According to Gartner, through 2025, 99% of cloud security failures will be the customer’s fault and 90% of the organizations that fail to control public cloud use will inappropriately share sensitive data.1
Reducing misconfigurations, monitoring malicious activity, and preventing unauthorized access are foundational activities necessary to ensure security and compliance of applications and data in the cloud. As criminals become more sophisticated in their abilities to exploit cloud misconfiguration vulnerabilities, security teams need a smarter approach to prevent security breaches.
CloudHealth Secure State is an intelligent cloud security and compliance monitoring platform that helps organizations reduce risk and protect millions of cloud resources by remediating security violations and scaling best practices at cloud speed.
Multi-Cloud Security
Build a unified approach for managing risks across clouds
Real-Time Detection
Detect security events and violations within minutes
Deeper Insights
Graphically visualize resources, relationships and risks
Risk Prioritization
Focus on resources with maximum security exposure
Automated Response
Automate reports, alerts and remediation of violations
Team Collaboration
Enable security, operations, and developer teams
How CloudHealth Secure State Works
Foundational to CloudHealth Secure State is an Interconnected Cloud Security Model, an intermediate data layer that leverages cloud APIs, change events, and native threat data to help organizations model entire multicloud environment in a single place. The service automatically applies to this data lake, a set of best practices based on pre-defined security & compliance benchmarks as well as organization-specific custom rules to surface violations that increase risk.
Information security teams can quickly visualize misconfigured resources, other assets that can be exposed through these misconfigurations, and track historical changes to get a better understanding of overall risk. As objects, data, and relationships change, the service intelligently detects new violations in near real time and enables users to send alerts or initiate automated actions to immediately eliminate security risk.
Delivered as a Service, CloudHealth Secure State is easy to onboard. Once configured, CloudHealth Secure State helps security prioritize violations, visualize context, report issues, and plan actions necessary to remediate risks.
In cloud, security is a shared responsibility between a cloud provider and a customer’s security and application teams. CloudHealth Secure State helps organizations operationalize security by supporting multiple cloud providers and enabling security administrators to distribute insights across application owners at real-time speed. With easy access to security findings and actions via API, application teams can proactively verify configurations at the time of deployment and minimize the cost associated with implementing security policies.
Who can benefit from CloudHealth Secure State?
- Cloud Security Architects
- Cloud Security Engineers
- Security Operations
- Governance, Risk, and Compliance
- Vulnerability Management
- DevOps Engineers
Key Use Cases
Cloud Search & Investigation
Reduce security and operations investigation time from days to minutes with real-time, relationship-based inventory search for multiple cloud providers
Cloud Security Posture Management
Enable developer teams to reduce cloud misconfigurations with real-time insights, visual context, and auto-remediation of security violations
Kubernetes Security Posture Management
Identify Kubernetes resource misconfigurations and scan connections with external cloud services to prevent accidental data exposure or access to administrative cloud credentials
Continuous Compliance Improvement
Continuously benchmark compliance with support for a range of compliance frameworks such as CIS, GDPR, HIPAA, ISO 27001, MITRE ATT&CK Cloud, NIST, PCI, and SOC 2
Cloud Threat Correlation
Prioritize threat response and improve productivity of security teams by correlating events from cloud native threat feeds with critical resource misconfigurations
Shift Left Security
Reduce cost and time spent on fixing security violations by proactively verifying resource configurations as a part of CI/CD pipeline and building guardrails to scale security
CloudHealth Secure State enables us to visualize risk with a graph view, so that we can easily convey the impact of changes to key stakeholders – for example, we can show that something is not just affecting a server but also certain databases that are connected to it.
— Kolby Allen, Platform Operations Architect, Zipwhip
Key Features
| Features |
Benefits |
|---|---|
| Multicloud Security |
Improve security posture and manage risk consistently across major cloud providers such as AWS, Azure, and Google Cloud |
| Graph Context |
Visualize misconfigurations and threats in context with resource relationships, metadata, and change activity |
| Risk Scores |
Prioritize security violations by understanding blast radius and severity based on quantified risk |
| Resolved Violations |
Audit changes and track progress developers are making by resolving security violations across cloud accounts |
| Suppressions |
Allow exceptions to security policies and eliminate false positives by putting cloud accounts and objects on security allow lists |
| Explore |
Search inventory and visually navigate cloud topology to investigate risks |
| Secure Remediation Approach | Remediate misconfigurations without elevating write privileges to CloudHealth Secure State SaaS application |
| Open-Source Remediation Jobs | Use remediation jobs published on the GitHub community and contribute new jobs to help others resolve findings faster |
| Projects | Group cloud accounts and enable owners to self-service and reduce security violations through role-based access controls |
| Custom Compliance Frameworks | Group security rules from multiple sources to benchmark security posture against organiztion-specific standards |
Key Integrations
| Integration |
Benefits |
|---|---|
| Splunk |
Enable security operations teams to detect and report on cloud misconfigurations and threats in Splunk App |
| AWS GuardDuty |
Detect and correlate GuardDuty alerts with misconfigurations and object relationship context |
| Slack |
Automatically notify developers on security violations and remediation actions |
| Amazon SQS |
Use security findings to trigger programmatic actions such as serverless functions |
| Findings API |
Query, filter, and aggregate findings data such as violations, events, and anomalies across your cloud accounts |
| Entity Data API |
Search, filter, and aggregate cloud inventory data to gather deeper insights about your cloud environment |
| Rules API |
Explore details about security controls and compliance frameworks in place for internal reporting |
Want to learn more?
With CloudHealth Secure State’s real-time detection and remediation capabilities, you can proactively mitigate risks across cloud environments. Talk to an expert on cloud security and compliance best practices or request a free CloudHealth Secure State trial.
1Is the Cloud Secure? Gartner blog post, October 2019
Key Use Cases for CloudHealth Secure State
- Posture Management
- Continuous Compliance
- Threat Correlation
- Shift Left Security