# Cloud Storage Security Help Docs

## Cloud Storage Security Help Docs

- [Introduction](https://help.cloudstoragesec.com/readme.md): Cloud Storage Security offers two solutions: Antivirus for Amazon S3 and Data Classification for Amazon S3.
- [Getting Started](https://help.cloudstoragesec.com/getting-started.md): Deploy our solution to your environment in three easy steps.
- [How to Subscribe](https://help.cloudstoragesec.com/getting-started/how-to-subscribe.md): Antivirus for Amazon S3 and Data Classification for Amazon S3 are available via AWS Marketplace.
- [Pay-As-You-Go (PAYG)](https://help.cloudstoragesec.com/getting-started/how-to-subscribe/pay-as-you-go-payg.md): This is the most common subscription option for Antivirus for Amazon S3 and Data Classification for Amazon S3 when deploying for a free trial or production deployment.
- [Bring Your Own License/GovCloud (BYOL)](https://help.cloudstoragesec.com/getting-started/how-to-subscribe/bring-your-own-license-govcloud-byol.md): Customers who require a custom license or need to deploy in GovCloud can use our BYOL to subscribe and deploy our Antivirus for Amazon S3 solution.
- [AWS Transfer Family](https://help.cloudstoragesec.com/getting-started/how-to-subscribe/aws-transfer-family.md): Ensure the data that is moved into Amazon S3 via AWS Transfer Family is free of ransomware, viruses, trojans and other payloads by scanning it inline with Antivirus for Amazon S3
- [How to Deploy](https://help.cloudstoragesec.com/getting-started/how-to-deploy.md): Once you've subscribed to the Antivirus and/or Data Classification for Amazon S3 listing(s), the next step is to start your deployment.
- [Steps to Deploy](https://help.cloudstoragesec.com/getting-started/how-to-deploy/steps-to-deploy.md): Deployment of our solution happens using a CloudFormation Template.
- [Advanced Deployment Considerations](https://help.cloudstoragesec.com/getting-started/how-to-deploy/advanced-deployment-considerations.md): The CloudFormation template can optionally be customized beyond the default settings.
- [AWS Transfer Family](https://help.cloudstoragesec.com/getting-started/how-to-deploy/aws-transfer-family.md): Ensure the data that is moved into Amazon S3 via AWS Transfer Family is free of ransomware, viruses, trojans and other payloads by scanning it inline with Antivirus for Amazon S3
- [How to Configure](https://help.cloudstoragesec.com/getting-started/initial-config.md): Once you've deployed Amazon S3 and/or Data Classification for Amazon S3 you can start to configure your settings through the management console.
- [Console Overview](https://help.cloudstoragesec.com/console-overview.md): In the How to Configure section, we covered our first bucket activation to enable scanning and our first data classification schedule. Now let's take a closer look at the rest of the console.
- [Dashboard](https://help.cloudstoragesec.com/console-overview/console-overview.md): The Dashboard view is the window into your scanning and/or classifying status.
- [Malware Scanning](https://help.cloudstoragesec.com/console-overview/protection.md): There is very little to configure to get the product up and scanning your data. The only activity you truly have to do post deployment is enable protection for the storage volume of your choice.
- [AWS](https://help.cloudstoragesec.com/console-overview/protection/aws.md): Configure scanning for AWS storage containers here.
- [Buckets](https://help.cloudstoragesec.com/console-overview/protection/aws/protected-buckets.md)
- [Amazon EBS Volumes](https://help.cloudstoragesec.com/console-overview/protection/aws/ebs-volumes.md)
- [Amazon EFS Volumes](https://help.cloudstoragesec.com/console-overview/protection/aws/efs-volumes.md)
- [Amazon FSx Volumes](https://help.cloudstoragesec.com/console-overview/protection/aws/fsx-volumes.md)
- [Azure](https://help.cloudstoragesec.com/console-overview/protection/azure.md): Configure scanning for Azure storage containers here.
