Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

About CSPM Security Configuration Audit

Skyhigh CASB Configuration Audit allows your policy team to discover and monitor the configuration of your  Infrastructure as a Service (IaaS) cloud services, such as AWS, Azure, and GCP. In addition to generating reports for audits, these features minimize risks associated with security misconfigurations and reduce the time to achieve compliance.

Supported services include:

  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Azure Container Registry (ACR)
  • Google Cloud Platform (GCP)
  • Google Container Registry (GCR)

Config Audit policies are grouped into the following categories:

  • Unrestricted Access
  • Identity and Access Management
  • Network Security
  • Encryption
  • Logging
  • Monitoring
  • Certificate And Key Management
  • Backup and Recovery 
  • Infrastructure Management
  • Application Security
  • Others. All custom policies. 

For SaaS, or Microsoft Office 365, see Security Configuration Audit for Saas

Enable Security Configuration Audit

Enable Security Configuration Audit in Settings > Service Management when you create your service instance and select the features. 

When you create your service instance, you can configure notifications to be sent based on different Configuration Audit incident severities as per your organization's requirements. This allows you to avoid being inundated with minor severity incidents alerts. For details, see Enable Configuration Audit Notifications

Security Configuration Audit Page

The Policy > Configuration Audit page provides a high-level view of the configuration policies that are currently active or inactive in your organization's Skyhigh CASB account. You can use the page to enable or disable policies and can filter, group or search policies to gain insights into areas where your organization should improve their security IAAS footing.
clipboard_eb3e877d4ef4473cc9bde94171b890ccd.png

The Security Configuration Audit page provides the following information and actions:

  • Filters. Select options on the Filters tab to scope down your search. 
  • Groups. Displays the policy groups you have created. You can edit and delete the policy groups you have created.
  • Search. Search via the Omnibar
  • Actions. Click Actions to:
  • Policy Name. The name of the Configuration Audit policy. 
  • Status. The status of the Configuration Audit policy, including Active or Inactive. 
  • Service Name. The name of the cloud service provider the policy applies to. 
  • Policy Category. The category of the Configuration Audit policy. 
  • Last Updated. The date the policy was last updated. 
  • Updated By. The user who last updated the policy. 
  • Actions. 

Security Configuration Audit Cloud Card

Click a policy to access the Cloud Card with policy details. 

config_audit_details_5.2.0.png

The Configuration Audit Cloud Card provides the following information and actions:

  • Policy Name. The name of the Configuration Audit policy. 
  • Policy Description. The optional description of the Configuration Audit policy. 
  • Policy Type. The type of policy. 
  • Policy Status. The status of the Configuration Audit policy, including Active or Inactive. 
  • Edit this policy
  • Schedule. The frequency the policy is scheduled to run. 
  • Permissions. The permissions required for this policy to run. 
  • Was this article helpful?