Cloud Security Management Identity Risks
Cloud Security Management is not supported for your selected
Datadog site (
).
CSM Identity Risks is in beta.
Cloud Security Management Identity Risks (CSM Identity Risks) provides in-depth visibility into your organization’s IAM risks. It enables you to detect and resolve identity risks on an ongoing basis to secure your cloud infrastructure from IAM-based attacks.
At this time, CSM Identity Risks is available for AWS only.
Setup
To use CSM Identity Risks, you must enable resource collection for AWS and enable CloudTrail logs forwarding. If you’ve already done this, no additional setup is required.
Note: If you’ve enabled Cloud Security Management Misconfigurations for your AWS accounts, you already have cloud resource collection enabled. Similarly, if you use Cloud SIEM, you already have CloudTrail logs forwarding enabled.
Review your organization’s active identity risks on the Identity Risks page. Use the Group by options to filter by Identity Risks, Resources, or None (individual identity risks). View additional details on the side panel.
On the side panel, you can review the configuration of the resource on the Resource tab.
Click Fix in AWS to open the AWS console to remediate the identity risk. You can also use the Insights tab to get additional insights about the identity risk (for example, the permissions provisioned on the resource and whether they were used in the last 15 days).
Further Reading
Additional helpful documentation, links, and articles: