Remediating Cloud Misconfigurations

Gain continuous visibility and security across your cloud environments. The platform automatically discovers resources, evaluates them against CIS Benchmarks and industry best practices, and identifies configuration issues.

With the remediation feature, you can now:

  • Fix cloud resource misconfigurations.
  • Perform direct actions on cloud resources.
  • Improve overall security posture with guided remediation.

Supported cloud providers:

  • AWS
  • Microsoft Azure
  • Google Cloud Platform (GCP)

The remediation feature is enabled by default only for activated users.

Pre-requisites

Ensure that you have the following modules available in your subscription:

  • Activated Subscription
  • Administration

If you need access to a module, please contact your Qualys Technical Account Manager (TAM).

Required permissions

  • Manager role OR
  • Sub-user with Manage Remediation permission

For more information on the configuring access for remediation, see Managing Remediation Permission.

Configuring Remediation

Remediation allows you to not only detect but also fix misconfigurations directly from the platform.

Once enabled, you can use one-click remediation while resources are being evaluated. We will walk you through the steps.

Step 1: Configure Connectors For Remediation

Configuration connectors for remediation involves two steps: enable remediation for the connector and then assign write access for the connector

The detailed steps for each cloud provider: AWS | Microsoft Azure | GCP

Step 2: Remediate Cloud Resources

  • Navigate to the Posture tab
  • View controls available for remediation
  • Identify failed evaluations eligible for fixes

For more details, refer to Remediating Cloud Resources.

Step 3: Perform Actions on Cloud Resources

The Resources tab provides you with actions that you can execute on instances to quickly fix the unknown behavior of an instance or vulnerability on an instance.

For more details, refer to Actions for Cloud Resources.

Additional Capabilities

View Remediation Activity

View all remediation actions across all resources.

Remediable Control List: AWS | Microsoft Azure | GCP