Cloud BPA is Best Practice Assessment which includes the scanning of the Vulnerabilities within the AWS and Azure Cloud. SP360 scans the Vulnerabilities on a frequent basis and prioritizes the patching process. In order to perform Best Practice Assessment we need Read Only Access to your Azure Account or to your AWS Account.
In case of Azure Account please make sure the account which you are going to use has access to Advisor and all required subscription on which you want to perform Best Practice Assessment
In case of AWS in order to create the Read Only Account that we need, you can either create an IAM user with these required permissions or you can use the Cloud formation Script which on clicking the button will be added to your AWS Account. After that you need to create the Access Key and Secret Key for the user you created. By clicking this you will be navigated to AWS Cloud formation page which will help you create a Read Only Access. Once IAM User is created you can create access key which will be used to perform the BPA.
SP360 will scan the vulnerabilities with respect to each Account ID and displays the details (shown below) segmented as:
- ID
- Connected By
- Connection Type
- Account ID
- Status
- Vulnerability Count
- New Vulnerabilities
Every ID has two available action buttons as indicated by the icon on the right side of each line:
| Icons | Definition |
|---|---|
 |
This icon will redirect you to the VULNERABITIES page, where you can get the list of all vulnerabilities for that specific Account ID. |
 |
This icon will show the additional details related to each specific vulnerability, in a popup window. Information such as the location of the vulnerability and a potential remediation. |