Cloud
Providers

In order to keep up with the pace of change and protect against threats to the cloud, cloud-native controls must be leveraged with security automation

Amazon web services

aws

The Cloudvisory Security Platform (CSP) supports cloud-native integration with Amazon Web Services (AWS) APIs for Cloud Services such as:

  • AWS CloudTrail
  • AWS CloudWatch
  • AWS EC2 (Elastic Compute Cloud)
  • AWS IAM (Identity and Access Management)
  • AWS Lambda (Serverless Compute)
  • AWS S3 (Simple Storage Service)
  • RDS (Relational Database Service)
  • ... And More
aws
Multiple AWS accounts, of any size and "scope", may be configured as AWS Provider Accounts in CSP. For each configured AWS Provider Account – CSP continuously discovers and processes new and updated assets, metadata, security controls & security events for all in-scope Cloud Services, Regions, and VPCs. By processing updates according to policies configured in CSP – and through the same cloud-native API integrations – events trigger governance actions such as compliance remediation and policy enforcement. In this way, CSP provides Visibility, Compliance & Governance for AWS assets, metadata, security controls & security events such as:
  • AWS CloudTrail Events
  • AWS CloudWatch Logs
  • AWS EC2 Instances
  • AWS Elastic IPs
  • AWS IAM Users
  • AWS IAM Roles
  • AWS Lambda Functions
  • AWS Regions
  • AWS S3 Buckets
  • AWS Tags
  • AWS VPCs
  • AWS VPC Flow Logs
View Use Cases

Azure

azure

The Cloudvisory Security Platform (CSP) supports cloud-native integration with Microsoft® Azure APIs for Cloud Services such as:

  • Azure Authorization
  • Azure Compute
  • Azure Keyvault
  • Azure Monitor
  • Azure Network Watcher
  • Azure RBAC (Active Directory)
  • Azure Resource Groups
  • Azure SQL Databases
  • Azure Subscriptions
  • Azure Service Fabric
  • ... And More
azure visualization
Multiple Azure Subscriptions, of any size and "scope", may be configured as Azure Provider Accounts in CSP. For each configured Azure Provider Account – CSP continuously discovers and processes new and updated assets, metadata, security controls & security events for all in-scope Cloud Services, Regions, and Resource Groups. By processing updates according to policies configured in CSP – and through the same cloud-native API integrations – events trigger governance actions such as compliance remediation and policy enforcement. In this way, CSP provides Visibility, Compliance & Governance for Azure assets, metadata, security controls & security events such as:
  • Azure App Services
  • Azure App Service Environments
  • Azure Keys
  • Azure Network Security Groups (NSGs)
  • Azure NSG Flow Logs
  • Azure Public IP Addresses
  • Azure Secrets
  • Azure SQL Databases
  • Azure Storage Accounts
  • Azure Subnets
  • Azure Tags
  • Azure Virtual Machines
  • Azure Virtual NICs
View Use Cases

Kubernetes

kubernetes

The Cloudvisory Security Platform (CSP) supports cloud-native integration with Kubernetes (k8s) APIs.

In addition to API-based security monitoring and management for resident Kubernetes Namespaces and resources (e.g. Pods, Containers, NetworkPolicies, network flows, etc), CSP establishes Compliance Assurance for underlying Kubernetes infrastructure(s) by running and tracking SSH-based Compliance Checks that implement the Kubernetes CIS Benchmark.

Multiple Kubernetes accounts, of any size and "scope", may be configured as Kubernetes Provider Accounts in CSP. For each configured Kubernetes Provider Account – CSP continuously discovers and processes new and updated assets, metadata, security controls & security events for all in-scope Kubernetes Clusters, Namespaces and their resident resources. By processing updates according to policies configured in CSP – and through the same cloud-native API integrations – events trigger governance actions such as compliance remediation and policy enforcement. In this way, CSP provides Visibility, Compliance & Governance for Kubernetes assets, metadata, security controls & security events such as:

  • k8s Clusters
  • k8s Containers
  • k8s Masters
  • k8s Namespaces
  • k8s Network Flows
  • k8s Network Policies
  • k8s Nodes
  • k8s Pods
kubernetes visualization
View Use Cases

Openstack

openstack

The Cloudvisory Security Platform (CSP) supports cloud-native integration with OpenStack APIs for Cloud Services such as:

  • OpenStack Keystone
  • OpenStack Neutron
  • OpenStack Nova
In addition to API-based security monitoring and management for resident OpenStack Projects and resources (e.g. Instances, network flows, Security Groups, etc), CSP establishes Compliance Assurance for underlying OpenStack infrastructure(s) by running and tracking SSH-based Compliance Checks that implement the OpenStack Security Checklist for OpenStack services such as:
  • OpenStack Cinder
  • OpenStack Horizon
  • OpenStack Keystone
  • OpenStack Manila
  • OpenStack Neutron
  • OpenStack Nova
openstack visualization
Multiple OpenStack accounts, of any size and "scope", may be configured as OpenStack Provider Accounts in CSP. For each configured OpenStack Provider Account – CSP continuously discovers and processes new and updated assets, metadata, security controls & security events for all in-scope Cloud Services, Regions, and Projects. By processing updates according to policies configured in CSP – and through the same cloud-native API integrations – events trigger governance actions such as compliance remediation and policy enforcement. In this way, CSP provides Visibility, Compliance & Governance for OpenStack assets, metadata, security controls & security events such as:

  • OpenStack Hypervisors
  • OpenStack Instances
  • OpenStack Instance Netflow Data
  • OpenStack Metadata (tags)
  • OpenStack Projects (i.e. Tenants)
  • OpenStack Regions
  • OpenStack Roles
  • OpenStack Security Groups
  • OpenStack Users
View Use Cases

Related Materials

© 2019 Cloudvisory | 2911 Turtle Creek Blvd suite 1240 Dallas, TX 75219 | info@cloudvisory.com