Walkthrough: Identifying CIS violations for AWS
In the previous walkthrough, you used BMC Helix Cloud Security to download, configure, and run the AWS Cloud connector. This walkthrough enables you to explore the results and identify specific resources that are not compliant with the out-of-the-box CIS policies for AWS.
Scenario
A company is using Amazon Simple Storage Service (S3) to store and retrieve data. The company wants to be able to identify violations to ensure that all of the data associated with the buckets is properly secured. Depending on the bucket, and the data objects stored in it, providing access to any information about the buckets to all users might be a security risk.
Buckets that are not compliant with the CIS policy will be flagged by the connector, and should be reviewed immediately to ensure that company information has not been unintentionally exposed.
Where to go from here
To walk through a scenario where you must remediate identified violations, see Remediating an AWS compliance violation.