Scan your AWS cloud resources for vulnerabilities to help prioritize and remediate issues and proactively identify zero-day exploits.
Agentless Vulnerability & Threat Detection scans your supported AWS cloud resources
to identify security vulnerabilities. Scans occur daily from the time you first enable
the feature for your AWS account. Scan times are not configurable.
Procedure
- Go to and click Add Account.
- Choose CloudFormation as the deployment method and select Single AWS Account.
- Click Next.
- Specify the general information for the account and click Next. For more details, see Adding an AWS account using CloudFormation.The Features and Permissions screen appears.
- In Features and Permissions, enable Agentless Vulnerability & Threat Detection and select the deployment regions.
Note
Selected regions are the regions where Agentless Vulnerability & Threat Detection is deployed, not necessarily the region of your AWS account. You may select multiple deployment regions. - Click Scanner Configuration and enable vulnerability scanning.
- Select the AWS resource types you wish to include in vulnerability scans. All supported resource types are selected by default.
- Click Save Changes and continue configuring the CloudFormation template.
- For AWS accounts that you have already connected in Cloud Accounts:
- Select the AWS account.
- Go to the Stack Update tab.
- In Features and Permissions, enable Agentless Vulnerability & Threat Detection and follow the configuration steps.