FAQ

What do plugin severity rankings mean
Aqua CSPM assigns a default severity ranking to each plugin that reflects our interpretation of the plugin's risk to the cloud account and its likeliho...
Fri, 28 May, 2021 at 1:49 AM
How often are new plugins released
New plugins are released on a periodic basis as new security controls are added by the CSPM team for existing or new cloud provider services. For example, a...
Thu, 8 Oct, 2020 at 7:54 AM
How often are alerts sent
Alerts are sent once per scan each time they are triggered. This means that if you configure an alert to trigger if SSH ports are open, for example, and the...
Wed, 12 Aug, 2020 at 9:22 AM
What is CSPM Real-Time Events
CSPM Events is a real-time API auditing service for control-plane level activity within cloud IaaS accounts. Currently, Events supports AWS API activity via...
Wed, 12 Aug, 2020 at 9:22 AM
How long does CSPM store my events
CSPM will store Events for 450 days unless otherwise pre-arranged via contract. You can request that we delete events at any time, in which case they will b...
Wed, 12 Aug, 2020 at 9:22 AM
Does CSPM Events cost extra
Events are available with all Aqua Enterprise Plans. If you enabled Events via CloudWatch Events: AWS will charge you for SNS endpoints ($0.50/regio...
Fri, 28 May, 2021 at 1:50 AM
How is CSPM Events different than CloudTrail or ConfigService
As with all of Aqua's existing products, Events is designed to work in tandem with AWS-provided security solutions. CSPM Events uses AWS CloudWatch Eve...
Fri, 28 May, 2021 at 1:50 AM
How can I control which events are sent to CSPM
If you use the "CloudWatch Events" connection method, you can override the events post-deployment by: Navigate to the "CloudWatch Events...
Wed, 12 Aug, 2020 at 9:22 AM
Why do I need to deploy Events into each AWS region
CloudWatch Events is a regional service, and must be configured in each region (either by launching our CloudFormation template in each region or using AWS ...
Wed, 12 Aug, 2020 at 9:22 AM
What is the difference between a compliance program, control, mapping, and finding
A compliance program (e.g. PCI or HIPAA) has controls (e.g. “Ensure encryption is enabled”) which contain mappings to CSPM plugins (e.g. “EBS Volume Encrypt...
Wed, 12 Aug, 2020 at 9:22 AM