Cloud Secure Series Tip 3: Preventative Controls Framework & 4: Actionable Risk Signatures

Today I will be presenting you with the third and fourth security dimensions in the Cloud Secure series. If you have some time, please read about the first dimension and second dimension part of these series.

PROBLEM STATEMENT #3

Let’s start with the need for an extensible and customizable real-time Preventative Controls framework. Staying compliant is harder than achieving compliance. Because of the elasticity of the cloud, enforcing your organization’s security baseline across the ever-changing infrastructure (immutable infrastructure) becomes increasingly challenging.

Saviynt’s solution: with deep integrations with AWS Config (learn more) and CloudWatch Events, Saviynt provides a robust and extensible preventative controls framework for organizations to enforce their security baseline policies across AWS ecosystem.

Provision of an extensible preventative control framework allows organizations to enforce their security baseline standards across AWS ecosystem. For example, stopping EC2 instances which have open SSH ports to internet, or terminating unencrypted RDS databases enable organizations to enforce their minimum baseline security policies and stay compliant in a continuous manner.

PROBLEM STATEMENT #4

Now I would like to discuss the need for out-of-the-box actionable risk signatures to map them to industry standard compliance mappings.

Understanding the shared responsibility model across cloud service models is paramount to understand ‘responsibility shift’. Enforcing Compliance mandates (PCI, HIPAA, FedRamp etc.) on AWS is a challenging and complex task. Organizations within regulated industries are spending significant time defining security and compliance controls to meet the stringent and complex compliance mandates.

Saviynt’s solution: Saviynt enables organizations by providing them with out-of-the-box risk signatures that include remediating controls. Creating risk signatures, which are actionable, empowers organizations to not only know about the violations but also to remediate them at the same time.

With its numerous field implementations, best practices and partnering with 3rd party products like Allgress, Saviynt is able to provide out-of-the-box actionable risk signatures that are mapped to industry standard compliance frameworks (e.g. CIS, PCI-DSS, NIST etc.)  . This not only expedites the process but also ensure the correctness of the mappings.

If you wish to learn more about these capabilities meet us at re:Invent 2017. Stop by our booth #2713 this Nov. 28! Register here: https://lnkd.in/eDXcteN.

Vibhuti Sinha

About author

As Saviynt's Chief Cloud Officer, Vibhuti Sinha, is the owner of Saviynt's cloud platform and products of Saviynt. As the owner of Saviynt's cloud platform, he is responsible to deliver Saviynt's IGA and cloud security offerings as services to its customers across the globe. He is also responsible for the strategy and innovation of products to secure various cloud providers, cloud applications and platforms. He has 16+ years of experience in defining security vision and roadmap, building security solutions, defining IAM strategy and implementing large scale security platforms for Fortune 500 organizations.

Leave a Reply

Your email address will not be published. Required fields are marked *