Amazon Web Services
DivvyCloud provides a unification layer to work in concert with the underlying AWS security controls to enable audit, visibility, protection, detection, and automation of security controls running on AWS. DivvyCloud monitors and remediates cloud and container misconfigurations and policy violations. Allowing customers to achieve continuous security and compliance and realize the benefits of cloud and containers. DivvyCloud is an APN Advanced Technology Partner and has achieved the AWS Security and AWS Cloud Management Tools Competencies.
FEATURES:
Unified visibility allows you to monitor and understand security and compliance posture across your cloud environment. DivvyCloud employs a unique two-tiered monitoring strategy that uses both API polling and an event-driven approach for faster detection of changes to cloud service configurations to achieve real-time automation and remediation. By standardizing cloud data, security professionals write policies to resource types, making cloud security more accessible and future-proofing policies as new services are released.
The DivvyCloud platform automates the protective and reactive controls necessary for an enterprise to innovate at the speed enabled by AWS. With API polling and event-driven approach to identify risk and trigger remediation, DivvyCloud provides fast detection of changes that enables automated remediation to occur in real-time. DivvyCloud provides a highly customizable automation engine that allows customers to easily define workflows that deliver remediation of human-centered processes and 3rd party systems, and by programmatically taking lifecycle actions inside AWS.
Customers can easily extend our product to address unique use cases and to orchestrate and integrate with 3rd party products. DivvyCloud offers a plugin-based approach to development, comprehensive bidirectional API, and flexible data model. DivvyCloud is designed to integrate with external systems for both inbound (data aggregation, data collection) and outbound (notifications, ticketing) actions. The Integrations interface enables customers to easily configure these third-party integrations, such as those for Slack, PagerDuty, ServiceNow, and others. Combined, these capabilities provide a platform that delivers immediate value out-of-the-box but is also flexible and adaptable to address unique business needs of complex customers.
- Challenge
In 2016, as the entertainment media industry was changing rapidly, Discovery’s leadership realized they needed to change with the times. But they also saw an opportunity to grow and innovate. Their overarching mission was to facilitate the rapid development of new content and amplify when, where, and how they delivered content to consumers. Trying to move from traditional data centers to AWS required a sound foundation to avoid financial and logistical inefficiencies. - Solutions
Discovery embarked upon an 18-month journey to transform itself into a cloud-first company. Though the solution was straightforward, it was by no means simple. Discovery needed to select the right tools to implement and embrace policy enforcement from the start, so the IT team selected DivvyCloud to facilitate the strategic shift toward technology enablement. - Results
Discovery has become a leading consumer-focused, content-first corporation. They have built and nurtured their base of super-fans through technology reinvention and transformation. Discovery’s use of DivvyCloud has grown consistently over the past year. There are more business units, including the InfoSec and MotorTrend teams, that are now using DivvyCloud. They have embraced automation through DivvyCloud’s Bot Factory, which has enabled them to take corrective action to resolve routine issues and notify the right people of issues requiring elevation.
AWS Resources:
Google Cloud Platform
DivvyCloud protects Google Cloud Platform (GCP) from misconfigurations, policy violations, threats, and IAM challenges. With automated, real-time remediation you can achieve continuous security and compliance, and can fully realize the benefits of IaaS, PaaS, Serverless, FaaS, and CaaS cloud services. DivvyCloud protects GCP cloud services, for example,Virtual Private Cloud, Compute Engine, Cloud Storage, Resource Manager, Cloud Functions, and much more.
When using GCP, security, and compliance is a shared responsibility between Google and the customer. You as the customer are responsible for the secure and compliant configuration and use of these cloud services.
The use of GCP delivers unparalleled ability to rapidly bring new products and services to the market, and flexibly scale these in real-time to meet demand. This agility is often reliant on providing self-service access to developers to cloud and container services and if not approached properly this can create a loss of control.
It is vitally important for organizations to put in place strategies that secure customer information, protect intellectual property, and safeguard financial transactions and other critical business processes. Many organizations also must adhere to government, industry, legal, or corporate standards.
Ensuring continuous security and compliance across one or more cloud service providers can be challenging given the rate of change, the scale and speed of cloud adoption, and the increasing number of users provisioning and configuring cloud services.
Leading companies, like Twilio, Spotify, Fannie Mae, Autodesk, 3M, and GE use DivvyCloud to protect their cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges. With automated, real-time remediation DivvyCloud customers achieve continuous security and compliance, and can fully realize the benefits of GCP.
Freedom is good. Chaos is bad.
