Mute Issues in Cloud Security Management
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
次で利用可能:
CSM Misconfigurations
|
CSM Identity Risks
There may be times when a misconfiguration, issue, or identity risk doesn’t match the use case for your business, or you choose to accept it as a known risk. To ignore them, you can mute the underlying misconfiguration, issue, or identity risk for the impacted resources.
For example, the CSM Misconfigurations rule ‘Block Public Access’ feature is enabled for S3 bucket evaluates whether an S3 bucket is publicly accessible. If you have an S3 bucket with static assets that are meant to be publicly shared, you can mute the misconfiguration for the S3 bucket.
Note: Muting a misconfiguration removes it from the calculation of your posture score.
- On the misconfiguration, issue, or identity risk side panel, select one or more resources.
- Select Actions > Mute for….
- Select a reason for the mute, for example, a fix is pending, it’s a false positive, or it’s an accepted risk.
- Enter an optional Description.
- Select the duration of the mute.
- Click Mute.
Unmute an issue
Muted issues automatically unmute after the specified mute duration expires. You can also manually unmute an issue.
- On the misconfiguration, issue, or identity risk side panel, select the resources with the muted issue.
- Select Actions > Unmute.
- Select a reason for the unmute, for example, there’s no pending fix, it was a human error, or it’s no longer an accepted risk.
- Enter an optional Description.
- Click Unmute.
Audit your muted issues
To view your organization’s muted issues:
- Sort by the Muted column on the Security Inbox and Misconfigurations issue explorer.
- Filter the Security Inbox, Misconfigurations, and Identity Risks issue explorer using the Muted facet.
To audit the mute history for a misconfiguration:
- Open the misconfiguration side panel.
- Select the resource with the muted misconfiguration.
- On the Overview tab, use the Resource evaluation over time timeline to view when the misconfiguration was muted or unmuted over a specified period of time (up to six months).
- Click the Timeline tab to view a chronological history of the misconfiguration. Hover over a mute or unmute action to view additional details, such as the reason for the mute, how long the mute is intended to last, and who muted it.
Further reading