The Summary page provides high-level compliance details based on findings throughout your cloud footprint. It's a quick way to filter your data and visualize the status of your infrastructure's most important characteristics. The Summary page opens by default when you first log in and is available from the main navigation.
The FAQ below offers overview information about content offered on the Summary page. If you have questions or concerns we don't address here, reach out to us through the Customer Support Portal.
When is the data collected?
The data that displays is collected at the end of the previous day.
For example, your Daily Summary may say "Daily Summary (end of day - Tuesday, May 11, 2021)" to indicate that the data you are viewing is data collected on the 11th of May, 2021.
What is my Compliance Score? How is that calculated?
The Compliance Score is calculated by the number of resources scanned, relative to the number of applicable checks (or Insights) in the Insight Pack. There is no weighting associated with the checks and they are all treated as equal relative to the calculation of the score.
The percentage (e.g., 47%) is based on the data from yesterday compared to the day before yesterday, for a day-to-day data comparison.
Note: the Compliance Score will update to reflect the Insight Pack/Query Filters you select.
Example Compliance Score calculation
You have 100 S3 buckets and the selected Insight Pack has ten checks that focus on S3. Of those checks, there are 10 buckets failing three of the ten checks:
- The number of checks that would be executed during the scan would be 1,000 (100 * 10)
- The number of failed checks (findings) would be 30 (3 * 10) -- the number of passed checks is 70 (7 * 10).
- The Compliance Score for the daily run would be 97% (1 - (30 / 1000)) = 0.97)
- This logic extends across multiple resource types so that checks in the pack only count as successful or unsuccessful depending on whether the resource type exists.
- The formula, put more simply, looks like this:
1 - (number of findings / total number of tests).
What is a Finding?
The term "finding" indicates a single Insight check against a resource. If the resource matches any Query Filter included in the Insight, it is counted as a "finding". A single resource may be valid for multiple Insights, and as a result, may have multiple "findings".
How do I view the latest results? What happens when I select "View Latest Results"?
Selecting the "View Latest Results" option under the Overall Compliance section navigates to the Compliance Scorecard using the Filters applied on the Summary page.
Selecting the “View Latest Results” option under an individual Severity navigates to the Compliance Scorecard using the filters applied on the Summary and filtered for the selected severity (e.g., Critical, Severe, etc.)
First-Time User Display
When InsightCloudSec is first installed, the Summary displays are blank. You will need to complete your Cloud Account Setup and initiate data harvesting before the Summary page can display data.
The top of the Summary provides a daily summary (with data compiled at the end of the previous day). You can select the scope for the data you would like to display. The available filters are:
- A drop-down menu of Insight Packs, including Compliance Packs or Custom Packs unique to your Organization
- A drop-down menu for cloud types, e.g., AWS, Azure, etc., you would like to filter for
- A drop-down for badges you would like to apply (along with a checkbox to enforce the inclusion of all badges)
- A drop-down menu of cloud accounts
Using the Filters
You must select an Insight Pack first to enable the other options (Badges & Clouds).
Changing the filtering criteria activates the "Submit" button, which, when selected, updates the displays.
Check out the FAQ above for details on the Compliance Score, Findings, and Viewing Latest Results.
This area of the Summary provides a number of compliance scores over a specific range of time. Users can select a starting point and ending point (date range). The available data includes the previous 180 days or the start date for data collection, whichever is greater.
- Note that the data here will still be based on the filters selected at the top of the page (Compliance Pack, Badges, Clouds).
Changing the date values for "Trends Over Time" will update the displays related to compliance over time, including:
- Compliance Score: Displays a percentage-based compliance score over time for the specified duration. This display can be filtered to display data for a specific severity.
- Insight Findings: Displays the trends for the number of findings by severity over time for Insights.
- Hovering over a single data point provides specific data on the exact date and number of applicable findings.
- Insight Counts: Displays the number of unique findings for the Insights over time, including designations (differentiated by color) between Custom Insights, Core Insights, and Exemptions.
- Cloud Accounts: Displays the number of cloud accounts over time, color-coded by cloud service provider.
This area of the Summary allows users to specify and view details for favorite Insights. This includes the Insight severity, name, description, findings, Bot count, and action (this navigates to the Insight Report page so you can view details for the selected Insight).
- Selecting the number under "Findings" navigates to a filtered view of the Resources that apply to the selected Insight.
- Selecting the number under "Bot Count" navigates to a Bot Listing page with all of the Bots created that apply to the selected Insight.
- Selecting the Insight's name navigates to the Insight Report page for the Insight.
Updated 5 months ago