How can we help?
Table of Contents
< All Topics
Print

Vulnerability Management Policies

Enable (Tool) Vulnerability Scan

Risk: Critical

Target: EC2

Compliance:

Description
Scanning EC2 instances monthly using the <Tool> Vulnerability Assessment is important for understanding and managing security risks on your cloud infrastructure. The tool can help identify vulnerabilities in software, configurations, and networking components, which malicious actors can exploit to gain unauthorized access to your systems or data.
By scanning your EC2 instances regularly, you can discover and promptly address any potential security threats. This helps to ensure that the security of your cloud environment is top-notch and that your data is safe and secure.

Resolution:

(Tool) = Qualys: Securing Amazon Web Services with Qualys

(Tool) = Tenable: Creating a Vulnerability Management Scan

(Tool) = CrowdStrike: CrowdStrike Vulnerability Management

(Tool) = Rapid7: Setting up an InsightVM Scan

(Tool) = Aqua: Setting up a container scan

(Tool) Found Critical Vulnerabilities

Risk: Critical

Target: EC2

Compliance:

Description
Critical vulnerability could allow attackers to access the underlying operating system, resources, and data. To prevent the Critical vulnerability from affecting EC2 instances, update the firmware, disable the Management Engine if necessary, implement access controls and security policies, monitor the instance for suspicious activity, and use strong authentication measures.

Resolution

(Tool) = Qualys: Securing Amazon Web Services with Qualys

(Tool) = Tenable: Creating a Vulnerability Management Scan

(Tool) = CrowdStrike: CrowdStrike Vulnerability Management

(Tool) = Rapid7: Setting up an InsightVM Scan

(Tool) = Aqua: Setting up a container scan

(Tool) Found High Vulnerabilities

Risk: High

Target: EC2

Compliance:

Description:
High vulnerability could allow attackers to access the underlying operating system, resources, and data. To prevent the High vulnerability from affecting EC2 instances, update the firmware, disable the Management Engine if necessary, implement access controls and security policies, monitor the instance for suspicious activity, and use strong authentication measures.

Resolution:

(Tool) = Qualys: Securing Amazon Web Services with Qualys

(Tool) = Tenable: Creating a Vulnerability Management Scan

(Tool) = CrowdStrike: CrowdStrike Vulnerability Management

(Tool) = Rapid7: Setting up an InsightVM Scan

(Tool) = Aqua: Setting up a container scan

(Tool) Found Medium Vulnerabilities

Risk: Medium

Target: EC2

Compliance:

Description:
Medium vulnerability can enable attackers to gain control of a target system and affects EC2 instances with Intel processors with Intel Management Engine firmware. To prevent the Medium vulnerability from affecting EC2 instances, update the firmware, disable the Management Engine if necessary, implement access controls and security policies, monitor the instance for suspicious activity, and use strong authentication measures.

Resolution:

(Tool) = Qualys: Securing Amazon Web Services with Qualys

(Tool) = Tenable: Creating a Vulnerability Management Scan

(Tool) = CrowdStrike: CrowdStrike Vulnerability Management

(Tool) = Rapid7: Setting up an InsightVM Scan

(Tool) = Aqua: Setting up a container scan