Manage security findings
View, filter, and remediate security and compliance findings in the CloudBooster portal.
Manage security findings
CloudBooster continuously scans your connected AWS accounts for security misconfigurations and compliance issues. Each issue surfaces as a finding in the portal — with a severity, a description, an affected resource, and an estimated impact on risk and cost.
This guide covers the portal workflow. For CLI-based auditing and CI integration, see Use cbx audit and Run cbx audit in GitHub Actions.
Before you begin
- You need a project with at least one environment connected to an AWS account.
- The environment must have been scanned at least once (either automatically or manually).
Open the findings list
Navigate to your Project → Environment → Findings. The findings list shows every issue detected in that environment.
Trigger a manual scan
To run a scan on demand, click Scan Now in the top-right corner of the findings page. The scan reads your connected AWS account in real time and surfaces any new issues. Existing findings that no longer apply are automatically resolved.
Scans run automatically in the background. Use Scan Now when you want an immediate result — for example, after applying a remediation ChangeSet.
Read a finding
Each finding row shows:
| Column | What it means |
|---|---|
| Title | Short description of the issue |
| Severity | high, medium, or low |
| Status | open, proposed, resolved, or suppressed |
| ROI / Risk | Estimated risk reduction and monthly cost savings if fixed |
| Remediation | Link to the ChangeSet that proposes a fix, if one exists |
Click any row to open the finding detail, which adds:
- Description — the full explanation of the issue and why it matters.
- Affected resource — the specific AWS resource involved.
- ROI estimate — confidence-rated risk reduction and potential cost savings.
- Evidence — links to the deployment run and ChangeSet that resolved the finding, once it is resolved.
Filter and search
Use the controls above the table to narrow the list:
- Status filter — show only
open,proposed,resolved, orsuppressedfindings. - Severity filter — show only
high,medium, orlowseverity. - Search — find findings by title or ID.
- Has remediation — checkbox that shows only findings with an associated ChangeSet, so you can review proposed fixes quickly.
Finding statuses
| Status | Meaning |
|---|---|
open | Issue detected; no fix in progress |
proposed | A remediation ChangeSet has been created and is awaiting review |
resolved | The issue was fixed and confirmed by a subsequent scan |
suppressed | Acknowledged as intentional or out of scope |
Remediate a finding
For open findings, CloudBooster can generate a remediation ChangeSet:
- Click Propose ChangeSet in the row actions (or in the finding detail header).
- CloudBooster produces a ChangeSet containing the proposed infrastructure change.
- Review the ChangeSet — check the ADR, the diagram, and the composition YAML.
- Approve and apply the ChangeSet when you are satisfied.
- Click Scan Now to confirm the finding is resolved.
The finding status moves from open → proposed immediately when the ChangeSet is created, and to resolved when the scan confirms the issue is gone.
Not every finding has an automated remediation. Some issues require judgment calls that CloudBooster cannot make for you — for example, deciding which IP ranges to allow on a security group. Those findings will not show a Propose ChangeSet button.
View an existing remediation ChangeSet
If a finding already has a linked ChangeSet (status proposed), a ChangeSet link appears in the Remediation column. Click it to jump directly to the ChangeSet review screen.
See also
- Audits — how scanning works and what it covers.
- ChangeSets — the artifact that remediations produce.
- Use
cbx audit— CLI-based scanning. - Run
cbx auditin GitHub Actions — CI integration.