Alert Types #

Cloudnosys generates an alert when any change is made or when your resources are detected to be at risk. 

There are 2 types of alerts: Risk alerts & System alerts.

Risk Alerts #

As risks get detected during a scan, Cloudnosys generates alerts for the risks. These are called risk alerts.

So, when a user clicks on an alert, here for instance we received an alerts saying that “SSH access in not restricted from the internet” it opens up a detail view of the risk:

Showing you the 

1. Signature ID and scanned time
2. Signature title and description

With other details such as Status,Risks Level,Service,Cloud Account on which the risk was identified,Failed & Passed resources and Remediation steps.

System Alerts #

System alerts are alerts generated for a user, for instance when an invite is sent for joining an organization, the user will receive a notification in the System tab.

And by clicking on it, a pop-up will appear & the user can accept or decline the invitation.

Suppression of Alerts #

When an alert is irrelevant, you can manually dismiss it.

Cloudnosys provides a Suppression feature for this to automatically dismiss similar alerts in the future. Suppression can be used for:

• Suppress alerts that you’ve identified as false positives
• Suppress alerts that are being triggered too often to be useful

Your suppression rules define the criteria for which alerts should be automatically dismissed.

Suppress globally or by regulation

Note:

Suppressing security alerts reduces the threat protection of the Security Center. You should carefully check the potential impact of any suppression rule, and monitor it over time.

Creating a suppression rule #

You can create suppression rules in three ways:

1. Suppressing a resource

1. Suppressing a risk from a resource drawer
2. Suppressing risks at Compliance level

 Suppressing a Resource #

For suppressing a resource navigate to Security Dashboard >> Click on any widget >>  Resource finder drawer will be shown >> then Click on the icon:

Select a reason and then Save:

After suppressing, you’ll receive a notification and all reports and widgets will be updated.

Suppressing Risks on a Global Level #

Navigate to the Risks page and find the risk you want to suppress. Click on the Suppress icon (eye) to suppress that risk.

Suppressing Risks on a Compliance Level #

Navigate to the Security Dashboard >> Scroll down to Most Critical Resource >> View risks.

Then click on the Suppress Risk icon:

Select a Cloud account:

A risk can be suppressed:

i) Globally (It’ll dismiss the alert on all resources so you don’t get any alerts like this one in the future.) or 

ii) In a specified report (Your rule can dismiss the alert in the selected report)

Next, you need to select a reason and hit ‘SAVE’

and then you’ll receive a notification:

Edit a Suppression Rule #

To edit the rules you’ve created, use the suppression rules page.

1. From the Navigation menu go to Settings and then select the Suppression Rules 
2. The suppression rules page opens with all the rules

3. Click on the “Edit”

Make the necessary changes and click Save.

Delete a suppression rule #

Unsuppress a resource by clicking on the “Delete”

A modal will appear:

After unsuppressing, you’ll receive a notification

and all reports & widgets will be updated