CSPM

Cloud Security Posture Management (CSPM) continuously monitors and evaluates the security configuration of your cloud infrastructure — identifying misconfigurations, compliance violations, and exposure risks across AWS, Azure, and GCP environments before they are exploited.

OpsMx Delivery Shield integrates ScoutSuite with Cloud Custodian to perform comprehensive Cloud Security Posture Management. This enables security scanning of public cloud infrastructure, ensuring compliance and risk mitigation.

CSPM refers to the tools and practices designed to help organizations secure their cloud environments by managing and enhancing the security posture of cloud infrastructure, services, and configurations. The goal is to identify and remediate potential security risks, misconfigurations, and vulnerabilities in cloud environments. Activities include Identity and Access Management (IAM) analysis, continuous monitoring, and compliance management.

How CSPM Works in OpsMx Delivery Shield

ScoutSuite integration with Cloud Custodian performs comprehensive cloud security posture scans across your public cloud infrastructure. Vulnerabilities identified through CSPM policies can be added to the exception list, preventing them from generating repeated alerts. OpsMX

The CSPM workflow in Delivery Shield:

Cloud Account Connected (AWS / Azure / GCP)
              ↓
ScoutSuite scans cloud resources and configurations
              ↓
Cloud Custodian evaluates findings against security policies
              ↓
Results appear in the CSPM Analysis page with:
  ├── Resource-level findings by severity
  ├── Context graphs showing affected services
  ├── Preset remediations per alert type
  └── Export-ready reports (CSV / JSON)
              ↓
Alerts routed to JIRA / Slack / Email for remediation tracking
              ↓
Exceptions managed within Delivery Shield — tracked & time-bound

Supported Cloud Platforms

Cloud Provider

Coverage

Amazon Web Services (AWS)

EC2, S3, RDS, IAM, VPC, CloudTrail, Lambda, EKS, ECS, and more

Microsoft Azure

Storage, Virtual Machines, IAM, Network Security Groups, Key Vault, AKS

Google Cloud Platform (GCP)

Compute Engine, GCS, IAM, GKE, Cloud SQL, BigQuery

Supported Tools

Tool

Role

ScoutSuite

Multi-cloud security auditing — scans cloud account configurations and generates structured findings across all major cloud providers

Cloud Custodian

Policy-as-code enforcement engine — evaluates ScoutSuite findings against defined security policies and triggers actions (alert, block, remediate)

Setting Up CSPM in Delivery Shield

Navigate to Setup → Integrations in Delivery Shield
In the Cloud Security panel, select your cloud provider — AWS, Azure, or GCP
Connect the cloud account using read-access credentials (IAM role for AWS, Service Principal for Azure, Service Account for GCP)
Configure ScoutSuite with the connected account and set a scan schedule (daily, weekly, or on-demand)
Define Cloud Custodian security policies — use pre-packaged CIS/NIST rules or define custom rules
Enable notifications — route CSPM alerts to Slack, Email, or Jira
View results in the CSPM Analysis page and Context Graph within Delivery Shield

Viewing CSPM Results in Delivery Shield

CSPM findings are surfaced in the following locations within Delivery Shield:

CSPM Analysis page — full findings list organized by severity, resource type, cloud account, and region; filterable and exportable in CSV or JSON
Cloud Security section — entry point with direct redirect to the CSPM Analysis page
Context Graph — visual mapping of affected cloud resources, their connections, and impact radius
View Open Security Issues page — CSPM findings listed alongside application-level vulnerabilities for unified risk view
Artifact pages — CSPM findings tied to specific deployed services and artifacts

PreviousCloud Security NextIaC Scanning

Last updated 1 month ago