feat(Security RX): Cloud misconfiguration

src/content/docs/vulnerability-management/cloud-workflow-misconfig.mdx

@@ -0,0 +1,63 @@
+---
+title: Manage misconfigurations in your cloud environment
+metaDescription: Use Security RX to fix misconfiguration in your cloud environment.
+freshnessValidatedDate: never
+---
+
+This document covers how to:
+
+* Improve your cloud security posture in real-time 
+* Reduce context switching with automatic synchronization of AWS Security Hub findings (and other cloud vendors)
+
+
+If this workflow doesn't sound like you, check out our document on [managing vulnerabilities as a security team](/docs/vulnerability-management/security-workflow-cloud-misconfig).
+
+## Manage misconfigurations in your cloud environment [#cloud-misconfig]
+New Relic Security RX provides a comprehensive view of your cloud security posture, allowing you to identify and remediate misconfigurations in real-time. By integrating with AWS Security Hub and other cloud vendors, you can automatically synchronize findings and reduce context switching.
+This integration allows you to view and manage security findings from multiple cloud services in one place, streamlining your security operations.
+To get started, navigate to the Security RX capability in New Relic and select the **Cloud** tab. Here, you can view a summary of your cloud security posture, including misconfigurations, vulnerabilities, and other security findings.
+
+To monitor the health of specific applications or services, use our entity scoped view by navigating to <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Security RX > Overview**</DNT>. For a larger scope, refer to [managing vulnerabilities as a security team](/docs/vulnerability-management/security-workflow).
+
+<img
+  title="Entity overview"
+  alt="Dashboard for the security entity overview page"
+  src="/images/security_screenshot-entity_security-overview.webp"
+/>
+
+<figcaption>
+  <DNT>
+    **[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Security > Overview**
+  </DNT>
+</figcaption>
+
+The **Cloud** tab provides a comprehensive view of your cloud security posture, including:
+* New misconfigurations
+* Top critical regions
+* Top resource types
+* Top risks
+* Top risks by account
+* Top critical virtual private cloud (VPC) 
+
+
+## Triage, and remediate misconfigurations [#prioritize]
+
+To triage, and remediate misconfigurations, navigate to the **Vulnerabilities** tab in the Security RX capability. Here, you can view all open vulnerabilities and filter them by attributes such as priority, severity, number of affected entities, impacted entity type, and source. Clicking on a specific vulnerability provides detailed information about its severity, sources, vulnerability status change logs, and much more.
+
+To view all vulnerabilities of your service or application, in the left navigation pane, under **Security RX** section, select <DNT>**Security RX - cloud**</DNT>.
+
+<img
+  title="Vulnerability library"
+  alt="Dashboard for the entity specific vulnerability library"
+  src="/images/vulnLibrary.webp"
+/>
+
+<figcaption>
+  <DNT>
+    **[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > APM & services > (select an entity) > Vulnerabilities**
+  </DNT>
+</figcaption>
+
+
+
+

src/content/docs/vulnerability-management/integrations/aws-securityhub-polling.mdx

