Quickstart Guide
Welcome to Bastion
This guide walks you through the essential setup steps. Your dedicated vCISO is available over Slack to help at every step.
Search
Home
Integrations
Frameworks
Audits
Policies
Vendors
Risk
Access Reviews
Trust Center
Security Assistant
Status
People
Training
Phishing Campaigns
Data Leak
Device List
Security Checks
Web Browsing
Attack Surface
Penetration Testing
Typosquatting
Code Security
Dependencies
Step 1: Access Your Workspace
Sign In
Navigate to app.bastion.tech and sign in with your credentials. If you don't have an account, contact your administrator or request a demo.
Explore the Dashboard
The home dashboard provides an overview of your compliance status and active security monitoring. Use the sidebar to navigate between modules.
Step 2: Set Up Integrations
Integrations are the foundation of Bastion's automation. Connect your existing tools to enable automatic data collection and policy enforcement.
Identity Provider
Connect your identity provider to automatically import and sync employees:
- Azure Active Directory - Microsoft 365 environments
- Google Workspace - Google-based organizations
For other identity providers, use the manual user import (CSV).
Navigate to Integrations → Select your provider → Follow the OAuth flow.
Cloud Services
Connect cloud providers for infrastructure monitoring and compliance evidence:
- AWS - Deploy CloudFormation template for read-only access
- Azure - Register app in Entra ID with Reader role
- GCP - Set up Workload Identity Federation
- OVH - Create API token with read-only permissions
- Scaleway - Create application with AllProductsReadOnly policy
- Digital Ocean - Authorize via OAuth with read-only scope
Navigate to Integrations → Cloud Services → Select your provider.
Version Control
Connect your code repositories for code security:
- GitHub - Install the Bastion - Compliance GitHub App
- GitLab - Authorize the Bastion Technologies OAuth app
- Azure DevOps - Register Entra app with Project Reader role
- Bitbucket - Authorize the Bastion Technologies OAuth app
Navigate to Infrastructure → Code Security → Connect VCS.
Step 3: Manage Employees
Once your identity provider is connected, users are automatically imported. You can then activate or deactivate them:
- Navigate to Employees → People
- Review the list of imported users
- Activate users who are employees in your organization
- Deactivate users who are not employees
Create Compliance Groups to organize employees by department, location, or role. Groups make it easy to assign training and manage access reviews.
Step 4: Choose Your Modules
Every module is included in your subscription — enable only what you need:
| Module | Use Case |
|---|---|
| Compliance | Pursuing certifications (SOC 2, ISO 27001, etc.) |
| Customer Trust | Responding to customer security questionnaires |
| Awareness Training | Security education for employees |
| Phishing Campaigns | Test employee phishing awareness |
| Devices | MDM and endpoint management |
| Web Browsing | DNS filtering and browser security |
| Infrastructure | Attack surface monitoring |
| Code Security | SBOM and dependency scanning |
Step 5: Configure Your First Module
- Compliance
- Phishing
- Devices
- Go to Compliance → Frameworks
- Select a framework (e.g., SOC 2 Type II)
- Review the controls and requirements
- Connect integrations to auto-collect evidence
- Start working through the control tests
- Go to Employees → Phishing Campaigns
- Click Create Campaign
- Select a phishing template
- Choose your target audience
- Schedule and launch the campaign
- Go to Devices → Devices List
- Start the MDM onboarding
- Select the device operating systems in use (Windows, Apple)
- Follow the setup steps for each selected OS
- Once onboarding is complete, start enrolling devices
Keyboard Shortcuts
Speed up your workflow with keyboard shortcuts:
| Shortcut | Action |
|---|---|
H | Go to Home |
I | Go to Integrations |
C | Go to Compliance |
T | Go to Customer Trust |
E | Go to Employees |
A | Go to SaaS |
D | Go to Devices |
S | Go to Infrastructure |
K | Open Command Menu (search) |