Review CSPM connection to AWS Live environment

[jon-mc-git]

Describe the Issue Full CSPM connection to AWS Live environment - Evaluation of Data

Additional Context Add any other context, attachments or screenshots

Acceptance Criteria

• Continue from previous Forge and Live environment connections work to Defender CSPM and connect\populate our ECF Live environment
• Review data being generated for Live and ensure the full details of the projects have been populated within Defender CSPM
• Demo results and go over details with Warren for plan of attack on issues
• Create next ticket(s) depending on results

. . . . . . . . . . .

Extra Template Info

Definition of Ready These set of conditions will need to be met in order to bring a ticket into the sprint and start work. Protects the team from unclear requirements. Issues (Task/Story/Spike) aligned to an EPIC and linked appropriately. Assigned to the appropriate CPF MEMBER (and is not left blank in ZenHub) at the start of sprint (1st day of the sprint) Acceptance has been defined for the issue and has been reviewed with CPF team and approved by the necessary approver. Has been sized and estimated by the delivery team. Detailed breakdown of the steps required to complete the story in the additional context Any additional specifications have been documented, reviewed with CPF and approved by the necessary approver.

Acceptance Criteria A set of pre-defined requirement that need to be met in order to mark the user story as “done”. It should be testable with no room for interpretation It should be either “pass” or “fail” It should be clear enough for business stake holders to understand As part of the user story, it should be written from the user perspective A well written acceptance criteria is great for

• managing expectations
• defining scope
• reducing ambiguity
• establishing testing criteria for QA Given (Pre-condition) When (Action) Then (Outcome)

Definition of Done These set of conditions are met for work to be considered as complete on an issue. All acceptance criteria(s) have been validated. All the necessary documentation for the issue has been uploaded to Teams. Functionality has been tested when applicable. Functionality has been demonstrated to the relevant stakeholders (where applicable). Story has been scheduled for a Sprint Demo/community update and impacted teams invited to the Demo. Stories accepted by PO and documented for potential sharing with impacted users.

• Documented = Captured in Community Update (CU) deck
• Release notes = aspirational goal of providing a bulleted list of features and changes that our users can touch. Was going to store them in our Cloud Pathfinder repo. Can also display to users in the CU

[jon-mc-git]

AWS activity from Defender CSPM reads was discovery to be causing some unexpected costs due to Guard Duty actions. Further review will be necessary and will take place after this is unblocked

[ThibaultBC]

@jon-mc-git this is still in blocked after 10 months, has there been any update, can we move this ticket?

[mitovskaol]

@jon-mc-git Please check with Nick if this work is still required, it looks like an old/obsolete ticket that should be closed.

[jon-mc-git]

Ticket was submitted with AWS to have an ability to configure friend vs foe on their sec, to eliminate the unnecessary charges/scanning of this CSPM feed to Defender, so can bring this into the ocio current integrated monitoring. In meantime AWS said they could give credits, or we can remove the redundant/offending security service causing the issue in the next AWS LZA platform - Either way it would require follow up to be pursued. Passing this over to Nick for review