Solution Brief

Mitigating Cloud Security & Compliance Risks with CloudHealth Secure State

Reducing misconfigurations, monitoring malicious activity, and preventing unauthorized access are foundational activities necessary to ensure security and compliance of applications and data in the cloud. As criminals become more sophisticated in their abilities to exploit cloud misconfiguration vulnerabilities, security teams need a smarter approach to prevent security breaches.

CloudHealth Secure State is an intelligent cloud security and compliance monitoring platform that helps organizations reduce risk and protect millions of cloud resources by remediating security violations and scaling best practices at cloud speed.

Six points about VSS

"According to Gartner, through 2025, 99% of cloud security failures will be the customer’s fault and 90% of the organizations that fail to control public cloud use will inappropriately share sensitive data."1

How CloudHealth Secure State Works

Foundational to CloudHealth Secure State is an Interconnected Cloud Security Model, an intermediate data layer that leverages cloud APIs, change events, and native threat data to help organizations model entire multicloud environment in a single place. The service automatically applies to this data lake, a set of best practices based on pre-defined security & compliance benchmarks as well as organization-specific custom rules to surface violations that increase risk.

Information security teams can quickly visualize misconfigured resources, other assets that can be exposed through these misconfigurations, and track historical changes to get a better understanding of overall risk. As objects, data, and relationships change, the service intelligently detects new violations in near real time and enables users to send alerts or initiate automated actions to immediately eliminate security risk.

cloudhealth secure state interconnected cloud security model

Delivered as a Service, CloudHealth Secure State is easy to onboard. Once configured, CloudHealth Secure State helps security prioritize violations, visualize context, report issues, and plan actions necessary to remediate risks.

In cloud, security is a shared responsibility between a cloud provider and a customer’s security and application teams. CloudHealth Secure State helps organizations operationalize security by supporting multiple cloud providers and enabling security administrators to distribute insights across application owners at real-time speed. With easy access to security findings and actions via API, application teams can proactively verify configurations at the time of deployment and minimize the cost associated with implementing security policies.

Who can benefit from CloudHealth Secure State?

  • Cloud Security Architects
  • Cloud Security Engineers
  • Security Operations
  • Governance, Risk, and Compliance
  • Vulnerability Management
  • DevOps Engineers

Key Use Cases

Posture Management

Improve cloud security posture with real-time visibility into resource relationships, misconfigurations, risk scores, and change activity

Continuous Compliance

Continuously assess and improve compliance with support for a range of compliance frameworks including CIS, NIST, GDPR, SOC 2, PCI, and HIPAA

Threat Correlation

Correlate events from cloud-native threat feeds with resource misconfigurations to monitor suspicious activities, run investigations, and respond quickly

Shift Left Security

Proactively verify configurations as a part of CI/CD pipeline, notify developers on violations, and build guardrails to scale security

Screenshot of VSS Platform Page

“CloudHealth Secure State enables us to visualize risk with a graph view, so that we can easily convey the impact of changes to key stakeholders – for example, we can show that something is not just affecting a server but also certain databases that are connected to it.”

— Kolby Allen
Platform Operations Architect, Zipwhip

Key Features

Shows interconnected nature of VSS and Instance relations

 

Features Benefits

Multicloud Security

Improve security posture and manage risk consistently across major cloud providers such as AWS, Azure, and Google Cloud

Graph Context

Visualize misconfigurations and threats in context with resource relationships, metadata, and change activity

Risk Scores

Prioritize security violations by understanding blast radius and severity based on quantified risk

Resolved Violations 

Audit changes and track progress developers are making by resolving security violations across cloud accounts

Suppressions 

Allow exceptions to security policies and eliminate false positives by putting cloud accounts and objects on security allow lists

Explore

Search inventory and visually navigate cloud topology to investigate risks

Secure Remediation Approach

Remediate misconfigurations without elevating write privileges to CloudHealth Secure State SaaS application

Open-Source Remediation Jobs

Use remediation jobs published on the GitHub community and contribute new jobs to help others resolve findings faster

Projects

Group cloud accounts and enable owners to self-service and reduce security violations through role-based access controls

Custom Compliance Frameworks

Group security rules from multiple sources to benchmark security posture against organiztion-specific standards

Key Integrations

Integration Benefits

Splunk

Enable security operations teams to detect and report on cloud misconfigurations and threats in Splunk App

AWS GuardDuty

Detect and correlate GuardDuty alerts with misconfigurations and object relationship context

Slack

Automatically notify developers on security violations and remediation actions

Amazon SQS

Use security findings to trigger programmatic actions such as serverless functions

Findings API

Query, filter, and aggregate findings data such as violations, events, and anomalies across your cloud accounts

Entity Data API

Search, filter, and aggregate cloud inventory data to gather deeper insights about your cloud environment

Rules API

Explore details about security controls and compliance frameworks in place for internal reporting

Want to learn more?

With CloudHealth Secure State’s real-time detection and remediation capabilities, you can proactively mitigate risks across cloud environments. Talk to an expert on cloud security and compliance best practices or request a free CloudHealth Secure State trial. 

1 Is the Cloud Secure? Gartner blog post, October 2019