From 27143a8d1798f215c52673f10ff4c3688ce5d5e7 Mon Sep 17 00:00:00 2001 From: Uri Weisman <68195305+uri-weisman@users.noreply.github.com> Date: Fri, 8 Mar 2024 19:53:48 +0200 Subject: [PATCH] Update CSPM docs (#4836) * Update cspm doc Update scam time to 24h * minor addition --------- Co-authored-by: Benjamin Ironside Goldstein Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> (cherry picked from commit d08cf6b1235f5e64bb90c5c9b1470f7684b4a065) --- docs/cloud-native-security/cspm-faq.asciidoc | 2 +- docs/cloud-native-security/cspm.asciidoc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/cloud-native-security/cspm-faq.asciidoc b/docs/cloud-native-security/cspm-faq.asciidoc index 9beb616e77..5e6f4f0a68 100644 --- a/docs/cloud-native-security/cspm-faq.asciidoc +++ b/docs/cloud-native-security/cspm-faq.asciidoc @@ -78,7 +78,7 @@ You can access findings data using the following index patterns: Resources are fetched and evaluated against benchmark rules when a security posture management integration is deployed. After that, the CSPM integration evaluates every 24 hours, and the KSPM integration evaluates every four hours. *Can I configure an integration's fetch cycle?* -No, the four-hour fetch cycle is not configurable. +No, the fetch cycle's timing is not configurable. *Can I contribute to the CSP ruleset?* You can't directly edit benchmark rules. The rules are defined https://github.com/elastic/csp-security-policies[in this repository], where you can raise issues with certain rules. They are written in https://www.openpolicyagent.org/docs/latest/policy-language/[Rego]. diff --git a/docs/cloud-native-security/cspm.asciidoc b/docs/cloud-native-security/cspm.asciidoc index a87bded2d0..1a48a609de 100644 --- a/docs/cloud-native-security/cspm.asciidoc +++ b/docs/cloud-native-security/cspm.asciidoc @@ -17,5 +17,5 @@ This feature currently supports Amazon Web Services (AWS), Google Cloud Platform [[cspm-how-it-works]] == How CSPM works -Using the read-only credentials you will provide during the setup process, it will evaluate the configuration of resources in your environment every 4 hours. +Using the read-only credentials you will provide during the setup process, it will evaluate the configuration of resources in your environment every 24 hours. After each evaluation, the integration sends findings to Elastic. A high-level summary of the findings appears on the <>, and detailed findings appear on the <>.