Skip to main content

Getting started

Once you have enrolled in the GravityZone Cloud Security early access program, the feature will be made available to you via access through your GravityZone Control Center console.

For more information on Early Access, refer to this KB article.

The initial setup

Tip

Before setting up your scan groups, we recommend reading the FAQ, where we answer the some of the most frequent questions and provide best practices.

Add a new scan group

You can use scan groups to organize your cloud accounts and arrange them into easily manageable groups.

Depending on your business needs, you might want to create multiple scan groups. For the purpose of this guide, we will get your started on creating your first group and integrating one of your cloud accounts.

To create a new scan group, follow the steps below:

  1. Go to the Configuration > Scan Configuration page.

  2. Click the Create New Scan Group button on the upper right side of the page.

    The Scan configuration window will be displayed.

  3. Under Scan Group Name, type in a descriptive name for the group.

  4. Under Description, type in an explanatory text so you or other users can easily determine the purpose of the group.

  5. Click Save Changes.

    CSPM_scan_group_add_save_425527_en.png

    The scan group is created and a list of compatible cloud account types are displayed.

    CSPM_scan_group_add_finished_425527_en.png
  6. Select one of the cloud account types and follow the steps until the integration is complete. You can find integration guides for all supported cloud accounts under Onboarding guides.

The cloud account is now part of the scan group. It will be scanned depending on the frequency assigned to the group. You can view the account by going to the Scan Configuration page and clicking on the the group name under the Scan Group column to expand it.

Note

For more information on working with scan groups refer to Scan configuration.

Add additional cloud accounts to the scan group

Picking up from the end of the Add a new scan group procedure, follow the steps below:

  1. Go to the Scan Configuration page.

  2. Click the Edit button on the right side of the scan group you want to add the cloud account to.

    CSPM_scan_group_edit_button_425527_en.png

    The Scan Group Details window will be displayed.

  3. Click the Add account button on the upper right side of the window.

  4. Select one of the cloud account types and follow the steps until the integration is complete. You can find integration guides for all supported cloud accounts under Onboard accounts. Onboard accounts

The cloud account is now part of the scan group. It will be scanned depending on the frequency assigned to the group. You can view the account by going to the Configuration page, and clicking on the the group name under the Scan Group column to expand it.

Finish onboarding and organizing your inventory

Repeat the procedures above until you have all your cloud accounts onboarded and organized into scan groups.

Note

For more information on scan groups refer to this KB article.

You can check out our FAQ for common questions and best practices.

Set up your integrations

To fully take advantage of the benefits of your GravityZone Cloud Security console, follow these integration guides to connect with other tools your company is using:

Review the data

Now that you have everything set up, it's time to have a look at your overall situation in terms of compliance with security standards.

Set up notifications

You can customize GravityZone Cloud Security to send you notifications for specific findings for each of your scan groups:

Tip

This feature requires an integration with Slack.

  1. Go to the Scan Configuration page.

  2. Click the Edit button on the right side of the scan group you want to add the cloud account to.

    CSPM_scan_group_edit_button_425527_en.png

    The Scan Group Details window will be displayed.

  3. Under the Notification Configuration section, configure the following settings:

    • Select Finding's Severity - Notifications are sent only for findings of the selected severity or higher.

    • Send Notifications to - Select the Slack channel where you want automated notifications to be sent.

The cloud account is now part of the scan group. It will be scanned depending on the frequency assigned to the group. You can view the account by going to the Configuration page, and clicking on the the group name under the Scan Group column to expand it.