1. Docker Security #

Location in Argus: #

Navigate to Security > Cloud Security > Docker.

How to Configure: #

1. Set Up Docker Integration: Go to Cloud Security > Docker > Configuration. Add the required Docker environment variables, such as DOCKER_HOST and DOCKER_CERT_PATH.

2. Enable Monitoring: Activate Docker monitoring by selecting the relevant containers under Cloud Security > Docker > Containers.

3. Set Up Alerts: Define alert rules for container anomalies and configuration changes in Cloud Security > Docker > Alerts.

How to Use: #

• Real-time Monitoring: Monitor your Docker containers for security threats and misconfigurations in the Docker Security Dashboard.

• Incident Response: Investigate alerts for unauthorized access, anomalous behavior, or configuration drift.

• Compliance Checks: Regularly review Docker container compliance using automated checks based on security standards.

2. Amazon Web Services (AWS) Security #

Location in Argus: #

Navigate to Security > Cloud Security > AWS.

How to Configure: #

1. Set Up AWS Integration: In Cloud Security > AWS > Configuration, input your AWS credentials, including access keys and secret keys, and choose the AWS regions to monitor.

2. Enable Services Monitoring: Select the AWS services you want to monitor (such as EC2, S3, RDS) under Cloud Security > AWS > Services.

3. Set Up Alerts: Define rules to monitor specific AWS activity, such as unauthorized logins, bucket configuration changes, or resource creation under Cloud Security > AWS > Alerts.

How to Use: #

• Real-time Security Monitoring: Continuously monitor AWS activities, configurations, and events via the AWS security dashboard.

• Threat Detection: Identify potential threats such as unauthorized access, abnormal API activity, and resource misuse.

• Compliance Reporting: Ensure that your AWS infrastructure adheres to security policies and compliance requirements.

3. GitHub Security #

Location in Argus: #

Navigate to Security > Cloud Security > GitHub.

How to Configure: #

1. Set Up GitHub Integration: In Cloud Security > GitHub > Configuration, connect Argus to your GitHub organization by providing an OAuth token or using GitHub Apps for access.

2. Enable Repository Monitoring: Select the repositories you want to monitor for security events, like push events, repository changes, and PR reviews in Cloud Security > GitHub > Repositories.

3. Set Up Alerts: Define alert rules for key GitHub activities such as code pushes, repository modifications, and security issues under Cloud Security > GitHub > Alerts.

How to Use: #

• Monitor Code Changes: Track code pushes, pull requests, and repository modifications in real-time for any suspicious activity.

• Identify Risks: Monitor security alerts related to code vulnerabilities or permissions issues in your repositories.

• Incident Management: Investigate GitHub-related security incidents quickly to prevent misuse of code or configurations.

4. Office 365 Security #

Location in Argus: #

Navigate to Security > Cloud Security > Office 365.

How to Configure: #

1. Set Up Office 365 Integration: In Cloud Security > Office 365 > Configuration, connect your Office 365 account using Azure Active Directory authentication and grant the required permissions.

2. Enable Activity Monitoring: Select which Office 365 services to monitor, such as Exchange, SharePoint, or Teams, under Cloud Security > Office 365 > Services.

3. Set Up Alerts: Configure alert rules for key Office 365 events, such as unauthorized email access, file sharing, or admin role changes under Cloud Security > Office 365 > Alerts.

How to Use: #

• Real-time Monitoring: Continuously monitor Office 365 activities, such as user login behavior, document sharing, and admin changes.
• Security Incident Response: Respond quickly to security incidents, such as suspicious login attempts or abnormal data access.
• Compliance Auditing: Ensure Office 365 compliance with security and privacy standards by reviewing activity logs and reports.