Cloud Scan Workflow

Tenable Cloud Security scans your cloud resources for security compliance and identify violations. When you connect your cloud services, you can select the required virtual private clouds (VPCs).

For a detailed workflow for onboarding cloud accounts, see the following Quick Reference Guides:

For vulnerability scanning, perform an Agentless Assessment.

Before you begin:

To perform a cloud scan:

  1. Connect your cloud accounts.

    You can connect the following cloud services to Tenable Cloud Security:

  2. (Recommended) Configure cloud scan to define the resources to scan and to schedule scan intervals.

  3. View the Tenable Cloud Security dashboard to see the analytics for all projects and timelines.

  4. Analyze the failing policies.

    Tenable Cloud Security displays failing policies when resources fail to comply with the configured policies.

    Tip: You can also view the vulnerability findings for your cloud resources from Tenable Vulnerability Management. For more information, see Cloud Findings.
  5. Perform workflow actions for the impacted resources. Workflow actions allow organizational users to configure and manage alerting and ticketing.

  6. View cloud to cloud drifts.

    The changes you make to the configuration of any unmapped resource in the cloud account create a cloud-to-cloud drift. An unmapped resource is any resource in the cloud that does not have a matching configuration in IaC. For unmapped resources, your cloud configuration may differ from the previous configuration on the cloud, which creates a cloud-to-cloud drift.

  7. View compliance reports.

    The Tenable Cloud Security Reports page displays the compliance reports for all resources.