In general, “Risks” refer to potential events, actions, or conditions that may pose a threat, vulnerability, or potential harm to the security, integrity, or performance of your cloud infrastructure. Identifying, assessing, and mitigating these risks is crucial for maintaining a secure and reliable cloud environment.

What are Risks #

Definition #

If any of your cloud resources fail to meet any one security check, they are categorized as having a risk.

Note that risks are always related to at least one resource on your cloud account.

Examples of Risks #

AWS: Default encryption of S3 is not enabled.
Azure: Backup is not enabled for Virtual Machine.
GCP: Cloud Functions have publicly accessible HTTP endpoints.

Types of Risks #

Currently, there are 9 risk types on Cloudnosys:

Authentications
Data at Risk
IAM Misconfigurations
Lateral Movement
Neglected Assets
Vulnerabilities
Malware
OS Vulnerabilities
Third-party Risks

Sources of Risks #

The first 6 types from the list above can also be categorized under the group “Misconfiguration” risks, i.e. risks detected by our own platform’s signatures (built-in security checks).

The next 2 (Malware & OS Vulnerabilities) can be detected in your cloud account using our Cloudxray feature.

The last one (Third-party Risks) can be shown on Cloudnosys via integration with third-party risk detection tools such as Amazon Guard Duty, Amazon Inspector, and AWS Security Hub.

How are Risks counted? #

Risks are identified by evaluating resources against security checks. For example:

Imagine that you have 10 S3 Buckets in your cloud account.
A security check (signature) is performed on all 10 to verify if default encryption is enabled.
If 4 out of these 10 buckets lack default encryption, we count each unencrypted bucket as a separate risk.

Thus, even though only one security check is conducted across multiple resources, each time where the check fails is considered an individual risk. In this example, 4 unencrypted S3 Buckets result in 4 risks.

The Risks page #

Cloudnosys has a dedicated page for Risks. This page enables you to have a centralized view of potential vulnerabilities & security issues within your cloud infrastructure.

Access the Risks page #

There are multiple ways on Cloudnosys to get to the Risks page. The simplest way is to navigate to the Sidebar Menu and find it under the Monitoring section.

Search Bar & Filters #

The Risks page has been equipped with powerful search and filter capabilities to streamline your workflow.

With the Search Bar, you can quickly locate any specific risk by simply entering its name or ID.

This image has an empty alt attribute; its file name is Search-Filter-Risks-page-v1-1024x534.png

Additionally, our intuitive Filter dropdown empowers you to narrow down risks and signatures based on various criteria. Choose from a range of options, including:

Cloud Provider (AWS, GCP, Azure),
Severity (Critical, High, Medium, Low),
Services,
Risk Type,
Data Sources (Cloudnosys built-in Signatures, Cloudxray, and 3rd-party sources), and
Security Groups.

Effortlessly customize your risk view to focus on the areas that matter most to you.

Open Risks tab #

The Open Risks tab displays all types of risks associated with the cloud accounts selected.

Open Risks VS Open Grouped Risks

On Cloudnosys, Open Risks is just another name for existing risks on your cloud account. Whereas, an Open Grouped Risk refers to the same risk existing over one or more resources. Each risk card displayed under the Open Risks tab is associated with one Open Grouped Risk.

For example, observe the screenshot below:

The total number of risks (or Open Risks) is 6. But since there are only 3 different types of risks, we can also say that there are only 3 Open Grouped Risks. Therefore, you only see 3 risk cards on the page.

List View #

Switch between Grid View and List View for a flexible risk management experience. The List View offers a streamlined, vertical format for easy scanning, quick identification, and efficient navigation. This tiny capability enhances your experience with a customizable interface that caters to your preferences and workflows.