Cloud Security Posture Management (CSPM)

huma
huma
  • Updated

What is Cloud Security Posture Management (CSPM)?

Cloud security posture management (CSPM) use cases detect and make recommendations to resolve configuration and rule violations in your public cloud resources and services, such as AWS, Azure, GCP, Digital Ocean, and Alibaba Cloud. 

 

How do I get started with CSPM services? 

Connect relevant data sources such as cloud and cluster configs to the Human Managed platform to perform contextualized analysis on CSPM use cases. Click and follow the guides applicable to your data sources: 

  1. Connect AWS Organization with Human Managed via CloudFormation Stack
    Note: this is to onboard the entire AWS Organization and its accounts 

  2. AWS: Connect AWS accounts with Human Managed via CloudFormation Stack
    Note: this is to onboard individual AWS accounts 

  3. Azure: Connect Azure accounts with Human Managed via Terraform Script 

 

CSPM Services

The following standard and optional services are available to CSPM customers. 

CSPM Services  Type Service Description 
Posture Management Standard Contextualized report, notification, and dispatch on cloud misconfigurations and cloud compliance.
Asset Management  Standard Continuous discovery and profiling of your cloud resources, their relationships, and importance to your business.
Alert Management Standard Prioritized triage and notifications of CSPM detections sent via email, Slack, Teams, or other supported channels. 
Incident Management Optional Add-On Contextualized dispatch of recommended decisions and actions of CSPM detections.

 

 

CSPM Use Cases 

The following standard and optional use cases are available to CSPM customers.

CSPM Use Cases Type Use Case Description  Example Insights
Cloud Assets Standard Inventory of uniquely identifiable cloud resources across all your public cloud providers and their relationships 

AWS: IAM Policy, EBS Snapshot, EC2 Network Interface, KMS Key Alias, EBS Volume, etc. 

 

Azure: IAM Role, User, Security Rule, Storage, Disk, Subscription, Virtual Machine, Subnet, etc. 

 

GCP: VPC Sub-Network, VPC Firewall, Compute Disk, Load Balancer Forwarding Rule, etc. 

Cloud Misconfigurations Standard Near real-time monitoring and detection of cloud misconfigurations across different runtime environments (GCP, Azure, AWS, Digital Ocean) from continuous assessment of 2,000+predefined policies.  Policies are continuously updated based on security best practices across different cloud services. 
  • Violated cloud policies, rules, and checks 
  • Cloud asset affected 
  • Violation Severity 
  • Remediation steps for misconfigured controls 
  • Contextualized Priority 
  • Recommended Decisions
  • Recommended Actions
Cloud Compliance (Industry Standards) Add-On

Continuous assessment of your cloud resources' compliance against industry control frameworks and benchmarks:

  • NIST
  • ISO 27001
  • SOC2/3
  • CIS AWS, Azure, GCP
  • Pass / Fail assessment result against controls
  • Overall posture % for NIST, ISO, SOC2/3 frameworks and CIS benchmarks
  • Remediation steps for failed controls 
  • Recommended Decisions
  • Recommended Actions 
Cloud Compliance (Custom) Add-On
  • Custom company standards 
  • Regional industry frameworks (e.g. 
  • MITRE ATT&CK 
  • Pass / Fail assessment result against controls
  • Overall posture % for custom standards and frameworks
  • Remediation steps for failed controls 
  • Recommended Decisions
  • Recommended Actions 

 

Navigating CSPM on the Human Managed app

To navigate to CSPM Page, click Use Cases on the side navigation, and Use Case Report button under CSPM. 

Alternatively, type: https://invicta.io/usecases/cspm on your browser. 

 

Once you are on the CSPM Page, toggle between DASHBOARD and I.DE.A Tabs to get different insights about your cloud posture. 

 

CSPM Dashboard Tab 

The CSPM Dashboard Tab shows summarized metrics, charts, and insights about the cloud resources in scope.  

 

image.png

No. Widget or Section Description
1.  Cloud resources monitored  Metrics on the number of uniquely identifiable cloud resources that are monitored by the Human Managed platform. 
2.  Violation severities by cloud provider  Charts on the number of cloud configuration violations detected by the Human Managed platform and their distribution of severity for each cloud provider environment. 
3. Config scores against Benchmarks  Indicators on the configuration scores in percentage against industry standard benchmarks (e.g. CIS AWS) for each cloud region, cloud account, and cloud provider. 

 

CSPM I.DE.A. Tab

The CSPM Intelligence Decisions and Actions (I.DE.A.) Tab shows contextualized intel and recommended decisions and actions regarding your cloud posture. 

 

No. Widget or Section Description
1.  Summarized intel A contextualized summary metric, chart, or indicator of all open violations detected in your assets (in this case, detection severity)
2. Recommended decision

A contextualized recommendation that gives direction on what to prioritize, based on hm.works's analysis.

 

Click Filter Grid button to filter the data grid below to show the violations in the recommended decision. 

3. Recommended action

A contextualized recommendation that gives the steps to execute the recommended decision. 

 

Click Filter Grid button to filter the data grid below to show the violations in the recommended action. 

4.  Data grid

Interactive data grid on all findings of cloud misconfiguration and violation, including information on:  

  • check name 
  • check severity 
  • affected asset 
  • asset variety 
  • environment 

Useful reference: Guide on how to use and customize data grids on the HM app,  including saving and retrieving custom view. 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.