@@ -0,0 +1,69 @@
+---
+title: AWS security hub integration (Polling method)
+metaDescription: 'Send your security data from AWS Security Hub, GuardDuty, and inspector directly to New Relic.'
+freshnessValidatedDate: never
+---
+
+You can import AWS Security Hub findings into New Relic to achieve a single, unified view of vulnerabilities. The process uses the AWS API to poll for findings from AWS Security reporting services.
+After completing these steps, you will see new vulnerabilities detected by AWS Security tools in your New Relic account in real time, and you'll be able to build out analytics dashboards and enable <InlinePopover type="alerts"/> on newly detected issues.
+
+## Set up API polling [#set-up-api]
+
+Follow these procedures to set up API polling. Both procedures require you to move between the New Relic UI and your AWS account. 
+
+<CollapserGroup>
+    <Collapser
+        id="setup-individual"
+        title="Connect individual AWS integrations to New Relic"
+    >
+
+To connect additional <DNT>**API Polling**</DNT> integrations to New Relic:
+
+1. Go to <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Infrastructure > AWS**</DNT>. Click on one of the available service tiles. From the [IAM console](https://console.aws.amazon.com/iam/home?#/roles), click <DNT>**Roles**</DNT> > <DNT>**Create role**</DNT> >  <DNT>**AWS account**</DNT> > <DNT>**Another AWS account**</DNT>. Input the following:
+
+   * For `Account ID`, use `754728514883`
+   * Check the `Require external ID` box
+   * For `External ID`, enter your New Relic account ID
+   * Don't enable the setting to `Require MFA` (multi-factor authentication)
+1. Attach the <DNT>**Policy**</DNT>: Search for `ReadOnlyAccess` in the <DNT>**Permissions policies**</DNT> text box, select the checkbox for the policy named `ReadOnlyAccess`, then click <DNT>**Next**</DNT>. Alternatively, you can [create your own managed policy](/docs/integrations/amazon-integrations/getting-started/integrations-managed-policies) and limit the permissions you grant New Relic according to the AWS services you want to monitor.
+1. Enter `NewRelicInfrastructure-Integrations` for the <DNT>**Role name**</DNT>, then click <DNT>**Create role**</DNT> to select the newly created role from the list. On the <DNT>**Role summary**</DNT> page, select and copy the entire <DNT>**Role ARN**</DNT> (required later in this procedure).
+1. Configure a <DNT>**Budgets**</DNT> policy by viewing the <DNT>**Role summary**</DNT> for your new role. Open the <DNT>**Add permissions**</DNT> drop-down and click on <DNT>**Create inline policy**</DNT>. Open the <DNT>**JSON**</DNT> tab and add the following permission statement:
+
+    ```json
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+            "budgets:ViewBudget"
+            ],
+            "Resource": "*"
+        }
+        ]
+    }
+    ```
+1. Click <DNT>**Review policy**</DNT> to enter a policy name (like `NewRelicBudget`), then select <DNT>**Create policy**</DNT>.
+1. Return to the New Relic UI to enter your AWS account name and the ARN for the new role that you saved in step 2.
+1. Select the AWS services you want to monitor with the infrastructure integrations, then <DNT>**Save**</DNT>.
+
+It may take few minutes until new resources are detected and synthesized as entities. See Cloud integrations [system limits](/docs/data-apis/manage-data/view-system-limits) for more information.
+
+</Collapser>
+<Collapser
+    id="setup-multiple"
+    title="Connect multiple AWS integrations to New Relic"
+>
+
+If you previously set up an ARN with a restrictive <DNT>**AmazonEC2ReadOnlyAccess**</DNT> policy, unlink your existing integration and create a new ARN with a broader policy.
+
+Follow the instructions to [connect your Amazon account to New Relic](/docs/infrastructure/new-relic-infrastructure/data-instrumentation/amazon-aws-ec2-integration-infrastructure#connect) .
+Provide the ARN that contains the <DNT>**ReadOnlyAccess**</DNT> policy.
+
+Once you complete your setup, you can see your integrations at <DNT>**[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Infrastructure > AWS**</DNT>.
+
+            </Collapser>
+        </CollapserGroup>
+
+
+

src/content/docs/vulnerability-management/integrations/aws.mdx

@@ -1,5 +1,5 @@
 ---
-title: AWS security integration
+title: AWS security integration (EventBridge method)
 metaDescription: 'Send your security data from AWS Security Hub, GuardDuty, and inspector directly to New Relic.'
 freshnessValidatedDate: never
 ---

src/content/docs/vulnerability-management/overview.mdx

@@ -24,7 +24,7 @@ With Security RX, you get:
 
 * A birds-eye view of all vulnerabilities, including the ones that are detected by the New Relic platform and our integration partners such as [FOSSA](docs/vulnerability-management/integrations/fossa/), [AWS Security Hub](docs/vulnerability-management/integrations/aws/), [Trivy](/docs/vulnerability-management/integrations/trivy), [Snyk](docs/vulnerability-management/integrations/snyk/), [Dependabot](install/vm/), and more.
 
-* Continuous run-time visibility of vulnerabilities in your applications and infrastructure 
+* Continuous run-time visibility of vulnerabilities in your applications, infrastructure, and cloud environments
 
 * Near real-time deployment validation of security patches 
 
@@ -65,4 +65,35 @@ To dive deeper into these use cases, see [Manage vulnerabilities as a security t
   </TabsPages>
 </Tabs>
 
+Certainly! Here's a more concise version of the pricing section for Security RX capability:
+
+---
+
+## Security RX pricing
+
+
+Security RX uses three meters for pricing based on monitored entities:
+
+* **APM services**
+* **Infrastructure hosts**
+* **Cloud resources**
+
+**Pricing and packaging**
+
+* **Advanced compute:** Billed via a CCU meter based on entity count.
+* **Minimum commitment:** 1-month minimum for active monitoring.
+
+
+New Relic Security RX provides automated, continuous vulnerability monitoring for APM and infrastructure instances, correlating security findings across third-party tools to cloud resources. Monthly costs depend on workloads monitored:
+
+* **Application Vulnerability Monitoring:** Evaluates APM Services for software vulnerabilities, correlating and enriching findings. Costs are based on the number of services assessed monthly, prorated for intermittent applications.
+
+* **Infrastructure Vulnerability Monitoring:** Evaluates infrastructure instances for vulnerabilities, correlating and enriching findings. Costs are based on the number of hosts assessed monthly, prorated for intermittent hosts.
+
+* **Cloud Security Assessments:** Correlates and enriches findings for cloud resources. Costs are based on the number of resources assessed monthly, prorated for intermittent resources.
+
+Security RX requires a minimum 30-day activation but can be disabled afterward. Monitoring is billed monthly based on hours monitored.
+
+
+
 

