View Misconfigurations

Tenable Cloud Security shows misconfigurations when resources fail to comply with the configured policies. You can view and download a CSV report of misconfigurations from the Misconfigurations page. You can also view the resources impacted by these misconfigurations and remediate the impacted resources. You can perform the following tasks from the Misconfigurations page:

To view misconfigurations and download the Misconfigurations report:

  1. In the left navigation bar, click Findings.

    The Misconfigurations page appears.

  2. On the Misconfigurations page, do one of the following:

    • Use the Search box to search for specific failing policies.

    • Use the following filters:

      1. Click the Filters icon to open the Filter Misconfigurations box.

      2. Select the following filters as needed.

        Filter Description
        Projects Filters the failing policies by projects.
        Cloud account Filters the failing policies by cloud accounts.
        Repository Filters the failing policies by repositories.
        Category Filters by resource category.
        Severity Filters by the severity of the failing policy: High, Medium, Low, Info.
        Source Filters by the source for the policy violation: Cloud or IaC.
        K8s cluster Filters by Kubernetes clusters.
        Policy group Filters by policy groups. Applicable only for custom policies.
        Benchmarks Filters by policy benchmarks.
  3. Click Export > CSV to download the misconfigurations report in the CSV format.

    The report provides a project-wise listing of all failing policies and includes the following details:

    • Project

    • Source (IaC or Cloud)

    • Cloud Provider

    • Cloud Account

    • Region

    • VPC

    • Policy Group

    • Severity

    • Policy ID

    • Failing Policy

    • Resource Type

    • Cloud ARN

    • Cloud Resource ID

    • Cloud Resource Name

    • Remediation

    • IaC Resource ID

    • IaC Resource Name

    • IaC Repository

    • IP Address

    • DNS

    • Cloud Tag

    • Date and time the violation was last seen

    • Date and time the violation was first seen

To view impacted resources:

  1. On the Misconfigurations page, click the policy that you want to view.
    The policy pane with the list of impacted resources appears.

  2. In the Impacted Resources section, do one of the following:

    • Select the impacted resource that you want to remediate and click the impacted resource name.
    • Use the following filters to filter and select a specific impacted resource:

    • Filter

      Projects Filters the impacted resources by project.
      Resource Types Filters the impacted resources by resource types.
      Source Types Filters the impacted resources by source — IaC or Cloud.
      Cloud Accounts Filters the impacted resources by cloud account name.
  3. Click an impacted resource to view the resource details.

    The following details are displayed:

    • Resource details


      Violation SourceSource of the policy violation — IaC or Cloud.
      Cloud IDID of the cloud resource.
      IAC IDID of the IaC resource.
      Resource TypeThe resource type to which the resource belongs.
      Cloud ProviderThe cloud provider — AWS, Azure, or GCP.
      Cloud AccountThe cloud account name.
      RepositoryLink to the repository of the IaC resource.
      Cloud TagsThe label associated with the cloud resource by the cloud provider.
      IaC TagsThe label associated with the IaC resource.
    • Resource Configuration JSON: Shows the IaC or cloud resource configuration and the remediation resource configuration.
    • Remediation: Provides the remediation steps for the policy violation.

To remediate an impacted resource:

  1. Click the check box next to an impacted resource.
    Tenable Cloud Security enables Create a ticket, Create a PR, and Exclude Policy.
  2. Click one of the following remediation options:

    • Create a ticket — Creates a Jira ticket for the selected issue. For more information, see Create a Ticket for an Issue.

    • Create a PR — Creates a pull request. This option is enabled only for IaC resources. For more information, see Create a Pull Request for an Issue.

    • Exclude a Policy — Ignores the violation. For more information, see Ignore Misconfigurations.

      Note: Tenable Cloud Security shows the remediation steps to fix a failing policy on the policy pane.