Automated Cloud Governance
Whenever an application is deployed to the cloud the primary concern of the CIO is to know whether it is safe. Equally important is to be able to prove to auditors that rules based risk assessments have been done and validated the security posture. While the risk factors for virtual private cloud networks are well understood, managing that risk becomes an enormous challenge when virtual servers, network gateways, serverless functions and Docker and Kubernetes deployments are involved on a global scale with a mixture of traditional application architectures and micro services with discrete permissions and boundaries. Container based deployments introduce a different set of challenges as it is not easy to reason about what each layer is doing and what the security posture is at each layer. The types of global monitoring systems available may not fully cover your container risk.
A solution that is robust enough for global enterprise that will not interfere with normal business operations or change the way people work. It should also work quietly in the background without requiring human intervention but interrogate all activity across cloud deployments. It should fully understand container deployment risk factors and monitor those.
We have early access to a Kubernetes based solution developed by an Israeli-based start-up that will run on your AWS account to monitor activity. An on demand report can be generated that details all rules based checks that have been done and making recommendations on any vulnerabilities that were found. The benefit is that the report can be presented to auditors, CIO and other interested parties as evidence based compliance and security governance. Please get in touch via our contact page if you would like to learn more.
How it works
Create a K8s cluster that runs on your account. It lists all users, roles and services used and then runs business logic to test for security posture. This is output as a report with detailed analysis of services checked and identifying any weaknesses found with a recommendation for remediation.