src/content/docs/vulnerability-management/security-workflow-cloud-misconfig.mdx

@@ -0,0 +1,70 @@
+---
+title: Manage misconfigurations in your cloud environment as a DevSecOps, Platform, or Security  team
+metaDescription: Use Security RX to overcome blindspots and assign remediation to developers as a security team.
+freshnessValidatedDate: never
+---
+
+This document covers how to:
+
+* Improve your cloud security posture 
+* Reduce context switching with automatic synchronization of AWS Security Hub findings (and other cloud vendors)
+* Assign remediation to security engineers and track progress
+
+If this workflow doesn't sound like you, check out our document on [managing vulnerabilities as a developer](/docs/vulnerability-management/dev-workflow).
+
+
+## View the misconfiguration status of your cloud environment [#cloud-misconfig]
+New Relic Security RX provides a comprehensive view of your cloud security posture, allowing you to identify and remediate misconfigurations in real-time. By integrating with AWS Security Hub and other cloud vendors, you can automatically synchronize findings and reduce context switching. This integration allows you to view and manage security findings from multiple cloud services in one place, streamlining your security operations.
+
+<img
+  title="Security RX overview"
+  alt="An image showing the summary Security RX overview page."
+  src="/images/security_app-overview.webp"
+/>
+
+<figcaption>
+  <DNT>
+    **[one.newrelic.com > All capabilities](https://one.newrelic.com/all-capabilities) > Security RX**
+  </DNT>
+</figcaption>
+
+Once vulnerability data starts flowing into New Relic, you can access your data through various scoped views. To view a summary of your entire system, navigate to the [Security RX capability > Security RX - Applications > Overview](https://one.newrelic.com/vulnerability-management/apm-summary). This page provides curated dashboards representing the vulnerability of your system and baseline security hygiene.
+
+Dig deeper into the security of your system by auditing the vulnerability of all your entities, libraries, and active vulnerabilities:
+
+<CollapserGroup>
+  <Collapser
+    className="freq-link"
+    id="entity"
+    title="Manage vulnerabilities for all your entities"
+  >
+    From the Security RX - Applications summary page, select <DNT>**Entities**</DNT> to review the vulnerability status of all your applications. This view shows all your applications and code repositories, and allows you to prioritize vulnerability remediation based on weighted vulnerabilities scores and severity profiles.
+
+    Clicking into an entity opens up a scoped entity view of Security RX. Learn more about our scoped entity view in our document on [managing vulnerabilities as a developer](/docs/vulnerability-management/dev-workflow).
+
+  </Collapser>
+
+  <Collapser
+    className="freq-link"
+    id="library"
+    title="Understand the security impact of libraries"
+  >
+    From the Security RX - Applications summary page, select <DNT>**Libraries**</DNT> to review the security impact of all libraries in your system. This view shows all the libraries used by your services and their security impact through vulnerability counts and severity.
+
+    Upon clicking a library, it provides you with a list of all library versions currently in use as well as a tab which displays all the vulnerabilities detected due to the library.
+
+    Upon clicking a library version, it provides you with a list of affected entities and vulnerabilities detected due to this library version.
+  </Collapser>
+
+  <Collapser
+    className="freq-link"
+    id="vuln"
+    title="Manage specific vulnerabilities"
+  >
+    From the <DNT>**Security RX - Applications overview**</DNT> page, select <DNT>**Vulnerabilities**</DNT> to review all the vulnerabilities in your software system. This view shows every vulnerability, priority rank, reason for prioritizing it, number of entities affected, detected by and much more.
+
+    This view is especially useful when responding to a specific vulnerability. Instead of reviewing each service to see if it's impacted, this view condenses info based on vulnerability instead of entity or library.
+
+    Find the vulnerability you need to remediate, click it, review its direct impact of services, and take the recommended remediation steps.
+  </Collapser>
+</CollapserGroup>

src/nav/vuln-management.yml

@@ -11,8 +11,10 @@ pages:
         pages:
         - title: Vulnerability integrations overview
           path: /docs/vulnerability-management/integrations/intro
-        - title: AWS Security
+        - title: AWS Security with EventBridge method
           path: /docs/vulnerability-management/integrations/aws
+        - title: AWS Security with Polling method
+          path: /docs/vulnerability-management/integrations/aws-securityhub-polling
         - title: Dependabot
           path: /install/vm
         - title: Snyk
@@ -33,12 +35,16 @@ pages:
         path: /docs/vulnerability-management/dev-workflow
       - title: Manage vulnerabilities in your infrastructure
         path: /docs/vulnerability-management/infra-workflow
+      - title: Manage misconfigurations in your cloud environment
+        path: /docs/vulnerability-management/cloud-workflow-misconfig
   - title: Manage vulnerabilities as a security team
     pages:
       - title: Manage vulnerabilities in your application
         path: /docs/vulnerability-management/security-workflow
       - title: Manage vulnerabilities in your your infrastructure
         path: /docs/vulnerability-management/security-workflow-infra
+      - title: Manage misconfigurations in your cloud environment
+        path: /docs/vulnerability-management/security-workflow-cloud-misconfig
   - title: Change vulnerability status
     path: /docs/vulnerability-management/change-vulnerability-status
   - title: Set up vulnerability alerts