Getting Started with Tenable Cloud Security

This section provides the getting started sequence to perform cloud and IaC scans in Tenable Cloud Security.

Before you begin:

For any type of scan, perform the following initial steps:

  1. Create a Project.

    In Tenable Cloud Security, you can group resources, such as repositories and cloud accounts, into projects. Projects allow you to monitor, analyze, and manage all your resources at once.

  2. Configure policies for your scan projects.

    Tenable Cloud Security uses policies to identify vulnerabilities present on cloud resources. Tenable Cloud Security comes with built-in policies and policy groups for all cloud providers. By default, Tenable Cloud Security associates policies to your project depending on the resources added to the project. You can also associate other policies to your project or create custom policies.

  3. Integrate with alert and notification systems.

    Tenable Cloud Security provides options for you to set up alerts in every project. With alerts, you can enable Tenable Cloud Security to notify users with a summary of key events of the project. Tenable Cloud Security allows you to integrate with email, Slack, Splunk, Microsoft Teams, Jira, and AWS SNS.

What to do next:

Depending on the type of resources, do one or more of the following:

  • Cloud Scan Workflow

    Tenable Cloud Security scans your cloud resources for security compliance and identify violations. Tenable Cloud Security supports connecting to AWS, Microsoft Azure, and Google Cloud Platform cloud service providers.

  • IaC Scan Workflow

    Infrastructure as Code (IaC) scan is scanning your IaC configuration files for known vulnerabilities. Tenable Cloud Security supports IaC scan for Terraform, Terragrunt, CloudFormation, Kubernetes YAML, Kustomize YAML, Helm Chart, and Azure Resource Manager (ARM).