- [Blob Containers](https://help.cloudstoragesec.com/console-overview/protection/azure/blob-containers.md): Similar to scanning AWS storage volumes you can also scan Azure Blobs.
- [GCP](https://help.cloudstoragesec.com/console-overview/protection/gcp.md): Configure scanning for GCP storage containers here.
- [GCP Buckets](https://help.cloudstoragesec.com/console-overview/protection/gcp/gcp-buckets.md): Similar to scanning AWS storage volumes you can also scan GCP Buckets.
- [See What's Infected](https://help.cloudstoragesec.com/console-overview/see-whats-infected.md): The See What's Infected page provides malware information at a glance. Findings at a glance, Malware History, and a more granular Results page live here.
- [Findings](https://help.cloudstoragesec.com/console-overview/see-whats-infected/problem-files.md): The Findings page is where you will find details about any findings surfaced during antivirus scanning and data classification.
- [Malware History](https://help.cloudstoragesec.com/console-overview/see-whats-infected/malware-history.md)
- [Results](https://help.cloudstoragesec.com/console-overview/see-whats-infected/scan-results.md): The Problem Files Chart on the Dashboard is great for an active, high level view into the activity within your environment. But, sometimes you want and need to see more specific metrics.
- [Schedules](https://help.cloudstoragesec.com/console-overview/scheduled-scans.md): Scheduled Scanning allow you to process new or existing files based on a schedule, and include a Classify Now option for immediate classification.
- [Monitoring](https://help.cloudstoragesec.com/console-overview/monitoring.md): Under the Malware Scanning section you will find the ability to view different aspects of the CSS application: Viewing error logs, storage container statuses, scanning agents by region, and more.
- [Error Logs](https://help.cloudstoragesec.com/console-overview/monitoring/error-logs.md): This page gathers all Error Logs to aid with troubleshooting.
- [Bucket Settings](https://help.cloudstoragesec.com/console-overview/monitoring/bucket-settings.md): The Bucket Settings page offers a configuration overview for all of the buckets you have access to, including all of the buckets in the deployment account and any linked accounts.
- [Deployment](https://help.cloudstoragesec.com/console-overview/monitoring/deployment-overview.md): The Deployment Overview page was created to give you a better understanding of the current infrastructure you've deployed.
- [Jobs](https://help.cloudstoragesec.com/console-overview/monitoring/jobs.md): On-demand and scheduled scans/classifications are considered jobs within the system. As a result, they can be monitored and managed independently from one another.
- [Notifications](https://help.cloudstoragesec.com/console-overview/monitoring/notifications.md): The Notifications page allows you to search through different system events that we log. This can be useful for users who want to dive deeper into our console logs without CloudWatch.
- [Storage Assessment](https://help.cloudstoragesec.com/console-overview/monitoring/storage-assessment.md): The Storage Assessment page gives you detailed information about your Amazon S3 storage state.
- [Usage](https://help.cloudstoragesec.com/console-overview/monitoring/usage-rollup.md): The Dashboard is great for a high level view into the activity within your environment. But, sometimes you want to see the specific numbers broken down by Group and / or Account.
- [Configuration](https://help.cloudstoragesec.com/console-overview/configuration.md): The Configuration section provides application configuration settings like Console and Agent settings, integrations, license management, and more.
- [Scan Settings](https://help.cloudstoragesec.com/console-overview/configuration/scan-settings.md): There are four configuration adjustments you can make to the Scanning/Classification Agents
- [Automatic Scanning Configuration](https://help.cloudstoragesec.com/console-overview/configuration/automatic-scanning-configuration.md): Automate storage container protection and scanning.
