This post was originally published here by leslie devlin.
Building off our first configuration security monitoring (CSM) tutorial, today we’re diving into how to run a CSM scan in the Halo interface and examine the results.
If you followed the above link, you will notice that our previous explainer video showed you how to clone a CSM policy from a template and apply it to a workload group. I used my engineering workload as an example, showing that all the servers in the engineering group and its subgroups will run CSM scans using that policy.
In the video below, I’ve provided step by step instructions on how to set up and run a CSM scan, and how to filter and customize your scans by type.
It’s important to note that for each module Halo can perform automatic scans run by the scheduler on a periodic basis, and manual scans that are requested by a user. Automated scans will show in the scan list as requested by “scheduler.”
CSM scans are key to helping you maintain visibility in an agile and ever-changing cloud environment. Regular scans provide insight into workloads that could be updated as many as several times a day, depending on the DevOps processes you have at your organization.
Photo:Center for Security Studies