Remediating Cloud Misconfigurations
Gain continuous visibility and security across your cloud environments. The platform automatically discovers resources, evaluates them against CIS Benchmarks and industry best practices, and identifies configuration issues.
With the remediation feature, you can now:
- Fix cloud resource misconfigurations.
- Perform direct actions on cloud resources.
- Improve overall security posture with guided remediation.
Supported cloud providers:
- AWS
- Microsoft Azure
- Google Cloud Platform (GCP)
The remediation feature is enabled by default only for activated users.
Pre-requisites
Ensure that you have the following modules available in your subscription:
- Activated Subscription
- Administration
If you need access to a module, please contact your Qualys Technical Account Manager (TAM).
Required permissions
- Manager role OR
- Sub-user with Manage Remediation permission
For more information on the configuring access for remediation, see Managing Remediation Permission.
Configuring Remediation
Remediation allows you to not only detect but also fix misconfigurations directly from the platform.
Once enabled, you can use one-click remediation while resources are being evaluated. We will walk you through the steps.
Step 1: Configure Connectors For Remediation
Configuration connectors for remediation involves two steps: enable remediation for the connector and then assign write access for the connector
The detailed steps for each cloud provider: AWS | Microsoft Azure | GCP
Step 2: Remediate Cloud Resources
- Navigate to the Posture tab
- View controls available for remediation
- Identify failed evaluations eligible for fixes
For more details, refer to Remediating Cloud Resources.
Step 3: Perform Actions on Cloud Resources
The Resources tab provides you with actions that you can execute on instances to quickly fix the unknown behavior of an instance or vulnerability on an instance.
For more details, refer to Actions for Cloud Resources.
Additional Capabilities
View Remediation Activity
View all remediation actions across all resources.
Remediable Control List: AWS | Microsoft Azure | GCP