Skip to main content
McAfee Enterprise MVISION Cloud

Automatic Scanning for Vulnerable S3 Buckets and Azure Blobs

You can configure certain Configuration Policies to automatically trigger an On-Demand Scan for publicly vulnerable resources violations in both AWS and Azure. It is critical to scan publicly vulnerable resources for confidential data. You can send results of the On-Demand Scan to anyone in your organization.

You can configure automatic scans for the following policies:

  • AWS Unrestricted Access to S3 Bucket
  • AWS World Readable S3 Buckets
  • AWS Publicly Writable S3 Buckets
  • Azure World Readable Azure Blob Storage Containers

To configure automatic scanning:

  1. Go to Policy > Configuration Audit. 
  2. To the right of the policy you'd like to configure, select Actions > Edit. 
  3. In the Review and Activate screen, under Responses, select Edit.

    Config Audit Edit Responses.png
     
  4. To add another Response to the policy, click +.

    generate incident.png
     
  5.  Select Scan Unsecured Resources. This adds the response action to run an On-Demand Scan whenever a violation of the policy occurs.

    Scan Unsecured Resources.png
     
  6. Click Select Policy. This displays a list of existing On-Demand Scans.
  7. Apply the response to the desired policy then select Done.

    select policy - done.png
     
  8. Verify that the desired policy is listed as shown then select Next.
    response for s3 buckets.png
     
  9. From the following screen, verify the response then select Done.

    responses-Done.png
  • Was this article helpful?