Understanding CSPM Reports

Clicking into one of the reports on the CSPM page will allow you to investigate the details of the scan showing number of violations or buckets that are configured to be public.

The reports page is separated into two tabs—Summary and Investigate.

Summary

The Summary tab displays a high level overview of the results of the audit scan and can help admins quickly identify how many compliance violations they have or if their data/systems are publicly exposed.

There are three distinct parts to this page to provide important information to review.

AWS



Azure



  • The Cloud Security Posture box in the top left provides a quick snapshot of the number of violations.
    • AWS: DLP matched objects that are exposed publicly as well as the total number of resources that meet compliance.



    • Azure: Total violations as well as resourced that passed compliance.


  • The middle pie graphs and accompanying information show a break down of the overall violations.
    • AWS: Top 5 patterns and how many objects each contains while also displaying the number of violations broken down by service. The information above the pie graphs indicate number of buckets and how many are exposed publicly as well as how many resources found and how many total data patterns were matched.


    • Azure: Shows total resources that were in violation by the service.


  • The Violations Over Time graph will display the number of violations by service over time to help admins identify if violations have been increasing or if they have been resolved over time.
    • AWS


    • Azure


Investigate

The Investigate tab shows a full break down of each of the rules that the scan checked against and whether you meet compliance.

AWS and Azure

  1. Rule: Displays the name/description of the rule being checked against.
  2. Service: Lists the service that was checked by the rule.
  3. # Resources Failed: In the vent that you have more than one resource that would apply to the rule being checked, then this will display the number of resources that failed the check out of the total number of resources found.
  4. Compliance: A green check mark or a red X indicates whether you meet compliance for the rule being checked.