When using the various tools in Saner Cloud, you may encounter specific terminologies that have distinct meanings. It is beneficial to familiarize yourself with these terms before proceeding further.
CSAE — Cloud Security Asset Management
Terms:
| Terms | Description |
|---|---|
| Service Distribution | Presented as a clustered bar stack chart in the dashboard. Combines “Resource Type” and “Number of Services” and offers insight into cloud resource usage and service status. |
| Publicly Accessible Resources | Cloud-based assets exposed to the external network, making them vulnerable to unauthorized access or attacks. Understanding and managing such resources is critical for maintaining a secure cloud environment. |
| Resource Distribution | Classification and organization of resources across a cloud environment based on their accessibility. It provides additional information on the resources and also includes the count of resources exposed to the external network. |
| Geo-Location | Active resources on a map, displaying country names, total resources, and total services. This visualization helps to track cloud assets and services across different geographical regions, allowing for the identification of resource concentration based on location. |
| Watchlist | Specific cloud assets or services identified for closer monitoring due to their significance, potential vulnerabilities, or critical role in operations. These resources may require special attention because they could present a higher risk or are part of essential infrastructure that must be continuously monitored. End-user has the facility to create or update watchlists based on their business need. |
| Watchlisting Resources | Watchlisting ensures resources are prioritized for proactive monitoring. |
| Cloud Profile | Represents an organization’s cloud environment that includes an inventory of assets, their configurations, access controls, exposure levels, and associated risks. |
| Resource Trend | Presented as a Stacked Area Chart on the dashboard, helps track Resource Types (such as Virtual Servers, Instances, Databases, etc.) and Service Types (Critical Services, Vulnerable Services, Remediated Services, Pending Services, etc.) over a 30day time period. |
| Cost and Usage | Presented as a stacked bar chart, displays the expenses for various cloud services each month (USD, INR, or any other currency specified) for a specific environment. |
| Outdated Resources | Resources or services that are deprecated or unsupported versions. |
CSPM — Cloud Security Posture Management
Terms:
| Terms | Description |
|---|---|
| Benchmark | Includes standardized rules that evaluate specific resource configurations, displaying compliance results directly on the dashboard for enhanced visibility and accessibility. |
| No Input Required | Refers to automated security checks that do not require any additional configurations, manual inputs, or user intervention. |
| Findings | Information about the number of resources evaluated and any associated configuration risks identified in the recent scan of various cloud services, including AWS or Azure |
| Publicly Accessible Resources | Identify the resources exploitable by external network |
| Geo-map | Security findings across various geographic locations on the map |
CIEM — Cloud Infrastructure Entitlement Management
Terms:
| Terms | Description |
|---|---|
| Process Map | Visual representation of privileges or permissions involved in policies and services attached to an identity. |
| Users | IAM users within an AWS account representing individual users or applications with specific permissions. |
| Groups | Collection of IAM users with an AWS account sharing common privileges or permissions |
| Roles | IAM roles in AWS, which are identities that grant permissions to users or services to access resources |
| Policies | Set of rules or configurations that govern privileges or permissions in cloud environment |
| Risk | Potential threat or vulnerability that compromises cloud security |
| Remediate | An independent action or a set of actions taken to resolve risks or vulnerabilities |
| Remediation | Process of resolving the identified security risks or misconfigurations |
| Services | Specific functionalities or resources provided by cloud service providers |
CSPA — Cloud Security Posture Anomaly
Terms:
| Terms | Description |
|---|---|
| Anomalies | Deviations from predefined rules and thresholds |
| Confidence Levels | Indicates the system’s confidence level in determining if a detected issue or misconfiguration poses a risk. Anomalies are categorized based on a machine learning algorithm threshold or through pre-assigned severity levels. This means that Saner CSPA is almost certain that these anomalies represent legitimate risks |
| Whitelist | Saner CSPA allows you to assess and exclude specific anomaly IDs from scans for various known reasons |
| High | Indicates “Confidence Level” that most anomalies are significant and require immediate attention |
| Medium | Suggests that some anomalies need further validation or investigation. |
| Low | Refers to minor anomalies, which may involve less critical issues or potential false positives. |
| Posture Anomaly Density | Helps identify clusters or areas with concentrated security posture issues for further prioritization and remediation. |
| Posture Anomaly Radar | Highlights the resource categories that have the most significant posture anomalies on dashboard |
CSRM — Cloud Security Remediation Management
| Terms | Description |
|---|---|
| Missing Patches | Highlights the most critical and yet-to-be-applied fixes to ensure your environment is secure and compliant. Saner CSRM dashboard displays the top 10 critical missing patches in a grid view providing details on remediation id, title, affected rule, affected service, region, severity, and resource count |
| Severity Distribution | Distribution of patches related to Cloud Security Posture Management (CSPM) across various services |
| Remediation Status | The completed patching tasks are displayed in the view showing the overall status of each patch, including details such as the owner, region, resource count, and severity distribution (high, medium, low) for the selected tool: CSPM, CIEM, or CSPA |
| Patch Aging | Duration during which patches remain unapplied in an IT environment |
| Patching Impact | Prioritize patches that have the maximum impact, ensuring critical vulnerabilities are addressed first |
| Owner | Person who created the remediation task |
| Overall Status | Status of the remediation job: Pending Approval, Not Initiated, In Progress, Success, Failed, or Completed. These statuses help in monitoring the job status for the remediation task |
