After setup, Panther conducts a baseline scan to understand the existing resources in your account. It then tracks resource changes in real-time, and periodically re-scans your account to ensure the most consistent state possible.
This functionality is enabled by creating a read-only IAM Role and AWS CloudWatch Event Rules to stream events. Automatic remediation can optionally be configured by using Panther's
aws-remediations open source Lambda function.
The steps below provide explain how to setup these capabilities in each account and region.
The status of the integration is displayed on the Integration Sources page. If there is an issue starting the scan, an error message will display in the
Status column for a given integration.