Skip to main content

Daily Security Report Feature for Shisho Cloud Projects Released

· 2 min read
Yoshiaki Matsutomo
Yoshiaki Matsutomo
Software Engineer @ GMO Flatt Security Inc.

We've released a feature that periodically sends security status reports for Shisho Cloud projects as notifications. 

With this release, you can receive Security Status Reports by Resource Kind within your projects via Slack or email. This makes it easier to continuously monitor security status and share information with stakeholders.

Initial Release: Security Status Report by Resource Kind

This report aggregates the security status within a project by resource kind (such as AWS EC2 instance, AWS S3 Bucket, Google Cloud Compute Engine instance, etc.) and automatically sends it as a daily report.

The report includes a project-wide summary (total findings count and breakdown by severity), as well as details by resource kind (findings count and severity breakdown). Only findings with the status "Awaiting Review" or "Action Needed" are aggregated, focusing on items that actually require attention.

Additionally, customization is available based on your needs. You can set a minimum severity level to display only findings above a specific level, or change the sort order by findings count or severity. The language can be selected from Japanese or English, and reports can be sent to multiple notification destinations including Slack channels, email addresses, and notification groups.

Enabling and Configuring Project Report Notifications

First, select the target project from the project list and open the settings page.

Reports are sent to the notification destinations configured for each project. If you haven't registered notification destinations yet, please configure them.

Next, in the Notification Settings section of the project settings page, turn on the toggle for the notifications you want to receive.

Adjust the following settings as needed:

  • Notification Interval: Specify when to send reports (currently only daily reports are supported).
  • Language: Choose Japanese or English.
  • Minimum Severity: Select a severity level. Reports will include only resource kinds with findings at or above the specified severity level.
  • Sort Order: Select the display order.

Once you save the settings, reports will automatically be sent according to the specified schedule.

▼ User Guide Configure Notifications