What is a Finding?
A finding is a cloud resource that is found non-compliant with an assigned compliance check during a scan. A compliance check can have none or more findings against a resource. There are a few different types of findings:
- Active Finding: a cloud resource that is non-compliant and not yet addressed or remediated.
- Suppressed Finding: a cloud resource that is excluded from future scans. An example is a public S3 bucket that should be public because it contains data that is designed for public consumption. You would mark a finding as "Suppressed" so that it doesn't continue showing up as "Active" in the scans.
- Archived Finding: a cloud resource that has been acknowledged and marked as remediate by the security team. Any cloud resources that are not remediated will show up as "Active" on the next scan.
To learn more about findings, including how to archive and suppress them, read the Compliance Overview article.