CSM Misconfigurations comes with more than 1,300 out-of-the-box compliance rules that evaluate the configuration of your cloud resources and identify potential misconfigurations. Each compliance rule maps to one or more controls within a compliance standard or industry benchmark. You can also create custom frameworks to define and measure compliance against your own cloud security baseline.

View your compliance posture

View a high-level overview of your compliance posture for each framework on the CSM Misconfigurations Compliance page. Click a framework to see a detailed report that gives you insight into how your configuration scores against the framework’s requirements and rules.

• Star: Pin a framework to the top of your table.
• Score: The posture score for the rules in the given framework.
• Change: The difference in posture score over the chosen time range (defaults to 1 month). Hover to see details.
• Failing Rules: All the rules failing in the framework. Hover for more details.
• Resources Passing: Of all the resources evaluated by rules in the framework, the percentage of which pass all the rules in the framework.
• Framework Overview: A detailed report that gives you insight into how you score against a framework’s requirements and rules.
• Explore Resources: A filtered view of the Misconfigurations page that shows resources with misconfigurations for the selected framework.
• Configure Rules: Customize how your environment is scanned and set notification targets by modifying the compliance rules for each framework.

Explore compliance framework reports

Compliance framework reports show which rules are failing in your environment, along with details about the misconfigured resources.

The summary at the top of the report shows the posture score, the top five most severe rule failures, and a detailed breakdown of the rules based on severity. You can also explore your past posture with the time selector, download a PDF or CSV copy of the report, and filter the page by account, team, service, and environment tags.

Below the summary is a complete listing of all rules associated with the framework, organized by default by requirements and controls, along with the number of resources checked by the rule, the percentage of failures, and the change in resources passing the rule over the chosen time period.

Search for a rule name to filter the list, or group by requirement, control, severity, resource type, or resource category to organize the list. You can also click a table column header to sort by that column within the group.

Select a rule to view details about the misconfigured resources, the rule description, its framework or industry benchmark mapping, and suggested remediation steps. Then, you can click a specific resource to get more details.

Further reading

お役に立つドキュメント、リンクや記事:

Getting started with CSM MisconfigurationsDOCUMENTATION Explore default CSM Misconfigurations cloud configuration compliance rulesDOCUMENTATION Search and explore misconfigurationsDOCUMENTATION