Skip to content

Infrastructure Scanning

[TBD]

  • Cloud Security Posture Management (CSPM): Identifies misconfigurations and compliance risks in cloud infrastructure.
  • Cloud Infrastructure Entitlement Management (CIEM): Manages and automates access permissions in cloud environments.
  • Cloud Workload Protection Platform (CWPP): Protects cloud workloads, including containers, servers, and serverless functions.
  • Infrastructure-as-Code (IaC) Scanning: Detects security issues early in the development process.
  • Data Security Posture Management (DSPM): Discovers sensitive data sources and who has access to them.

Outcome

  • Vulnerability Scanning is performed regularly against the infrastructure
  • The scanning tools are properly customized to reduce false positives
  • Findings are being pushed to the vulnerability management program
  • Severity/Priority is recalculated based on the asset's criticality/risk

Metrics

Metrics for this topic are included in Vulnerability Management

Tools & Resources

Further Reading