Run and Understand Your First Scan
When you connect a new cloud account, DevOps Genie starts an initial read-only scan automatically.
Where to watch progress
Use these product areas:
- Notification bell for scan-started and scan-completed messages.
- Scan status chip in the top bar.
- Security > Overview for scan activity.
- Cloud Accounts for account-level scan status.
What the scan produces
The first scan creates:
- Security findings with severity, resource, account, region, description, and remediation guidance.
- Compliance framework scores when applicable controls are available.
- Resource metadata for the Risk Inventory.
- Trend and scan activity data for future comparisons.
Finding states
| State | Meaning | Compliance impact |
|---|---|---|
| Open | Active issue detected by a scan. | Counts as failing when tied to a control. |
| Acknowledged | Reviewed by a user but not accepted as risk. | Still counts as failing. |
| Accepted risk | Explicitly accepted with optional expiry. | Treated as accepted for compliance scoring while active. |
| Resolved | No longer seen in the latest scan. | No longer active. |
First review checklist
- Open Security > High Risk.
- Review critical and high-severity findings.
- Open each finding drawer to read resource details and remediation guidance.
- Acknowledge items you have reviewed but not resolved.
- Use accepted risk only for explicit business-risk decisions.
- Open Security > Compliance to review framework scores.
If the scan takes longer than expected
Large accounts can take longer than small accounts. If a scan appears stuck, see Scan Troubleshooting.