The Skyhigh CASB AWS configuration audit On-Demand Scan applies to ECS and EKS automatically. But first, activate the Policy Templates for CSPM.
For details on Container Vulnerability Scans, see About Vulnerability Scans.
Run the On-Demand Scan
- Go to Policy > On-Demand Scans.
- Find the scan Security Configuration Audit Scan for AWS.
- Click the Scan Name link to view details.
- Under Policies, click + to view all Policies that are used in the scan.
- Click Confirm, then click Run Scan Now. The Scan Estimation will display the time required for the scan to complete.
View Scan Incidents
- When the scan completes, go to Policy > On-Demand Scans.
- For the Security Configuration Audit Scan for AWS, click the Scan Instances link.
- Click Errors to view the errors you need to correct.
- Click the Incidents link of the scan you want to investigate. Or Under Item Type, select ECS and EKS items.
- On the Scan Incidents page, select an incident to see the Cloud Card.
- See What you can do for steps you can take to resolve the incident.
- Click View All Content to see more details.
- Click OK to dismiss the dialog.