How do I get started with Saner Cloud?
If direct access to the cloud infrastructure is unavailable, users can onboard manually using either of the following methods:
- Role Stack Creation (Automated): If you are already logged into the AWS, then the system automatically creates the role in your infrastructure with required access to run scans.
- Role Stack Creation (Manual): Manually create the role offline and upload the Role details to the Saner CNAPP portal.
- AWS Credential Integration: Use AWS credentials such as an access key and secret key to grant access securely. These credentials are encrypted and securely stored to maintain confidentiality.
- Azure Credential Integration: Use Azure credentials such as a tenant ID, access key and secret key to grant access securely. These credentials are encrypted and securely stored to maintain confidentiality.
Once the onboarding process is complete, an initial discovery scan is initiated according to the service provision settings.
What measures can we take to secure our account?
SanerCloud supports PingOne MFA and Google Authenticator MFA to enable extra secure access to your account. SanerNow presently supports SMS, Email, and the Authenticator app as PingOne MFA authentication methods.
How are system resources utilized, or how is the CPU performance during
remediation?
During remediation, the CPU average is relatively low. Patches are queued and applied in order. After the remediation operation, or rule, is completed, a scan is done.
What should I do if a remediation patch is not available?
Understand which resource is misconfigured and how and try to change the configuration from the Service Provider end.
Can I find out how long the patch was available and not applied in an organization?
The Patch Aging View in Saner CSRM helps:
— Understand how many patches have been outstanding the longest
— Identify trends in how quickly your organization remediates vulnerabilities
Is it possible to automate responses/actions upon detection?
The scanner is configured to run continuously, day after day, to identify unwanted
elements or anomalies within the organization and to either fix or whitelist
these anomalies using pre-built response schemes.
Can I see trending reports?
Trend reports in CSPM offers a Graphical depiction providing insight into the count of affected resources or cloud services(like AWS or Azure) over a period of time, helping users track patterns and potentially anticipate future issues. This is useful for identifying recurring vulnerabilities, seasonal spikes, or reductions in affected resources due to implemented security measures.
Can I be alerted to specific incidents on Anomaly detection?
SanerCloud offers pre-defined alert conditions based on standard compliance frameworks (e.g., CIS, HIPAA, PCI-DSS) and general security posture checks like missing patches, unauthorized access attempts, and exposed assets.
I want to avoid unnecessary exposure from resources exposed to public network. Is there a way to identify these publicly accessible cloud resources?
You can utilize the CSAE dashboard to identify which resources are truly accessible from the external network. Resources that need attention are flagged with orange, and those that comply with specifications are in grey making it easy to identify which instances are actively using public network interfaces.
Does Saner Cloud support AI?
Saner Cloud provides Generative AI-Powered Insights for Data Interpretation across every tool. If complex graphs and tables seem overwhelming, the tool interprets visualizations and tabular data, providing human-readable summaries. Users can copy AI-generated insights into reports, presentations, or team discussions, making data-driven decisions more accessible.
Why doesn’t the CIEM resource display on “Geographical Map”?
The geographical map is created to show resources based on their distribution in specific regions. However, global resources do not have a designated location, so they cannot be mapped geographically. CIEM includes global resources, and since these are not linked to any particular region, they do not appear on the geographical map.
Which cloud providers are supported in Saner Cloud?
Saner Cloud supports leading cloud providers like AWS and Azure that offer a vast array of services, each housing multiple resources critical to business operations.
How to Detect Deprecated and Outdated Resources in Use?
Cloud providers frequently deprecate older services. CSAE automatically flags deprecated services that may pose security or functionality risks, allowing teams to migrate to newer alternatives before support is discontinued.
How to Create Custom Watchlist for Critical Resources?
Users can define their own watchlists to monitor critical cloud assets. This feature ensures that high-priority resources are easily accessible, with alerts and filters providing instant visibility into security risks affecting these resources.
I want to make informed decisions on my expenditure based on complete and current
information of resource usage in the last 3months. How does Saner CSAE enable
me to do this?
You can directly view the breakdown of resource usage across different months from the “Cost and Usage” dashboard block.
Does Saner Cloud offer any pre-built benchmarks?
Cloud Security Posture Management (CSPM) is a widely recognized and essential tool designed to detect misconfigurations across various regions of cloud infrastructure by benchmarking them against established standards. SecPod’s Security Intelligence team has developed the SecPod Default Benchmark, an exceptional combination of best practices derived from prominent compliance frameworks like NIST, CIS, PCI, HIPAA, and SOC2. By adhering to the SecPod Default Benchmark, organizations can ensure that their cloud configurations are set to a high standard, with automatic benchmarking against globally recognized compliance frameworks. This approach not only guarantees security but also simplifies the process of meeting stringent regulatory requirements.
