Cloud Inventory & Risk
Security Group Risk - Security Group Risk is the number of policy violations associated with an AWS instance.
Lumeta considers the following factors in calculating the Security Group violation:
- Instances that have been deployed from images in either a white list or black list.
- You have an image that was not in the white list.
- You have an image that was in the black list.
- Ports and protocols that are either in a white list or black list.
- You have a port / protocol that was not in the white list.
- You have a port / protocol that was in the black list.
- IPv4 / IPv6 that are either in a white list or black list. On this, bear in mind that IP address blocks are not sliced. If a /8 is specified in blacklist, and a /24 out of that /8 in white list, an IP address that is in that /24 will still appear as a blacklist risk.
- You have a IPv4 / IPv6 that was not in the white list.
- You have a IPv4 / IPv6 that was in the black list.
- Wildcard in a Security Group.
- IPv4 mask is too large for a Security Group.
- Src/Dest checks disabled on an instance
- Inbound/outbound path to the public internet (direct and indirect)
Inbound & Outbound Path Summary
Lists instances having ingress and egress to the internet.
Inspector Alerts
Accrues and centralizes alerts from all Cloud Scouts.