- [Classification Rule Sets](https://help.cloudstoragesec.com/console-overview/configuration/classification-rule-sets.md): If you have Data Classification enabled you will see this Classification Rule Sets page under the Configuration section
- [Classification Custom Rules](https://help.cloudstoragesec.com/console-overview/configuration/classification-custom-rules.md)
- [Console Settings](https://help.cloudstoragesec.com/console-overview/configuration/console-settings.md): The Console Settings page is used to make modifications to the console characteristics
- [AWS Integrations](https://help.cloudstoragesec.com/console-overview/configuration/aws-integrations.md)
- [Job Networking](https://help.cloudstoragesec.com/console-overview/configuration/job-networking.md)
- [API Agent Settings](https://help.cloudstoragesec.com/console-overview/configuration/api-agent-settings.md): The API scanning agent can be deployed to most regions at this time.
- [Proactive Notifications](https://help.cloudstoragesec.com/console-overview/configuration/proactive-notifications.md)
- [License Management](https://help.cloudstoragesec.com/console-overview/configuration/license-mgmt.md)
- [Event Agent Settings](https://help.cloudstoragesec.com/console-overview/configuration/agent-settings.md): The Event Agent Settings page is used to make modifications to the agent task characteristics. Note that there are now Event Agent settings for AWS and Azure, respectively.
- [Access Management](https://help.cloudstoragesec.com/console-overview/access-management.md): The Access Management page provides settings for Users, Accounts, and Groups.
- [Manage Users](https://help.cloudstoragesec.com/console-overview/access-management/user-mgmt.md): Everything you need to know about managing users within your deployment.
- [Manage Accounts](https://help.cloudstoragesec.com/console-overview/access-management/linked-accounts.md): There are scenarios where it makes sense to centrally manage your security deployments.
- [Linking an AWS Account](https://help.cloudstoragesec.com/console-overview/access-management/linked-accounts/linking-an-aws-account.md): You can link additional AWS accounts in one deployment of your AV console.
- [Linking an Azure Account](https://help.cloudstoragesec.com/console-overview/access-management/linked-accounts/linking-an-azure-account.md): Linking an Azure account to ingest Blobs is similar to linking an AWS account.
- [Linking a GCP Account](https://help.cloudstoragesec.com/console-overview/access-management/linked-accounts/linking-a-gcp-account.md): Linking a GCP account to ingest objects is similar to linking an AWS account.
- [Linking AWS Organizations](https://help.cloudstoragesec.com/console-overview/access-management/linked-accounts/linking-aws-organizations.md): You can leverage AWS Organizations to automatically configure linked accounts.
- [Manage Groups](https://help.cloudstoragesec.com/console-overview/access-management/group-mgmt.md): You are able to separate users and accounts to specific groups.
- [Support](https://help.cloudstoragesec.com/console-overview/support.md): The Support page provides a quick checklist on getting started, ways to contact us, and links to our documentation (you are here now!).
- [Getting Started](https://help.cloudstoragesec.com/console-overview/support/getting-started.md): The Getting Started page provides a 6 item checklist for getting started with the product.
- [Stay Connected](https://help.cloudstoragesec.com/console-overview/support/stay-connected.md): The Stay Connected page will allow us to contact you when there are updates or changes to the product.
- [Contact Us](https://help.cloudstoragesec.com/console-overview/support/contact-us.md): The Contact Us page will forward you to our Help Docs, which will detail ways to reach our team.
- [Documentation](https://help.cloudstoragesec.com/console-overview/support/documentation.md): The Documentation page will lead you to our Help Docs, which is where you are at right now.
- [Product Updates](https://help.cloudstoragesec.com/product-upgrades.md): Updating your console and agent is straightforward and easy to do.
- [How It Works](https://help.cloudstoragesec.com/how-it-works.md)
- [Scanning Overview](https://help.cloudstoragesec.com/how-it-works/object-scanning.md): Learn more about our scan models and how object flow works for each type of scanning.
- [Event Driven Scanning for New Files](https://help.cloudstoragesec.com/how-it-works/object-scanning/event-driven-scanning.md)
- [Retro Scanning for Pre-Existing Files](https://help.cloudstoragesec.com/how-it-works/object-scanning/retro-scanning.md)
- [API Driven Scanning](https://help.cloudstoragesec.com/how-it-works/object-scanning/api-driven-scanning.md): You can programmatically implement antivirus scans and data classification in your application.
