How can we help you?

ArmourZero's Cloud Infrastructure Scan is an AI-powered penetration assessment tool that helps DevOps, cloud infrastructure's administrators and security professionals to detect and find weaknesses and vulnerabilities in cloud infrastructures.

Multi-clouds infrastructure are very common for redundancy, scalability, to gain flexibility, avoid vendor lock-in, enhance reliability, optimise costs, and allowing customers to mix and match providers for specific needs like AI, data analytics, or regional compliance, rather than relying on a single provider's offerings. It's very important to have a single dashboard, view, report and remediation action across these multi-clouds infrastructure.

There are 3 cloud infrastructure supported today, more to add soon.

1. Amazon Web Services (AWS)
2. Google Cloud Platform (GCP)

3. Microsoft Azure

    

ArmourZero's Cloud Infrastructure Scan allowing you to assess and test the cloud infrastructures from an external and internal perspective that can help you to identify vulnerabilities and misconfigurations that an attacker may find. 

The scanned results of all possible vulnerabilities detected and misconfigurations will then be compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels. It represents a broad consensus about the most critical security risks to cloud infrastructure. 

There are 5 categories of CWE and CVE vulnerabilities' severity levels.

1. Critical
2. High
3. Medium
4. Low
5. Information

Integrate a cloud infrastructure to start with ArmourZero's Infra Scan immediately, find all possible vulnerabilities faster than attackers.

ArmourZero's AI-powered Cloud Infrastructure Scan seamlessly integrates cloud infrastructure security posture analysis into your cloud infrastructure. You can enable multiple cloud infrastructure in one-go.

Supported cloud infrastructures:

1. Amazon Web Services (AWS)
2. Google Cloud Platform (GCP)
3. Microsoft Azure

Step 1: Add cloud infrastructure

You can create the number of cloud infrastructure according to your subscription plan.

1. Go to left menu and select "Infra" under VULNERABILITY SCANNERS section, then click "Add Cloud Account".

2. Select what cloud infrastructure you would like to scan.

Notes:

It is very important to have your cloud infrastructure's security audit account ready in order to enable the scan.

Depending on your plan, you can add more than 1 cloud infrastructure to scan at the same time to assess and test the cloud infrastructures from an external and internal perspective that can help you to identify vulnerabilities and misconfigurations that an attacker may find. 

You can refer to below links for the cloud infrastructure setup guide..

1. Amazon Web Services (AWS)
2. Google Cloud Platform (GCP)
3. Microsoft Azure

Once the cloud infrastructure was successfully integrated, you can trigger ArmourZero's Infra Scan to scan and find weaknesses, misconfigurations and vulnerabilities on the cloud infrastructure. Depending on your subscribed plan, you can trigger multiple scans at the same time. However the time to complete the scan depending on the size of cloud infrastructure.

You must first integrate to your cloud infrastructure before scan is activated. There are 2 ways to scan your cloud infrastructure, using Scan Now (instant scan) or Schedule for Scan (scheduled scan).

Scan Now (instant scan)

1. Go to left menu and select Infra under VULNERABILITY SCANNER section. All successful integrated cloud infrastructure will be listed here.

2. Click on the three dots action icon on the domain you intend to scan.

3. Select Scan Now, the scan will start immediately.

Schedule for Scan (scheduled scan)

1. Go to left menu and select Infra under VULNERABILITY SCANNER section. All successful integrated cloud infrastructure will be listed here.

2. Click on the three dots action icon on the domain you intend to scan.

3. Select Schedule for Scan.

4. Choose your desired schedule scan time by Frequency of "For Once", "Weekly" or "Monthly" and Date & Time of date, day and hour.

5. Once confirm, click Set Schedule.

Notes:

Depending on your plan, you can add more than 1 domain to scan at the same time.

The time to complete the scan depending on the size of cloud infrastructure. You can view the scanned results once the scan is completed.

As this scan is a penetration assessment tool, simulating real-time attack to find weaknesses and vulnerabilities, each scan have to trigger on-demand (instant or scheduled).

You can easily view ArmourZero's Cloud Infrastructure Scan scanned results on all cloud infrastructure after the triggered scan completed. Reminder that as this scan is a penetration assessment tool, simulating real-time attack to find weaknesses, misconfigurations and vulnerabilities.

Step 1: Select the project

1. Go to left menu and select "Infra" under VULNERABILITY SCANNERS section. Click on the Account Name ID or the three dots action icon on the account name, select "View Scan Details". 

Step 2: View details of vulnerabilities detected 

All scanned results of all possible vulnerabilities detected will be automatically compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels.

1. A Latest Overall Scan Report of Infra Scan will be auto generate for you after each scan.

2. You can also see past scanned reports under "Scan History" button to compare the previous results and current results. This is very useful if you have make correction or remediation on your cloud infrastructure; or simply to compare with the latest possible vulnerabilities found.

The scan report will be summarised into 5 categories of CWE and CVE vulnerabilities' severity levels; Critical , High , Medium , Low and Information.

All scanned results of all possible vulnerabilities detected will be automatically compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels.

