VOOZH about

URL: https://docs.datadoghq.com/security/cloud_security_management/misconfigurations/findings/

⇱ Explore Misconfigurations

For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/cloud_security_management/misconfigurations/findings.md. A documentation index is available at /llms.txt.

The Cloud Security Misconfigurations Findings page allows you to:

  • Review the detailed configuration of a resource.
  • Review the compliance rules applied to your resources by Cloud Security Misconfigurations.
  • Review tags for more context about who owns the resource and where it resides in your environment.
  • Read descriptions and guidelines based on industry resources for remediating a misconfigured resource.
  • Use the time selector to explore your security configuration posture at any point in the past.

In addition to reviewing and responding to misconfigurations, you can set notifications for failed misconfigurations, and configure signals to correlate and triage misconfigurations in the same view as real-time threats generated by Cloud SIEM and Workload Protection. This enables you to accelerate investigations, as the root causes for many of today’s cloud breaches are misconfigured services that have been exploited by attackers.

Misconfigurations

A misconfiguration is the primary primitive for a rule evaluation against a resource. Every time a resource is evaluated against a rule, a misconfiguration is generated with a Pass or Fail status. Resources are evaluated in increments between 15 minutes and four hours (depending on type). Datadog generates new misconfigurations as soon as a scan is completed, and stores a complete history of all misconfigurations for the past 15 months so they are available in case of an investigation or audit.

Explore your cloud misconfigurations

Misconfigurations are displayed on the Misconfigurations Findings page.

  • Aggregate misconfigurations by rule using the Group by filters and query search bar. For example, filtering by evaluation:fail narrows the list to all compliance rules that have issues that need to be addressed.
    • Group misconfigurations by any facet, custom property, or tag (or None to view misconfigurations individually), so you can find patterns of failed misconfigurations and prioritize your remediation efforts accordingly.
  • Hover over Views, then select an existing view to apply, or click Save as new view to use your explorer settings again in the future.

You can click View All to view a complete list of resources affected by a misconfiguration, or click a resource to view additional information about the misconfiguration and suggested remediation steps.

Further reading