At the heart of our security and compliance monitoring system lies a powerful tool: Signatures. Essential to our proactive strategy, Signatures are meticulously crafted, rule-based checks. They work tirelessly, scanning your resources continuously to ascertain alignment with the most stringent security and compliance standards.
Introduction #
Definition #
Signatures are security checks on Cloudnosys that evaluate resource configurations against security benchmarks to identify risks.
Examples #
1. AWS: EC2-025
2. AZU: VM-005
3. GCP: IAM-001
Non-Examples #
Cloudnosys shows other non-signature risks as well, namely Malware & OS Vulnerabilities. But you may be wondering: why are security checks for these two NOT called ‘signatures’?
Because these security checks do not evaluate the configuration of resources – which goes against the definition of Signatures.
Relationship with Risks #
Signatures play a critical role in risk detection on Cloudnosys. Each time a signature identifies a configuration that does not meet the required security standards, it is flagged as a ‘failed’ signature, leading to the generation of a risk.
Conversely, a ‘passed’ signature indicates compliance and does not generate a risk.
Example:
- Consider the signature AWS: EC2-025 that is titled “Ensure that existing EC2 instances have termination protection enabled”.
- If Cloudnosys finds an EC2 instance without Termination Protection, the signature ‘fails’ for that instance, thereby generating a risk.
- This risk is then cataloged and made accessible for review and action on the Risks page.
Signature Types #
Native #
Native Signatures are the signatures that are pre-built in Cloudnosys and are available for all users. All the signatures mentioned above so far are examples of native signatures.
Custom #
As the name implies, users can create their own signatures. For more information, go to this page: Custom Signatures.
Signatures Library #
Signatures are readily accessible within the Cloudnosys platform. To view them, navigate to the ‘Signatures Library’ tab, which is integrated into the Risks page.
For a more tailored experience, utilize the Search Bar and Filters to quickly pinpoint specific signatures that meet your criteria or are relevant to your resources.
