DivvyCloud is a way to deploy policy, minimize blast radius, and give developers the freedom to operate within the guide rails of safety.Thomas Martin
Feature Release 19.2 Introducing Compliance Scorecard, Threat Detection, IaC Protection, and Enhanced IAM Protection
We are excited to announce our newest release of 2019! Collaboration with our customers and the broader community help shape our releases with improvements to core capabilities around discovery, analysis, and automated remediation of cloud and container infrastructure. Each release also includes several new features and support for the ever-expanding portfolio of services from the major cloud providers.
This release focuses on data protection, reporting, and visibility and we’ve introduced some fantastic capabilities including a beta release of our Compliance Scorecard, which surfaces a visual representation of compliance in the form of an interactive heat map. We’ve also leveraged Cloud Service Provider (CSP) services (e.g., Amazon GuardDuty) for best-in-class intelligent threat detection, and enabled customers to evaluate Infrastructure-as-Code (IaC) templates for security issues, misconfigurations, and policy violations in a simulated run against real cloud data to test policies before deployment. Our support for Amazon Web Services, Microsoft Azure, and Google Cloud Platform has increased with more new filters, actions, and general enhancements, and finally, customers now can export compliance information from insight packs.
- Compliance Scorecard
- Threat Detection
- IAM Protection
- Lots of enhancements and added support for AWS, GCP, and Azure
As part of 19.2, DivvyCloud is excited to announce the beta release of the Compliance Scorecard. This new feature delivers a visual representation of risk aligned with regulatory standards, industry standards, or your own corporate standards; through an interactive heat map.
With fast paced changes in infrastructure, and the need to have flexibility for deployments into cloud platforms, it has become increasingly challenging to remaining compliant to Industry Standards (e.g. NIST 800-53, ISO 27001, etc.). DivvyCloud’s Compliance Scorecard helps you audit compliance and identify risks in your cloud environment in a simple, transparent way.
It can assist a variety of teams, including auditors, operations, security and management, in identifying areas with possible compliance issues. With a unified view across all cloud environments it can be filtered by facets like cloud environment, account, business unit, application, risk profile, compliance standard, etc.
Compliance Scorecard can provide guidance for appropriate action on the right resources to mitigate security, governance or compliance issues. In addition to the unified display, Compliance Scorecard results can be downloaded as a stylized Excel spreadsheet, emailed on a daily or weekly cadence, or even exported to long term storage.
And read more about Compliance Scorecard here
With the release of 19.2, DivvyCloud leverages Cloud Service Provider (CSP) services (e.g., Amazon GuardDuty) for best-in-class intelligent threat detection that continuously monitors for malicious activity and unauthorized behavior. These CSP services use machine learning, anomaly detection, and integrated threat intelligence built by the CSPs themselves to identify and prioritize potential threats. Example activities that can be detected include crypto-currency mining, credential compromise behavior, communication with known command-and-control servers, and API calls from known malicious IPs.
When a threat is identified, DivvyCloud can perform automated remediation actions including reconfiguring cloud services, making changes to cloud infrastructure, driving human-centered workflows with integration into systems like ServiceNow and Jira, and orchestrating workflow actions in other security and management systems.
DivvyCloud helps govern Identity and Access Management (IAM) and adopt a unified zero trust security model across your cloud and container environments. In these environments, everything has an identity: users, applications, services, and systems. This provides enormous flexibility, but also creates the opportunity for substantial risk, as every service is potentially reachable by every other one, regardless of location, but only if an implicit trust is defined. DivvyCloud helps you address this perimeter fluidity and the substantial challenges created by security professionals having to govern cloud environments at scale.
Protecting the identity perimeter at scale requires automated monitoring and remediation around access management, role management, identity authentication, and compliance auditing. DivvyCloud helps you build a circle of trusted identities and layers of trust.
For example, we help automate a number of elements of IAM governance including:
- Strong authentication: enforce MFA policies on cloud user accounts
- Least privilege: provide checks to restrict identities to do no more than they are supposed to
- Secure service accounts: manage service accounts and service account keys securely
- Auditing: enforcing best practices for the use of audit logs and cloud logging roles
- Policy management: ensure that you’ve implemented and managed your policies appropriately including identity-based policies, resource-based policies, permission boundaries, service control policies, access control lists, and session policies
- Support for Shield
- Support for Route53 Domains
- Support for DirectConnect
- Support for the Resource Group Tagging API
- Visibility to SageMaker lifecycle and root access configuration
- Visibility to EKS Public/Private Endpoints
- Visibility into Elasticsearch Node-to-Node Encryption
- Support for Interconnects
- Support for Preemptible Instances
- Storage Accounts
- Azure Database for MariaDB
- Key Vault
- Load Balancers
- Express Route
- Security Center
- Route Tables
- Unmanaged Disks
- Enhanced tag visibility
DivvyCloud mitigates security and compliance risk by providing virtual guardrails for security, compliance, and governance to customers embracing the dynamic, self-service nature of public cloud, and container infrastructure. Customers like General Electric, Discovery Communications, and Fannie Mae run DivvyCloud’s software to achieve continuous security governance in cloud and container environments (AWS, Azure, GCP, Alibaba, and Kubernetes). First, our software performs real-time, continuous discovery of infrastructure resources allowing customers to identify risks and threats. Second, customers can implement out-of-the-box or custom cloud-native policy guardrails that identify and alert on violations. Third, we automate the enforcement and remediation of these policies.