Using the AWS console, one is restricted to a list view of VMs for a single account and region at a time. These are just lists with no visual mapping of the AWS environment. Troubleshooting is difficult and slow.
Cloudvisory continuosly discovers AWS infrastructure allowing interaction with a visual mapping across AWS Accounts, Regions, VPCs, VMs, network flows and even other Providers. This mapping illustrates the exact make up of the AWS enviornment. As new workloads spin up or down the mapping will be immediately refreshed for an up-to-date representation of the deployment.
Tags and Meta Data are critical for organizing workloads and associated security policies into groups to speed management and control. In AWS you can manage tags to organize worloads but cannot easily associate these tags to policies across various VPCs. This makes it costly and time consuming for Dev/Ops or Security teams to manage AWS policies through complex coding and scripting.
In Cloudvisory, the Security Orchestration plane allows for the creation of natural language policies and the association of those policies to workloads via Infrastructure memberships, Tags and Group memberships (such as application or application tier). This orchestration plane allows for the automated calculation and provisioning of immutable policies even as the environment undergoes change. The graphical user-interface provides dramatic ease of use, speeding up Dev/Ops and insuring consistent and perfect security.
Using the AWS Console to list and manage security groups is not intuitive and is limited to a single account in a single region.
The AWS Console provides a list of network flows limited to single a VPC in a single account in a single region. It is just a list. It does not provide rich, contextual information typically needed by operations teams in order to service and troubleshoot the underlying cloud deployment.
CSP’s visual representation of AWS and related flows is visual and contextual. Cloudvisory can quickly identify non-compliant network flows and alert teams to potential threats. CV Compliance also continuously monitors security policies for compliance and alerts on non-compliant changes. Below, visual flow data specifically points out compliant and non-compliant flow details to quickly identify risk and potential malicious activity.
In Cloudvisory, flow data is much richer. Cloudvisory flow information is summarized per workload and logical group for a better understanding of the environment and faster triage of infected or malicious actions.
Cloudvisory is constantly monitoring the security policiy state to confirm it remains immutable and compliant. If an accidental or malicious change to the policies is identified, Cloudvsiroy detects and alerts and can even take automatic corrective action to return the AWS environment back to its compliant state.
AWS offers strong, native security controls to protect cloud environments, that if used properly, can deliver workloads that are more secure than those in traditional data centers. However, there are limitations with AWS that can leave your AWS deployment exposed and at risk.
Cloudvisory’s Security Platform (CSP) provides the necessary automation vital to your AWS cloud security strategy. CSP’s organization, visibility, control and enforcement helps deliver immutable security across your AWS deployments.