When a scan is started, it checks for the cloud provider (AWS, Azure or GCP) to collect resources available on your cloud infrastructure. Cloudnosys has two types of scan, you can run a scan manually or schedule scan with different time intervals daily, weekly, or monthly.
When a scan is run, each resource is checked against a risk. For this purpose, we use signatures (Native or Custom signatures ). Each signature checks for one risk in your resources.
There could be resources for which you don’t want them to be scanned, so you can suppress them & the scan engine will isolate them and alerts will not be generated for them.
When the scan is completed, it generates risks and updates :
- Dashboards, compliance regulations, and inventory and risks are generated accordingly.
- Other modules are triggered when any change in infrastructure is made. You can integrate custom apps to Cloudnosys & get notified of the security risks & alerts in your cloud infrastructure. For instance, we have set a playbook for a risk that says that if S3 versioning is not enabled, generate an alert or send a message via Slack.