- [Architecture Overview](https://help.cloudstoragesec.com/how-it-works/architecture-review.md): An in-depth overview of our architecture.
- [Logging and Permissions](https://help.cloudstoragesec.com/how-it-works/logging-and-permissions.md): Details on Log Groups and Console + Agent Permissions
- [Deployment Details](https://help.cloudstoragesec.com/how-it-works/deployment-details.md): Learn more about our flexible deployment options.
- [Sizing Discussion](https://help.cloudstoragesec.com/how-it-works/sizing.md): File size and the number of files you plan on scanning will impact how you scale your deployment to fit your needs.
- [Integrations](https://help.cloudstoragesec.com/how-it-works/integrations.md): Cloud Storage Security is focused on creating a great user experience with functionally useful integrations with key AWS Services. Read on to learn more.
- [AWS Security Hub CSPM](https://help.cloudstoragesec.com/how-it-works/integrations/aws-security-hub.md): Antivirus for Amazon S3 and Data Classification for Amazon S3 both support AWS Security Hub CSPM.
- [AWS CloudTrail Lake](https://help.cloudstoragesec.com/how-it-works/integrations/integrations.md): We have an available CloudTrail Lake integration that you can use for your deployment.
- [AWS Transfer Family](https://help.cloudstoragesec.com/how-it-works/integrations/aws-transfer-family.md): Ensure the data that is moved into Amazon S3 via AWS Transfer Family is free of ransomware, viruses, trojans and other payloads by scanning it inline with Antivirus for Amazon S3
- [Amazon GuardDuty](https://help.cloudstoragesec.com/how-it-works/integrations/aws-guardduty.md)
- [Amazon Bedrock](https://help.cloudstoragesec.com/how-it-works/integrations/amazon-bedrock.md)
- [Demo Videos](https://help.cloudstoragesec.com/how-it-works/demos.md): Check out some of our video content to get a better feel for our solution.
- [Scanning APIs](https://help.cloudstoragesec.com/how-it-works/scanning-api.md)
- [SSO Integrations](https://help.cloudstoragesec.com/how-it-works/sso-integrations.md): Here are some guides on how to integrate SSO into the CSS application.
- [Entra ID SSO Integration](https://help.cloudstoragesec.com/how-it-works/sso-integrations/entra-id-sso-integration.md): This page teaches you how to integrate Entra ID into your Amazon Cognito User Pool.
- [Okta SSO Integration](https://help.cloudstoragesec.com/how-it-works/sso-integrations/okta-sso-integration.md): This page teaches you how to integrate Okta into your Amazon Cognito User Pool.
- [Frequently Asked Questions](https://help.cloudstoragesec.com/faq.md): In this section you'll find answers to common questions that may come up when using our solutions.
- [Getting Started](https://help.cloudstoragesec.com/faq/getting-started.md): Below are some of the most common questions related to getting started with our products.
- [Product Functionality](https://help.cloudstoragesec.com/faq/product-functionality.md): Below are some of the most common questions related to product functionality.
- [Architecture Related](https://help.cloudstoragesec.com/faq/architecture-related.md): Below are some of the most common questions related to Architecture
- [Supported File Types](https://help.cloudstoragesec.com/faq/supported-file-types.md): Below you can find the file types supported by each scanning engine that powers Antivirus for Amazon S3.
- [Troubleshooting](https://help.cloudstoragesec.com/trouble-shooting.md): In this section are common troubleshooting steps you can take to investigate and resolve common issues.
- [SSL Certificate Expiry](https://help.cloudstoragesec.com/trouble-shooting/ssl-certificate-expiry.md)
- [CloudFormation Stack failures](https://help.cloudstoragesec.com/trouble-shooting/stack-creation-failures.md): The two most common CloudFormation stack failures customers see are a result of either bad parameters specified within the CloudFormation template or deploying in a non-supported region.
