Infrastructure Scanning
[TBD]
- Cloud Security Posture Management (CSPM): Identifies misconfigurations and compliance risks in cloud infrastructure.
- Cloud Infrastructure Entitlement Management (CIEM): Manages and automates access permissions in cloud environments.
- Cloud Workload Protection Platform (CWPP): Protects cloud workloads, including containers, servers, and serverless functions.
- Infrastructure-as-Code (IaC) Scanning: Detects security issues early in the development process.
- Data Security Posture Management (DSPM): Discovers sensitive data sources and who has access to them.
Outcome
- Vulnerability Scanning is performed regularly against the infrastructure
- The scanning tools are properly customized to reduce false positives
- Findings are being pushed to the vulnerability management program
- Severity/Priority is recalculated based on the asset's criticality/risk
Metrics
Metrics for this topic are included in Vulnerability Management
Tools & Resources
- Nuclei (Free)
- OpenVAS (Free)
- Prowler (Free/Paid)
- SecureCodeBox (Free)
- Wizz (Paid)
- Nessus (Paid)
- AWS Security MCP (Free)