Cavirin Systems, Inc.,
the only company providing risk, cybersecurity and compliance posture
for the enterprise hybrid cloud, today announced the general
availability of its Winter 2019 CyberPosture Intelligence release.
New capabilities include closed-loop security for Google Cloud and
Amazon Web Services (AWS), Google Cloud Security Command Center (SCC)
integration, Ansible auto-remediation for Linux workloads, and machine
learning-based CyberPosture scoring that helps customers prioritize
remediation based on risk.
"Our
Winter 2019 release is the next step in delivering on our vision of
true multi-cloud closed-loop security," said Bashyam Anant, Vice
President of Product Management at Cavirin. "Current security solutions
use a siloed approach for proactive and reactive security, leaving
organizations vulnerable. With closed-loop security, Cavirin is the
first to assess the impact of alerts related to new, deleted or changed
resources from monitoring solutions like AWS CloudTrail and Google
StackDriver, using CyberPosture scoring to prioritize infrastructure
changes based on their risk. Security gaps can be auto-remediated using
each cloud's serverless functions."
Cavirin
is also the first to apply machine learning to recommend technical
controls for industry standards (e.g. NIST 800-171) and regulatory
frameworks (e.g HIPAA) with associated weights and severities, which in
turn drives the ability for customers to drive compliance based on risk,
using Cavirin's CyberPosture scores.
"Compliance
and security professionals struggle with translating regulatory
requirements and industry standards to automated technical controls -
spreadsheets and manual mapping processes are the state of the art.
While organizations like the Unified Compliance Framework (UCF) have
provided a universal/canonical representation of regulatory
requirements, gaps still remain with respect to mapping requirements to
technical controls with quantitative inputs that can drive risk scoring
and analytics," said Mukul Kumar, Vice President of Cyberpractice at
Cavirin. "Cavirin's Recommender System streamlines the mapping process
while automatically assigning inputs required for CyberPosture scoring
and risk-based remediation."
Furthermore,
Cavirin's auto-remediation capabilities, based on serverless functions
for AWS and Google Cloud, can be invoked to affect the required
remediation, significantly reducing the time and effort to close
security gaps identified by alerts. Closing the loop from alerts to
scoring and remediation is at the heart of closed-loop security and
helps address the top three concerns for protecting cloud workloads as
described in a just-released AWS cloud security survey by
Cybersecurity Research - visibility into infrastructure security (44%),
setting consistent security policies (42%), and compliance (42%).
The complete list of Winter 2019 features includes:
- Closed-loop security for Google Cloud via Google StackDriver Monitoring and Google Functions for auto-remediation: This
closes the loop from monitoring to change management by offering
automated identification and correction of account and services security
issues before they become an issue.
- Google Cloud Security Command Center integration: Offers
customers single-pane visibility into CyberPosture scoring and
management for Google Cloud Platform (GCP) services and resources,
extending to on-premise assets. It permits visibility into risk posture
monitoring and remediation of the customer's Google Cloud services and
resources configurations, alerting the user to any changes including the
what, who, and when. Cavirin's Google Cloud SCC Companion is available
via the Google Cloud Marketplace.
- Ansible integration to streamline the hardening of operating systems powering compute instances: Cavirin
periodically assesses all instances, checking for drift against a known
baseline and recommending and carrying out remediation through Ansible
to re-establish the instances' golden posture.
- Technical controls mapped to compliance and security frameworks (e.g. HIPAA, NIST 800-171): These
controls now leverage a machine learning based Cavirin Recommender
System to ensure consistency of mapping and the resulting weights and
severity. This further improves the efficacy of CyberPosture scoring and
resulting remediation guidance.
- Reporting enhancements: A
new change reports feature offers the ability to compare the latest
assessments against the previous one, enabling users to quickly gauge
the effectiveness of change management. A new reporting service for
RSA-Archer permits management of Cavirin-reported compliance posture
gaps through an organization's existing GRC platform.
- Enhanced connectivity through bastion and proxy hosts: Network
segmentation and isolation are important best practices. With the
Winter release, customers can isolate compute instances behind bastions
and proxy hosts while allowing Cavirin to discover and assess these
assets.
Cavirin
removes security compliance as a barrier to cloud adoption through
automation with the broadest set of customizable frameworks, benchmarks
and guidelines available. The company's solution secures both the public
cloud control plane as well as target hybrid cloud workloads (servers),
on-premise, within the public cloud, and within containers.