AWS: Configuring CSPM audit

Forcepoint Data Security Cloud | SSE can scan AWS for configuration management to ensure the setting configuration is in compliance with frameworks such as CIS Benchmark.

Configuration does require you to setup API access into AWS. The Amazon S3: Configuring API access guide page will walk you through the ways for connecting Forcepoint Data Security Cloud | SSE to AWS via API. You will need an additional set of policies to enable Forcepoint Data Security Cloud | SSE to audit AWS for security configurations. Forcepoint Data Security Cloud | SSE recommends that you create a new policy for this and assign it to the IAM user or STS token that you are using for the API connection. Once you have followed the steps on this guide page to enable the auditing of AWS configurations you can review the results on the Analyze > CSPM page.