requirements
Troubleshooting
Common Scan Issues
- Permission Errors: Ensure proper permissions are granted
- Resource Access: Verify that resources are accessible
- Network Issues: Check network connectivity and configuration
- Service Limits: Verify that service limits are not exceeded
Getting Help
- Documentation: Review Cloudnosys documentation for guidance
- Support Team: Contact support for technical assistance
- Community: Join the Cloudnosys community for peer support
- Training: Attend training sessions for advanced features