On the Incidents page you can:
- View Incidents
- Filter Incidents
- Open the Resource Explorer
- Download a CSV report
In the right panel you will see:
- A short description of the relevant Policy, its name and ID
- The number of Resources with this misconfiguration
- Bridgecrew Policy ID
- A list of all affected Resources (under Errors).
- Under Suppressed or Remediated you can see details about previous Suppressions or Remediations for this Policy.
- Under Guidelines you will see an explanation of the relevant Policy and, in some cases, manual steps that can be taken to Remediate the Incident.
You can filter the Incidents list by:
- Type: All, Violation, Insight, Alert
- Status: Open, Closed, Suppressed, Remediated
- Severity: All, Critical, High, Medium, Low, Info
- Benchmark: for example, HIPAA, PCI, SOC2, etc. (see Benchmark Compliance Reports)
- Category: for example, IAM, Networking, Storage, etc.
- Custom Policies: Yes or No
- Source type: All, Accounts (CSP accounts), Repositories (VCS) and Clusters (Kubernetes entities)
- Source: the ID of a specific Provider account, repository, cluster or project
You can save the filter settings as default.
For deeper analysis, you can press a Resource to open the Resource Explorer. See Resource Explorer.
To download an Incident report in a CSV file press the down arrow at the top of the Incidents page.
The CSV file includes a list of Incidents (not an Industry report) that includes:
- Incident Type
- Violation ID
- Custom Policy – y/n
- Source ID
- URL of the specific Incident
Sample of a Bridgecrew CSV report:
Updated 5 days ago