GCP Supported Services
- BigQuery
- Cloud Bigtable
- Cloud DNS
- Cloud Dataproc
- Cloud Filestore
- Cloud Functions
- Cloud IAM
- Cloud Key Management Service
- Cloud Load Balancing
- Cloud Memorystore
- Cloud Pub/Sub
- Cloud SQL
- Cloud Spanner
- Cloud Storage
- Compute Engine (GCE)
- Interconnects
- Kubernetes Engine (GKE)
- Premptible Instances
- Resource Manager
- Virtual Private Cloud
GCP Resources:
Microsoft Azure
DivvyCloud protects Microsoft Azure, including Microsoft Azure Government, from misconfigurations, policy violations, threats, and IAM challenges. With automated, real-time remediation you can achieve continuous security and compliance, and can fully realize the benefits of IaaS, PaaS, Serverless, FaaS, and CaaS cloud services. DivvyCloud protects Azure cloud services, for example,Virtual Machines, CosmosDB, Azure Active Directory, Azure Blobs,Web Apps, Security Center, and much more.
When using Microsoft Azure, security, and compliance is a shared responsibility between Microsoft and the customer. You as the customer are responsible for the secure and compliant configuration and use of these cloud services.
The use of Azure delivers unparalleled ability to rapidly bring new products and services to the market, and flexibly scale these in real-time to meet demand. This agility is often reliant on providing self-service access to developers to cloud and container services and if not approached properly this can create a loss of control.
It is vitally important for organizations to put in place strategies that secure customer information, protect intellectual property, and safeguard financial transactions and other critical business processes. Many organizations also must adhere to government, industry, legal, or corporate standards.
Ensuring continuous security and compliance across one or more cloud service providers can be challenging given the rate of change, the scale and speed of cloud adoption, and the increasing number of users provisioning and configuring cloud services.
Leading companies, like Twilio, Spotify, Fannie Mae, Autodesk, 3M, and GE use DivvyCloud to protect their cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges. With automated, real-time remediation DivvyCloud customers achieve continuous security and compliance, and can fully realize the benefits of Azure.
Freedom is good. Chaos is bad.
Azure Resources:
Alibaba
It is vitally important for organizations to put in place strategies that secure customer information, protect intellectual property, and safeguard financial transactions and other critical business processes. Many organizations also must adhere to government, industry, legal, or corporate standards.
Ensuring continuous security and compliance across one or more cloud service providers can be challenging given the rate of change, the scale and speed of cloud adoption, and the increasing number of users provisioning and configuring cloud services.
Leading companies, like Twilio, Spotify, Fannie Mae, Autodesk, 3M, and GE use DivvyCloud to protect their cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges. With automated, real-time remediation DivvyCloud customers achieve continuous security and compliance, and can fully realize the benefits of Alibaba.
Freedom is good. Chaos is bad.
Kubernetes
Developers love containers and DevOps love Kubernetes. Kubernetes is cloud-agnostic, and you can run your cluster on AWS, GCP, Azure, or any other cloud. The rise of containers, and especially the popularity and accessibility of Kubernetes creates a new opportunity for companies to now be cloud agnostic, and frankly makes it much easier to be multi-cloud and provides an easier hedge against vendor lock-in.
The world of ephemeral computing using the cloud, containers, and Kubernetes continues to evolve in ways that are both innovative and challenging. Change happens so fast it’s hard for Security and GRC professionals to keep up. But there is help available. Using CIS Benchmarks combined with the automation capabilities of DivvyCloud will help companies embrace Kubernetes while improving their overall security posture.
DivvyCloud automation allows developers to engage in more experimentation and innovation. It provides the trust and verification that system administrators need to ensure that work is being done according to industry standard security guidelines and well-established best practices. Automated remediation technology is a powerful tool for companies that use Kubernetes to get quality software into the hands of customers at web scale. DivvyCloud and its holistic approach to supporting the CIS Benchmarks for Kubernetes provide a competitive advantage that is unequaled for companies that put Kubernetes at the forefront of their digital infrastructure.
You can learn how to add Kubernetes clusters to DivvyCloud here; information on adding AWS Kubernetes clusters to DivvyCloud is here.
The availability of commercial Kubernetes applications from providers like DivvyCloud is a critical part of extending enterprise investments and can simplify adoption of container-based infrastructure no matter what environment they operate in, either on-premise or in the public cloud.
– Jennifer Lin, Director of Product Management, Google Cloud
Kubernetes Resources:
- A Holistic Approach to Securing Kubernetes That Integrates Culture and Technology
- Managing the Kubernetes Security Flaw
- DivvyCloud Partners with Google to Help Launch Commercial Kubernetes Marketplace
- Comparison of Google GKE vs Microsoft AKS vs Amazon EKS
- Deploying Kubernetes Across Multiple Clouds