FAQ
Questions about scans
A plugin is the method by which CloudSploit evaluates a cloud security control or best practice. For example, a plugin may check that S3 Bucket encryption i...
Sun, 10 Nov, 2019 at 11:44 AM
CloudSploit develops plugins based on cloud security best practices as defined by the cloud providers, the industry, and standard security and compliance co...
Sun, 10 Nov, 2019 at 11:44 AM
Many CloudSploit plugins can be customized to match the security controls of your organization. Customization options are plugin-specific. For example, a pl...
Sun, 10 Nov, 2019 at 11:45 AM
Aqua CSPM assigns a default severity ranking to each plugin that reflects our interpretation of the plugin's risk to the cloud account and its likelihoo...
Mon, 1 Jun, 2020 at 3:43 PM
Yes. Each plugin severity ranking can also be overridden on a global or per-IaaS account basis if you determine that CloudSploit's assigned severity is ...
Mon, 1 Jun, 2020 at 3:41 PM
Yes. CloudSploit has a guide to developing new plug-ins (tests) on its GitHub page at https://github.com/cloudsploit/scans#writing-a-plugin Plugins are ...
Wed, 25 Mar, 2020 at 12:33 PM
Yes. You can suppress specific resources by resource ID, entire plugins, or entire regions either globally or on a per-IaaS account basis.
Sun, 10 Nov, 2019 at 11:46 AM
A plugin or region can be suppressed across all current and future connected cloud IaaS accounts via the “Suppressions” page. Simply select the “Global (All...
Sun, 10 Nov, 2019 at 11:46 AM
All scan reports can be exported as a CSV by navigating to the “Scans”, “Scan Results” page and selecting a report. A CSV can be exported from the scans pag...
Sun, 10 Nov, 2019 at 11:46 AM
New plugins are released on a periodic basis as new security controls are added by the CloudSploit team for existing or new cloud provider services. For exa...
Sun, 10 Nov, 2019 at 11:46 AM