Cloudneeti’s Continuous Cloud Assurance platform has five main capabilities – Administration, Definition, Cloud Connectors , Analytics and Integrations. Administration is used for configuring the platform. Definition provides multiple security and compliance standards out of the box. Cloud Connectors retrieve actual configuration and usage information from cloud service providers. Analytics matches the actual configurations state against defined standard and produces dashboards and reporting. Integration enables data feeds and integrations with customer’s IT systems.

Administration

The platform supports administrator and user roles. Administrators have all of user specific access to dashboards and reports but can also add new users and control their access to information at a cloud account level. Administrators can onboard cloud accounts from their cloud service providers, set specific policy exceptions, determine scan frequency and configure relevant integrations.

Definitions

Cloudneeti offers out of the box a very comprehensive set of security policies, compliance controls and data privacy standards. The security policies define best practice configurations of consumed IaaS, PaaS, Serverless, Containers and SaaS cloud services – customer’s responsibility in the shared cloud responsibility model. Predefined compliance controls have verified mappings for industry standards and regulations.

Cloud Connectors

Cloud connectors to are read-only API interfaces to access meta-data about cloud services configurations from Microsoft Azure, Office365, Amazon Web Services (AWS) and Google Cloud Platform (GCP). Microsoft Azure AD Service Principal role is used for read-only access to Azure and Office 365 subscriptions and Graph API. Amazon Web Services has a built-in SecurityAudit role that is used along with a defined read-only IAM policy. Google’s simple API is used without any access to private data.

Analytics

Users have access to dashboards, trends and reports designed specifically for security, compliance and data privacy posture analysis. The information is aggregated to serve as a single pane of glass for DevOps, SOC, Audit and GRC teams. Users have a summary view, daily trends and can drill down into posture status at a resource level. Downloadable reports are available for eleven compliance frameworks, laws and regulations.

Integrations

The platform enables multiple integrations with customer’s IT systems to enable end to end automated closed loop governance processes across the organization. Reporting data feeds containing detailed and summarized information about security, privacy and compliance posture. Audit Logs have information about all administrative activities and configured policy exceptions. Important policy deviations are logged as incidents in the customer’s ticketing systems (ServiceNow, Zendesk) and delivered as notifications to customer’s email and messaging systems (Email, Slack, Teams, Twilio). Remediations are delivered as remediation guidance or as SOAR integrations for automated actions. Preventative policies forbid provisioning and misconfigurations at a cloud account level.

Want to see Continuous Cloud Assurance in action?

Our experts will demonstrate you the platform capabilities and discuss how it can meet your specific needs.

Request a Demo