CSPM
The Cloud Security Posture Management module performs automated cloud infrastructure checks for compliance with more than 1200 security controls.
Risk prioritization
Cloud Advisor is the latest generation CSPM solution that not only analyzes each cloud resource as an individual object, but also considers its network connections to other cloud objects and the rights the resource has in the cloud. Cloud Advisor sees not individual alerts, but rather toxic combinations of them that form the actual attack path, allowing you to focus your attention on eliminating the really important risks.
Custom controls
Cloud Advisor provides the ability to formulate and enforce your own controls, both for security and cloud usage. Examples:
- Each VM and managed database must have the owner tag
- In the dev folder you can only run a VM from an Ubuntu 22.04.1 LTS image
- There should be no administrators in the cloud other than users X, Y and Z
- The VM must not have administrator privileges in the cloud
Security assessment
Cloud Advisor performs a cloud infrastructure security assessment based on criteria formulated by the cloud provider and Cloud Advisor engineers.
Detailed reports
The product provides detailed cloud infrastructure status reports in CSV and PDF formats.
IaC scan
Cloud Advisor enhances an organization's cloud security by preventing insecurely configured resources from appearing. Cloud Advisor embeds itself in CI/CD processes and checks Terraform files for insecure configurations before the infrastructure is deployed. Validation is based on controls formulated by Cloud Advisor engineers and created by the user in Rego.
Notifications and teamwork
When a security policy violation that requires an immediate response is detected, Cloud Advisor will notify the person in charge by email, Telegram, or create a task in Jira. You can set up notifications so that certain alerts are received by certain employees.