There are several important scan results being categories:

1. Vulnerabilities Group By Services
2. Distribution by Severity
3. Distribution by Services
4. Top 10 Services
5. Top 10 Resources
6. All Vulnerabilities

Step 3: Mitigate vulnerabilities

1. Scroll down to "All Vulnerabilities" section.

2. Select and open the vulnerability detected, click  to view the details of vulnerability and how you and your team can mitigate it with AI-remediation suggestions. Also you can assign the mitigation task across team members and follow the mitigation status. 

There are 2 main parts of mitigation:

Part 1

• Vulnerability's type and information - to list in details information the found vulnerability.

• Initial remediation suggestion.

Part 2

• AI Assistance False Positive Detector - to check with AI's analysis in real-time to ensure the detected vulnerability won't mistakenly identified as a threat or risk.
• Task management - to assign the task across team members to fix and track the mitigation progress and status.

Part 3

• AI Assistance Remediation Suggestion - AI's analysis in real-time and recommend remediation against the vulnerabilities.

Notes:

Each vulnerability detected or found have it own characteristic, type, severity and risk to you and company. That's why each vulnerability have it's own remediation to work on.

In order to seamlessly integrate ArmourZero's Cloud Infrastructure scan to your Amazon Web Services (AWS), you need to prepare a SecurityAudit's user credential login.

Integration guide

1. Go to "Infra" under VULNERABILITY SCANNERS section and click "Add Cloud Account" button.

2. Click on "Amazon Web Services (AWS)". Under the Create Account menu, you need to provide the SecurityAudit's user credential and click "Integrate" when done.

How to create AWS Security Audit's user credential

1. Log in to your AWS Management Console.

2. Go to IAM -> Users and click "Add User".

3. Provide a username (e.g. az-security-audit and select Programmatic Access").

4. Click Next: Permissions and choose Attach policies directly.

5. Search for and select the SecurityAudit policy, then click Next.

6. Apply these credentials (Access Key ID & Secret Access Key) to the ArmourZero platform to complete the integration.

In order to seamlessly integrate ArmourZero's Cloud Infrastructure scan to your Google Cloud Platform (GCP), you need to prepare a SecurityAudit's user credential login.

Integration guide

1. Go to "Infra" under VULNERABILITY SCANNERS section and click "Add Cloud Account" button.

2. Click on "Google Cloud Platform (GCP)". Under the Create Account menu, you need to provide the SecurityAudit's user credential and click "Integrate" when done.

How to create GCP Security Audit's user credential

1. Log in to your Google Cloud Console (https://console.cloud.google.com).

2. Select the Google Cloud Project you wish to scan or create a new one.

3. Copy your "Project ID" from the Google Cloud Console.

4. Navigate to "IAM & Admin" -> "Service Accounts".

5. Click "Create Service Account", enter a name (e.g. az-security-audit), and click "Create and Continue".

6. Assign the necessary roles:

• Viewer (Recommended) - provides full READ access across the project, allowing the scanner to fully utilise its capabilities.
• Custom Resource Access (Optional) - you can assign only specific resource view permission (e.g. Compute Viewer, IAM Security Reviewer, Storage Object Viewer) according to your comfort level. Note: limiting access will reduce scan coverage and some findings may not be detected.

7. Click "Done", then. select the newly created service account from the list.

8. Navigate to the "Keys" tab and click "Add Key" -> "Create New Key".

9. Select "JSON", then click "Create" to download the key file.

10. Important: Store the JSON key file securely. You will need to upload this file to ArmourZero to authenticate your scan.

11. Enter the "Project ID" and upload the JSON Key File in the ArmourZero platform to complete the integration.

In order to seamlessly integrate ArmourZero's Cloud Infrastructure scan to your Microsoft Azure, you need to prepare a SecurityAudit's user credential login.

Integration guide

1. Go to "Infra" under VULNERABILITY SCANNERS section and click "Add Cloud Account" button.

2. Click on "Microsoft Azure". Under the Create Account menu, you need to provide the SecurityAudit's user credential and click "Integrate" when done.

How to create Microsoft Azure Security Audit's user credential

1. Log in to Azure Portal.

2. Search for "App Registrations" in the top search bar and select it.

3. If you already have an application, select it from the list.

4. Navigate to "IAM & Admin" -> "Service Accounts".

5. If you do not have an application, click "New Registration", provide a name, and click "Register".

6. Go to Certificates & Secrets → Client Secrets.

7. Click "New client secret", enter a description (e.g., "Cloud Integration Key"), and select an expiration duration.

8. Click "Add", then copy and securely store the Client Secret Value (it will not be shown again).

9. Copy the Application (Client) ID and Directory (Tenant) ID from the Overview page.

10. Navigate to Subscriptions and select your active subscription.

11. Go to Access Control (IAM) → Click "Add" → "Add role assignment".

12. Select the role "Reader" or "Security Reader", then click "Next".

13. Under Assign access to, choose "User, group, or service principal".

14. Click "Select members", search for your existing or newly registered app, and add it.

15. Copy the Subscription ID from the Subscriptions page.

16. Apply these credentials (Client ID, Client Secret, Tenant ID, and Subscription ID) to the ArmourZero platform to complete the integration.