Plerion Milestone Tracker

General Onboarding and Immediate Threat Analysis

Objectives

  1. Successfully onboard Plerion

  2. Assess any immediate threats in your environment

  3. Set up Slack Channel with Plerion Team to instantly message through out POC (if desired)

Milestone 1 - Onboarding

Initial access

  • Accept Slack Invite

  • Add New Tenant If required (MSSP/Multi tenant org)

Access control

  • SSO (if required)

  • Password Policy

  • Invite users with assigned permissions

Add cloud provider accounts/subscriptions via Integrations (Admin button top right)

  • Onboard CSPM (required default)

  • Onboard CIEM (required default)

  • Onboard CWPP (Optional)

  • Integrate cloud provider audit logs (CDR) (Optional)

  • Setup communication channels for critical alerts

Understand your environment

Review dashboard from side navigation bar and familiarize yourself with available filters. Order of dashboards can be adjusted by simple select and drag to reorder

  • Home page: Assess top alerts (Attack paths and alerts for critical findings)

  • Findings dashboard (CSPM)

    • Remediate failed findings using knowledge base

  • Assets dashboard (including details view)

    • Review your public facing, overly permissive and vulnerable assets

  • Cloud Infrastructure Entitlements dashboard (CIEM)

  • Cloud Workload Protection Platform dashboard (CWPP)

  • Logs Dashboard (Cloud Detection and Response (CDR))

  • Threat Mapping dashboard (MITRE ATTACK Cloud Matrix)

  • Compliance dashboard

  • Well-Architected dashboard

Milestone 2 - Mastering Detections and Detection Settings

Objectives

Configure a custom profile relative to the company posture and cloud environment

  • Review all critical and high severity findings

  • Create and refine detections for a tenant - environment Staging, Testing, Prod

  • Customize most relevant compliance report to your posture

  • Create your very own custom report

  • Create your own workflow to raise alert or send event to outbound integration (Outbound Integration configuration is required first and is available under Admin settings)

Milestone 3 - Threat Mapping and Cloud Detection

Objectives

Understand your environment through the Mitre Attack framework lens, and be able to perform forensics on your logs

  • Review, and remediated 3 alerts from Threat Mapping dashboard (Mitre Attack Cloud Matrix)

  • Investigate 2 events from Milestone 1

First Time Logging In