Table of contents

Automate Remediation Of Non Compliant Events To Meet Best Practice Policies

Relevant users

User Role Can Access
Technical Team member
DevOps Team member
Security Analyst
Security Engineer
Compliance Manager
Project Manager
Security Team Management
Consultant

Examples

  • I want to automatically close any S3 buckets which are accidentally made public.
  • I want to ensure my organisation's IAM access keys are not exposed by automatically taking corrective action if an exposed key is found.
  • I want to ensure my organisation always uses Server Side Encryption (SSE) for any resources receiving incoming data.

Trend Micro Cloud One™ – Conformity Solution

Step 1. Determine the account(s) where you want auto-remediation actions to occur.

Step 2. Follow auto-remediation installation instructions to setup auto-remediation on your AWS account(s).

Turn on Conformity’s Real-Time Monitoring (RTM) to utilise auto-remediation in near real-time. More info on RTM.

Step 3. Define the event(s) you would like auto-remediated and configure the function for the event(s) using the auto-remediation documentation.

Once auto-remediation is setup and configured, auto-remediation actions will be triggered after your configured rule failures after each Conformity bot run. For RTM rules, auto-remediation will occur within a 2 minute interval.

Optional: Configure a notification to be triggered and sent to a channel when rules fail.