You can easily view ArmourZero's Cloud Infrastructure Scan scanned results on all cloud infrastructure after the triggered scan completed. Reminder that as this scan is a penetration assessment tool, simulating real-time attack to find weaknesses, misconfigurations and vulnerabilities.
Step 1: Select the project
1. Go to left menu and select "Infra" under VULNERABILITY SCANNERS section. Click on the Account Name ID or the three dots action icon on the account name, select "View Scan Details".
Step 2: View details of vulnerabilities detected
All scanned results of all possible vulnerabilities detected will be automatically compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels.
1. A Latest Overall Scan Report of Infra Scan will be auto generate for you after each scan.
2. You can also see past scanned reports under "Scan History" button to compare the previous results and current results. This is very useful if you have make correction or remediation on your cloud infrastructure; or simply to compare with the latest possible vulnerabilities found.
The scan report will be summarised into 5 categories of CWE and CVE vulnerabilities' severity levels; Critical , High , Medium , Low and Information.
All scanned results of all possible vulnerabilities detected will be automatically compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels.
There are several important scan results being categories:
- Vulnerabilities Group By Services
- Distribution by Severity
- Distribution by Services
- Top 10 Services
- Top 10 Resources
- All Vulnerabilities
Step 3: Mitigate vulnerabilities
1. Scroll down to "All Vulnerabilities" section.
2. Select and open the vulnerability detected, click to view the details of vulnerability and how you and your team can mitigate it with AI-remediation suggestions. Also you can assign the mitigation task across team members and follow the mitigation status.
There are 2 main parts of mitigation:
Part 1
- Vulnerability's type and information - to list in details information the found vulnerability.
- Initial remediation suggestion.
Part 2
- AI Assistance False Positive Detector - to check with AI's analysis in real-time to ensure the detected vulnerability won't mistakenly identified as a threat or risk.
- Task management - to assign the task across team members to fix and track the mitigation progress and status.
Part 3
- AI Assistance Remediation Suggestion - AI's analysis in real-time and recommend remediation against the vulnerabilities.
Notes:
Each vulnerability detected or found have it own characteristic, type, severity and risk to you and company. That's why each vulnerability have it's own remediation to work on.