Supported Cloud Providers:
The Connectors application provides an automated way to launch cloud perimeter scans on your publicly exposed cloud assets based on the configuration defined in a Connector.
You can either,
1) Define a global perimeter scan configuration connectors used to run the perimeter scan.
2) Enable a cloud perimeter scan while creating a connector and define a custom configuration for scheduling the perimeter scan only for the connector you create.
Similarly, you can enable a cloud perimeter scan for the AWS organization connector and define a custom scan configuration for scheduling the perimeter scan. During the cloud perimeter scan, the custom scan configuration is applied to all the member connectors.
Read more about how you can provide global configurations Global Scan Configurations.
If you do not define the custom scan configuration, the global scan configuration is used for launching the perimeter scans.
To launch the cloud perimeter scan,
While creating or editing a connector, on the Tags and Activation screen, select the Automatically activate all assets for VM Scanning application and the Enable Zero-touch Cloud Perimeter Scan checkbox.
This enables the 'Scan Settings' step. You can notice on the left pane under the 'Tags and Activation' step you currently view.
Click Next and proceed to the next step.
On the Scan Settings screen, enable the custom scan configuration checkbox. Provide the following scan details.
Scan Prefix
Enter the Scan Prefix added to the scan title.
Option Profile
Select the Option profile for the Cloud Perimeter Scan.
Recurrence
The frequency at which the scan is performed, start date and time, and associated timezone.
In the Recurrence field, select Weekly or Daily. The other fields for defining the scan schedule are available based on the value in the Recurrence field.
Weekly recurrenceWeekly recurrence
If you select Weekly recurrence:
- select the day of the week when the scan is triggered.
- select the Start Date from which the global scan configuration is applicable.
- select Start Time. You can select the current time or select time from the list.
- select the applicable timezone.
Daily recurrenceDaily recurrence
If you select Daily recurrence:
- select the Start Date from which the global scan configuration is applicable.
- select Start Time. You can select the current time or select time from the list.
- select the applicable timezone.
Scan Public Load Balancers
Enable this checkbox to discover public-facing Elastic Load Balancers. This provides additional security to your environment by identifying possible exploitable resources.
Click Save to save the scan configuration.