- [Cross-Region Scanning on with private network](https://help.cloudstoragesec.com/trouble-shooting/stack-creation-failures-1.md): The goal is to avoid going to the internet and fetching everything from the AWS backbone.  This is the AWS recommended solution, keep in mind that it is complex to configure, maintain, and costly
- [API Scanning: Could not connect to SSL/TLS (v7)](https://help.cloudstoragesec.com/trouble-shooting/api-scanning-could-not-connect-to-ssl-tls-v7.md): As of v7 of our solution, we have implemented TLS 1.3, so if your application is still using TLS 1.2, you will receive an error response.
- [Password not received after deployment](https://help.cloudstoragesec.com/trouble-shooting/password-not-received.md): Sometimes you may not receive the welcome email which includes your temporary password. If that's the case, here are the steps to logging in for the first time.
- [Conflicted buckets](https://help.cloudstoragesec.com/trouble-shooting/conflicted-buckets.md): Amazon S3 buckets have an event system associated with them. There are 15 possible events that can be triggered on an bucket.
- [Modifying scaling info post-deployment](https://help.cloudstoragesec.com/trouble-shooting/modifying-scaling-info-post-deployment.md): Making changes to your configuration after deployment is possible.
- [Objects show unscannable with access denied](https://help.cloudstoragesec.com/trouble-shooting/objects-show-unscannable-with-access-denied.md): This issue is seen when the customer is using AWS-KMS with a Custom KMS for encryption on the bucket.
- [Remote account objects not scanning](https://help.cloudstoragesec.com/trouble-shooting/remote-account-objects-not-scanning.md)
- [My scanning agents keep starting up and immediately shutting down](https://help.cloudstoragesec.com/trouble-shooting/my-scanning-agents-keep-starting-up-and-immediately-shutting-down.md): The main reason we see this happening is the agent does not have a route (outbound over internet or through VPC Endpoint) path to Amazon ECR.
- [I cannot access the management console](https://help.cloudstoragesec.com/trouble-shooting/i-cannot-access-the-management-console.md): If you are having trouble accessing the management console the below information may be helpful.
- [Linked Account Out of Date](https://help.cloudstoragesec.com/trouble-shooting/linked-account-out-of-date.md): If your linked account is out of date, follow the steps below.
- [Rebooting the Management Console](https://help.cloudstoragesec.com/trouble-shooting/rebooting-the-management-console.md): Rebooting the console is a simple process.
- [Errors when upgrading to the latest major version](https://help.cloudstoragesec.com/trouble-shooting/error-when-upgrading-to-the-latest-major-version.md): When upgrading to the next major version of our solution you may experience an error.
- [I Cannot Create/Delete an API Agent](https://help.cloudstoragesec.com/trouble-shooting/i-cannot-create-delete-an-api-agent.md): When trying to delete an Api Agent, you may just go to ECS and delete the ApiAgentService. This provokes an additional issue to then create a new Api Agent
- [Release Notes](https://help.cloudstoragesec.com/release-notes.md): Here you will find a running list of new features for each version we've released. The latest is always at the top.
- [Latest (v9)](https://help.cloudstoragesec.com/release-notes/v9.md): A list of features and releases for version 9. Latest releases are located at the top.
- [v8](https://help.cloudstoragesec.com/release-notes/v8.md): A list of features and releases for version 8. Latest releases are at the top.
- [v7](https://help.cloudstoragesec.com/release-notes/v7.md): A list of features and releases for version 7. Latest releases are at the top.
- [v6 and older](https://help.cloudstoragesec.com/release-notes/v6-and-older.md): A list of features and releases for version 6 and prior. Latest releases are at the top.
- [Contact Us & Support](https://help.cloudstoragesec.com/contact-us.md): Our friendly support team is here to help. Learn what information to share and when you can expect a response.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on a page URL with the `ask` query parameter:
```
GET https://help.cloudstoragesec.com/readme.md?ask=<question>
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.