Skip to main content

Cross4Security

Cross4Security leverages established benchmarks to thoroughly scan your provider accounts and assets. By adhering to these benchmark rules, it identifies vulnerabilities and assesses the overall security posture of your accounts. This comprehensive analysis enables you to understand potential security gaps and take informed actions to enhance your cloud environment's safety and resilience. Additionally, by following the provided remediation steps, you can improve the security status of your account.

Security Score

Can't see security score data.

For the providers you've configured, we run benchmarks automatically every day to scan your assets based on these benchmark rules. If you are unable to see any data related to the security score, :

  • All benchmarks are automatically run for the accounts in the system at a specific time each day. Depending on the time you're checking, the benchmark rules may not have been run for your account yet. you can manually run the desired benchmarks by following the instructions here.
  • You can select the previous day's date to access data from earlier runs, or if preferred,

Security Score Not Updating After Remediation Fixes

If you've applied remediation steps but noticed that your security score hasn't changed, the issue might be that the relevant benchmarks haven't been rerun, so the score is still reflecting the old values.

To resolve this, check the Last Run date on the security dashboard. If it shows a date before or same you applied the remediations, we recommend running the benchmarks again. Follow the instructions provided here to manually rerun the benchmarks and update your security score accordingly.

Inventory

Discrepancies in Finding/Issues Counts

In the Inventory Asset view, each finding is unique. However, in the Benchmark view, the same finding might appear under different controls, which can result in a higher count of findings in the Benchmark view compared to the Asset view. For instance, if an EC2 instance is scanned by both CIS Version 2 and CIS Version 3 for the same vulnerability, it will show up as two findings in the Benchmark view but just one in the Asset view.

Therefore, the number of findings may differ. However, if there is a significant difference, please contact us.

CSV file export error.

If you're unable to download the CSV file from the Inventory page, here are some possible reasons:

  • Browser Issues: The user's browser might have settings or extensions that are blocking the download, such as pop-up blockers or security settings that prevent file downloads. Check your browser settings to ensure that file downloads are allowed. Disable any extensions that might be blocking the download, such as pop-up blockers or ad blockers. You can also try using a different browser to see if the issue persists

  • Server Issues: There might be a temporary issue with the server or platform that is preventing the file from being generated or downloaded. Wait a few minutes and try downloading the file again.

  • Downloaded file path: he file was downloaded successfully, but it may have been saved to an unexpected location on your device, making it difficult to find. Check your browser's download settings to see where files are being saved by default. You can often find this by looking at the "Downloads" or "Save As" settings in your browser.

Configuration

Security Service is not configured.

If you have been invited to a tenant as a developer, you may not have access to tenant-specific services that have not been configured by the tenant administrator. To resolve this, please contact the tenant administrator and ask them to configure the security service. If you believe the issue is something else, please reach out to us for further assistance.

Service configuration credentials error.

You are encountering this error likely because the credentials required to use our services were either not properly assigned the necessary permissions or were incorrectly configured. To resolve this, please visit the Getting Credentials page and the relevant section of the security service documentation, and ensure that you have followed the steps correctly.

Another possible reason for this error is that the service provider for which you're attempting to configure settings in your Cross4Cloud account hasn't been properly managed within your account. To fix this issue, follow these steps:

  1. By clicking the icon on the right top, go to your account settings.

  2. Select Service Configuration from the navigation menu.

  3. Go to the ID Management tab.

  4. On this page, check if the necessary ID information for the provider you are trying to configure has been entered. If you haven't filled in this information, please follow the instructions here to provide the required details.

warning

Even if you have entered the ID information for the relevant provider, the credentials you are using might not belong to the account associated with this ID. Please check the ID information and ensure that your credentials match the correct account.