Prerequisites

• If you have not already done so, register for the free 14-day trial here.
• Ensure that your computer meets the minimum system requirements
  • OpenJDK 11.0.2
  • 10 MB disk space, for logging
  • Google Chrome browser
  • To connect BMC Helix Cloud Security to your Cloud Service Provider (CSP) account, whether on AWS, Azure, or GCP, you will need the admin keys for the account.  If you do not have those keys, contact your Cloud Operations Administrator to provide you with the necessary credentials (keys).

Quick Start

• 4 simple steps to quickly begin realizing value by securely configuring your cloud resources.

  1. Connect
  2. Scan
  3. Assess
  4. Remediate

Connect

For first login you don’t need to click on “Configure icon > Connectors”, by default dashboard will be presented with “Add a connector” icon as shown below:

Dashboard page:

Please add above image as part of document, which help the free trail user to know exactly what he will be presented with.

Click the button Add Connector in the upper right (up to 5 connectors in the trial)

Select the appropriate Connector and click Continue

Enter a name for your connector instance

Enter the account credentials, which vary by platform (e.g., AWS, GCP, Azure)

Select Collection Mode:  On Demand or Scheduled, and click Continue

Select the Policies you wish to run for this connector.  We recommend you choose all policies.

Congratulations!  This was the “hardest” part.  Now that you’ve connected BMC Helix Cloud Security to your cloud account, you won’t need to do this again, unless of course you wish to connect more accounts or different cloud platform(s).

For more details, see Walkthrough: Onboarding the AWS Cloud Connector.

Scan

To run an on-demand scan, go to Configure icon > Connectors

Locate the appropriate connector and click Evaluate Now

NOTE:  BMC Helix Cloud Security also supports automated, scheduled scans.

For more information about on-demand scanning and which connectors support this feature, see Managing Connectors.

Assess

After your scan completes, you are ready to assess the results, inspect violations, and plan remediation.

Navigate to the Dashboard

Observe security posture, and filter results (by Resource Type, Connector, Policy, etc.)

Under Non-Compliant Rules, click on Critical (in the lower left of the Dashboard)

Click a Rule Violation of interest

Under List of Resources, select a resource (click its name) to inspect its violation details

Select Resource Results:  policy violations are shown in red.

For more information, consult Identifying Violations.

To see an example, see Walkthough: Identifying CIS Violations for AWS.

Remediate

Select the violation (click the check box next to its name)

Click the Remediate button

To enable remediation, see Walkthrough: Remediating compliance violations.

Congratulations. BMC Helix Cloud Security is now automatically working through the Cloud Service Provider’s API to reconfigure the cloud resource to a compliant state.  After a couple of minutes, the API process will complete and the Dashboard updated.

You can navigate back to the Dashboard, and repeat the assessment and remediation for security and compliance policy violations as you see fit.  You might wish to remediate all Critical Violations, or the oldest violations, or violations associated with a specific resource type.  You are in the driver’s seat.