Risk Configuration

Overview

Define violations of your best practices in the form for your SecureCloud reports. Wherever vendor cloud definitions exist that match the violations you define here, and aren't specified as exceptions, they will be considered security violations in the Dashboard metrics and drilldowns. They will also be marked as violations in Asset Security Access (risky ports and permissive access ).

What Can I Do Here?

Specify violations of your best practices in the form of:

• Public Cloud risky ports

• Public Cloud network permissions

• Change how SecureCloud determines connectivity

Public Cloud Risky Ports

What are risky ports?. Manage the list of ports you want reported as risks when exposed to the internet.

Enable / disable this feature using the toggle High Risk Ports in Public Cloud. When disabled, no ports will be considered as risks when exposed to the internet and will not be included in the Dashboard metrics and drilldowns or anywhere else.

To add ports:

1. Click Add Ports.

2. Enter one or more ports in the format <[TCP][UDP]>: <port>, separating each port with a comma, e.g. TCP: 23, UDP: 67-68

3. Click Add.

To remove a port:

1. Hover over the port and click.

Public Cloud Network Permissions

What is Permissive Access? Specify the network permissions you consider as overly permissive.

Enable / disable using the toggle Overly Permissive Public Cloud Network. When disabled, no public cloud access will be considered as overly permissive when exposed to the internet and will not be included in the Dashboard metrics and drilldowns or anywhere else.

To change values:

1. Click on the edit icon
2. Select the appropriate source and service
3. Click Save

Change How SecureCloud Determines Connectivity

There are two factors in determining whether connectivity is allowed in the public cloud.

• Definitions in your security controls

• Definitions of the network

One approach is that if there is no network connection, there is no need to be concerned if security controls don't prevent an unwanted path because traffic cannot pass anyway. An alternative approach is to ensure your security definitions are robust, regardless of how the network is configured. You can select which approach you want SecureCloud to use for reporting connectivity and violations, and switch from one to the other at any time.

Toggle Effective Connectivity to change:

On: Consider network connectivity

Off: Consider only the security definitions

How Do I Get Here?

Main Menu > Configuration > Risk Configuration