How does Cloudsploit avoid reading sensitive user data?
CloudSploit performs read-only API calls to the control-plane of the IaaS account. For example, in AWS, we make calls to list EC2 instances, S3 buckets, RDS...
Sun, 10 Nov, 2019 at 12:02 PM
Can I limit who can log into my CloudSploit account?
Yes. SAML users can define specific domains that are allowed to be added to the account as just-in-time (JIT) users.
Sun, 10 Nov, 2019 at 12:03 PM
What is the account session timeout?
The default timeout is 1 hour. This can be changed upon request.
Sun, 10 Nov, 2019 at 12:03 PM
How do I change the administrator of the account?
Account administrators can be added or removed from the "Users & Groups" page in the CloudSploit console.
Sun, 10 Nov, 2019 at 12:04 PM
What data does CloudSploit collect from the cloud providers?
CloudSploit adheres strongly to the principle of least privilege and aims to collect the least amount of information necessary to provide its service. Depen...
Wed, 19 Feb, 2020 at 4:41 PM
How does Aqua CSPM protect against the "confused deputy" issue in AWS?
The "Confused Deputy" issue in AWS is a security risk that potentially allows security vendors to serve as middlemen between an AWS account and tw...
Wed, 17 Jun, 2020 at 3:55 PM