This guide will help you set up your Aqua Wave account, onboard your cloud infrastructure, and then get more from your investment. We will walk through the process of configuring your Aqua Wave account, setting up proper security standards for access, connecting cloud IaaS accounts, and effectively managing Aqua's Cloud Security Posture Management (CSPM) tool.


TABLE OF CONTENTS


Create An Aqua Wave Account

After reading the Aqua Wave overview, the next step is to create an Aqua Wave account at https://cloud.aquasec.com


Connect Your Cloud Accounts to Aqua Wave

  1. Get a single pane of glass into all of your cloud infrastructure by adding all of your cloud accounts {Account, Subscription, Project, Compartment} to your Wave account.
    For your security, Aqua Wave requires visibility into configurations and not the content within your cloud infrastructure.
  2. Optional: To limit visibility and maintain organization, create groups, and put the cloud accounts into the appropriate group.
    A Cloud Account can only be in one group at a time. To change groups follow these steps.
  3. Optionally, add tags to cloud accounts in the console in order to improve organization and simplify searches for said infrastructure.


Customize Cloud Account Scanning

  1. Make sure that cloud accounts are being scanned automatically.
  2. Optional: Change when and the frequency with which a cloud account is scanned.
  3. Optional: Suppress scan results.
  4. Optional: Perform an on-demand scan.
  5. Optional: Perform a Live Run scan (i.e. scan using a single plug-in).


Access Scan Reports

Aqua Wave CSPM scan reports are run periodically and provide details about the security posture of your infrastructure. Read our overview of scan reports here.


Add Teammates

  1. Add everyone who may need visibility or administrative access to this "pane of glass" to your Wave account.
  2. To limit visibility and maintain organization, create groups, and then grant members permissions in that group.


Set Up Single Sign-On

Implement Single Sign-On (SSO) if it is available.

Once SSO is in place, we highly recommend limiting logins via SAML to prevent users from signing up with password-based logins.


Set Up Real-Time Event Monitoring

Aqua Wave's Events is a real-time API auditing service for control-plane level activity within cloud accounts. It analyzes each supported API call for violations of security best practices, as well as potential compromises or malicious activity.


Integrate Into Your Ecosystem

Deliver the desired results to the appropriate recipients via the available integrations. The recipients can take appropriate actions, including logging into the console for more information.

  1. Configure integrations to receive scan alerts.
  2. Configure integration to receive scan reports.


Add Compliance Analysis

Compliance scans work by defining the security controls required by the program and then mapping plugins to that control.

  1. Review the supported compliance programs and access their reports from the "Scan Reports" page (click into a report and select the "Compliance" tab).
  2. Create a custom compliance report since controls for compliance programs are often much larger than what CSPM can see.


Set Up Remediations

Aqua Wave CSPM is designed to help you surface and fix security risks in your cloud environments as quickly as possible. While the information in a finding and the hyperlinks therein are useful, and our integrations and APIs efficiently create awareness, automated remediation is an additional option. Remediations help you fix security risks in your cloud accounts without having to develop complex scripts, deploy error-prone templates, or make risky changes manually. They have two methods of being initiated.


Use the Additional Tools

Get familiar with the additional tools that are part of the offering.


Secure Infrastructure As Code (IaC)

The IaC scanning tool is entirely separate from the traditional scanning model. It performs local static analysis on the following provided templates to help detect security risks before they are introduced into the account.

They can be uploaded via the UI or via the API.


Visualize Resources

Get a visualization of file storage in order to find security concerns with the following infrastructure.


View Organizational Reports

Organization-wide reports allow you to aggregate scan results into a single report.


Access Your Cloud Account Event History

See recent entries in the audit log of changes in configurations of your cloud infrastructure.


Scan Container Images

Image Scanning detects and mitigates known and unknown risks in your container images.

  • Vulnerability Scanning (VS) detects known vulnerabilities (CVEs) in your container images.
  • Dynamic Threat Analysis (DTA) detects unknown and evasive threats by running the container images in an isolated environment that monitors behavioral patterns and detects Indicators Of Compromise (IOC).

Connect your container registries to enable scanning.


Access Via API

The Aqua Wave API can also be used by generating an API key from the console.

Set access control limitations for API users.


Administer Your Account