- Search and click on Inspector from AWS navigation menu.
- Click on the left banner and click Switch to Inspector Classic to be switched to Inspector classic view.
- In the Inspector left navigation pane, click on the Assessment template.
- Click Create to create an Assessment Template.
- In the Name field enter "FortiCWP-Assessment-template".
- In the Target name field choose FortiCWP-Assessment-target.
- Click the Rules packages drop down menu, and choose Common Vulnerabilities and Exposures-1.1.
- Click the Rules packages drop down menu again, and choose Network Reachability-1.1,
- In the Assessment Schedule, click Set up recurring assessment runs once every X days. The default is set to 7 days or choose any date range for the assessment to run.
- Click Create to finish creating assessment template.
After the Assessment Template is created, you may go to Assessment Runs to review CVE findings and history. The CVE findings will be displayed in Asset View.
Click on Preview Target inside the assessment template details, it will show you the Assessment Target Health Status.
Any agent status that is not HEALTHY is reachable through the internet, and FortiCWP will get all the reachable findings and display in Attack Surface View.
|For more details on using Asset View and Attack Surface View after activation, please refer to Asset View and Attack Surface View|
To activate CVE and Network Reachability findings for EC2 instances in other regions, go back to the AWS dashboard, click on your AWS account drop down menu, select another region then repeat the entire tutorial again from creating EC2 role.