Findings Explorer

Findings Explorer

Cloud Security Posture Management is currently in public beta.
Cloud Security Posture Management is not currently available in US1-FED, US3, or EU.

Overview

The Findings Explorer allows you to:

  • Review the detailed configuration of a resource
  • Review the rules applied to your resources by CSPM
  • Review tags for more context about who owns the resource and where it resides in your environment
  • Read descriptions and guidelines based on industry resources for remediating a misconfigured resource
  • Use the “time selector” to explore your security configuration posture at any point in the past.

Findings

A finding is the primary primitive for a rule evaluation against a resource. Every time a resource is evaluated against a rule, a finding is generated with a Pass or Fail status. Resources are evaluated in increments between 15 minutes and four hours (depending on type). Datadog generates new findings as soon as a new scan is completed, and stores a complete history of all findings for the past 15 months so they are available in case of an investigation or audit.

Clicking on an individual finding that has failed to see details about the misconfigured resource, the rule description, its framework or industry benchmark mapping, and suggested remediation steps.

Aggregate findings by rule using the query search bar. This view shows a checklist of all of the rules that Datadog scans. Filtering by evaluation:fail status narrows the list to all rules that have issues that need to be addressed. The side panel shows details of each resource that has been evaluated by the rule.

The side panel shows details of each resource that has been evaluated by the rule.

Findings can also be aggregated by resource to rank order resources that have failed the most rule evaluations so you can prioritize remediation.

The side panel lists rules that were evaluated against the resource, some of which you may choose to be addressed to improve your security configuration posture.

Further reading