View Misconfigurations
Tenable Cloud Security shows misconfigurations when resources fail to comply with the configured policies. You can view and download a CSV report of misconfigurations from the Misconfigurations page. You can also view the resources impacted by these misconfigurations and remediate the impacted resources. You can perform the following tasks from the Misconfigurations page:
To view misconfigurations and download the Misconfigurations report:
-
In the left navigation bar, click Findings.
The Misconfigurations page appears.
-
On the Misconfigurations page, do one of the following:
-
Use the Search box to search for specific failing policies.
-
Use the following filters:
-
Click the
Filters icon to open the Filter Misconfigurations box. -
Select the following filters as needed.
Filter Description Projects Filters the failing policies by projects. Cloud account Filters the failing policies by cloud accounts. Repository Filters the failing policies by repositories. Category Filters by resource category. Severity Filters by the severity of the failing policy: High, Medium, Low, Info. Source Filters by the source for the policy violation: Cloud or IaC. K8s cluster Filters by Kubernetes clusters. Policy group Filters by policy groups. Applicable only for custom policies. Benchmarks Filters by policy benchmarks.
-
-
- Click Export > CSV to download the misconfigurations report in the CSV format.
The report provides a project-wise listing of all failing policies and includes the following details:
Project
Source (IaC or Cloud)
Cloud Provider
Cloud Account
Region
VPC
Policy Group
Severity
Policy ID
Failing Policy
Resource Type
Cloud ARN
Cloud Resource ID
Cloud Resource Name
Remediation
IaC Resource ID
IaC Resource Name
IaC Repository
IP Address
DNS
Cloud Tag
Date and time the violation was last seen
Date and time the violation was first seen
-
On the Misconfigurations page, click the policy that you want to view.
The policy pane with the list of impacted resources appears. -
In the Impacted Resources section, do one of the following:
- Select the impacted resource that you want to remediate and click the impacted resource name.
-
Use the following filters to filter and select a specific impacted resource:
Filter
Description Projects Filters the impacted resources by project. Resource Types Filters the impacted resources by resource types. Source Types Filters the impacted resources by source — IaC or Cloud. Cloud Accounts Filters the impacted resources by cloud account name. - Click an impacted resource to view the resource details.
The following details are displayed:
Resource details
Filter
Description Violation Source Source of the policy violation — IaC or Cloud. Cloud ID ID of the cloud resource. IAC ID ID of the IaC resource. Resource Type The resource type to which the resource belongs. Cloud Provider The cloud provider — AWS, Azure, or GCP. Cloud Account The cloud account name. Repository Link to the repository of the IaC resource. Cloud Tags The label associated with the cloud resource by the cloud provider. IaC Tags The label associated with the IaC resource. - Resource Configuration JSON: Shows the IaC or cloud resource configuration and the remediation resource configuration.
- Remediation: Provides the remediation steps for the policy violation.
To remediate an impacted resource:
- Click the check box next to an impacted resource.
Tenable Cloud Security enables Create a ticket, Create a PR, and Exclude Policy. -
Click one of the following remediation options:
-
Create a ticket — Creates a Jira ticket for the selected issue. For more information, see Create a Ticket for an Issue.
-
Create a PR — Creates a pull request. This option is enabled only for IaC resources. For more information, see Create a Pull Request for an Issue.
-
Exclude a Policy — Ignores the violation. For more information, see Ignore Misconfigurations.
Note: Tenable Cloud Security shows the remediation steps to fix a failing policy on the policy pane.
-