You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/faq-cspm.yml
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -19,13 +19,13 @@ sections:
19
19
- question: |
20
20
If I address only three out of four recommendations in a security control, will my secure score change?
21
21
answer: |
22
-
No. It won't change until you remediate all of the recommendations for a single resource. To get the maximum score for a control, you must remediate all recommendations for all resources.
22
+
No. It doesn't change until you remediate all of the recommendations for a single resource. To get the maximum score for a control, you must remediate all recommendations for all resources.
23
23
24
24
25
25
- question: |
26
26
If a security control offers me zero points towards my secure score, should I ignore it?
27
27
answer: |
28
-
In some cases, you'll see a control max score greater than zero, but the impact is zero. When the incremental score for fixing resources is negligible, it's rounded to zero. Don't ignore these recommendations because they still bring security improvements. The only exception is the "Additional Best Practice" control. Remediating these recommendations won't increase your score, but it will enhance your overall security.
28
+
In some cases, you'll see a control max score greater than zero, but the impact is zero. When the incremental score for fixing resources is negligible, it's rounded to zero. Don't ignore these recommendations because they still bring security improvements. The only exception is the "Additional Best Practice" control. Remediating these recommendations doesn't increase your score, but it enhances your overall security.
29
29
30
30
- question: |
31
31
How does scanning affect the instances?
@@ -40,7 +40,7 @@ sections:
40
40
41
41
| Cloud provider | Changes |
42
42
|---------|---------|
43
-
| Azure | - Adds a “VM Scanner Operator” role assignment<br>- Adds a “vmScanners” resource with the relevant configurations used to manage the scanning process |
43
+
| Azure | - Adds a "VM Scanner Operator" role assignment<br>- Adds a "vmScanners" resource with the relevant configurations used to manage the scanning process |
44
44
| AWS | - Adds role assignment<br>- Adds authorized audience to OpenIDConnect provider<br>- Snapshots are created next to the scanned volumes, in the same account, during the scan (typically for a few minutes) |
45
45
| GCP | - Adds a role assignment |
46
46
@@ -52,7 +52,7 @@ sections:
52
52
- question: |
53
53
Can I calculate the secure score at the resource group level?
54
54
answer: |
55
-
Secure score is calculated per Azure subscription, AWS account or GCP project. You can also view the secure score within the management scope such as Azure management group, AWS management account or GCP organization. There's no secure score per resource group.
55
+
Secure score is calculated per Azure subscription, AWS account, or GCP project. You can also view the secure score within the management scope such as Azure management group, AWS management account, or GCP organization. There's no secure score per resource group.
0 commit comments