CloudHealth Secure State

Helping public cloud teams mitigate security and compliance risk through intelligent, real-time security insight.

Gain real-time visibility across clouds

Build a unified security monitoring approach for AWS, Azure, and Google Clouds to understand how a minor configuration change can elevate risk across all connected objects

  • Monitor ephemeral cloud resources and detect security events within minutes without excessive API calls to cloud
  • Visualize cloud resource relationships and associated misconfigurations, threats, metadata, and change activity
  • Explore inventory with typeahead search and investigate risks with powerful visualization capabilities for navigating cloud topology
  • Audit configuration changes and track progress developers are making in resolving security violations
The thing
VSS Dashboard

Establish security and compliance best practices

Establish organizational-wide standards while enabling flexibility through exceptions and policy customization

  • Educate developers on security and compliance risks and how to harden configurations according to CIS, NIST, SOC2, GDPR, HIPAA, and PCI controls
  • Define custom security policies and frameworks to precisely express unique business, cloud environment, or application needs
  • Allow exceptions to security policies by suppressing controls or specific findings that are not applicable to the environment, cloud account, or team
  • Focus on cloud resources or controls with maximum security exposures by prioritizing violations based on quantified risk
The other thing
VSS Compliance Dashboard

"How do you 'shift left' on security without sacrificing agility or speed? We use CloudHealth Secure State as part of that effort. It's enabled even better collaboration between DevOps and engineering and helped us put guardrails in place to develop more safe, secure applications and embody a 'develop quick, act fast' mentality."

— Patrick Hetherton, VP of Tech Ops | Jobcase

"With CloudHealth Secure State, we're able to visualize risk with a graph view, so we can easily convey the impact of changes to key stakeholders."

— Kolby Allen, Platform Engineer | ZipWhip

"CloudHealth Secure State tells us the risk factors in the event of any configuration changes. Because it's event-based, we're notified immediately. It's almost like we're self-healing our cloud space in real-time."

— John Morais, Sr. Platform Services Manager | Discovery Holdings

Remediate misconfigurations with automated actions

Resolve existing and new misconfigurations with flexible, in-account remediation

  • Automate actions across cloud environments without sharing write access privileges with CloudHealth Secure State monitoring service
  • Engage and contribute new custom remediation jobs to the open-source community to help service users resolve findings faster
  • Remediate existing violations by targeting actions to resources and enabling developers to automate changes based on published actions
  • Proactively auto-remediate new violations with guardrails that help developers avoid critical mistakes and reduce security risk
Remediate misconfigurations with automated actions

Empower developer, security, and operations teams

Drive security and compliance improvements by distributing insights across stakeholder teams

  • Centrally define security baselines while enabling developers to monitor and fix security violations in their environments through role-based access controls
  • Continuously verify security verification within CI/CD pipelines and notify developer and operations teams with real-time Slack alerts
  • Streamline visibility for security operations teams by integrating cloud misconfiguration insights within Splunk app
  • Intelligently monitor threats by correlating AWS GuardDuty insights with resource misconfigurations, relationship context, and change activity
VSS Dashboard