Deploy Threat Scanners

Threat Scanners are used to fetch real-time updates on your configured cloud assets. Deploying Threat Scanners allow you to obtain the necessary keys to get started with Cloud Detection and Response.

Let's deploy your first Threat Scanner.

  1. Navigate to the Configure -> Threat Scanners in TotalCloud.

    Click Create Deployment to begin your scanner deployment. You can find three input fields in the Create Deployment screen.

    a) Provide a unique Deployment Name. Ensure the name starts with 'aws-', followed by alphanumeric characters. The character limit is 25 (including 'aws-').

    b) Provide the Account ID of the cloud provider account on which you want to deploy Threat Scanners.

    c) Select the Deployment Region where the threat scanner must be deployed on.

    After creating a deployment, the CDR key is visible from the list of deployments. Store it for later use.

    Obtain the CDR AMI ID from your Technical Account Manager (TAM).

    AMI ID is region-specific. Obtain the AMI specific to your deployment region.

    Once you have created your first deployment, the option to download scripts appears. This downloads the Terraform templates to set up CDR on your network. 

    Click Download Scripts. Once the scripts are downloaded, follow the instructions at Onboard CDR for AWS to proceed with the rest of the CDR configurations.

Cloud Detection and Response Deployment Essentials

The Threat Scanner tab contains all the essential resources to onboard CDR on your cloud network. 

Download Scripts

Once you have created your first deployment,  the option to download scripts appear. This downloads the Terraform templates to set up CDR on your network. 

Click Download Scripts.

Once you have downloaded the scripts, extract the zip file to begin activating your CDR subscription. 

Registration Key

The Registration Key is available to you after your first deployment. The key is unique for each cloud provider. This key is required to set up the CDR connector.

Insight Key

The insight key is a global key to run the Insight API.

Now that you have deployed your threat scanner and downloaded the scripts. Proceed setting up Cloud Detection and Response.