Freely subscribe to our NEWSLETTER

Cavirin is also the first to apply machine learning to recommend technical controls for industry standards (e.g. NIST 800-171) and regulatory frameworks (e.g HIPAA) with associated weights and severities, which in turn drives the ability for customers to drive compliance based on risk, using Cavirin’s CyberPosture scores.

Furthermore, Cavirin’s auto-remediation capabilities, based on serverless functions for AWS and Google Cloud, can be invoked to affect the required remediation, significantly reducing the time and effort to close security gaps identified by alerts. Closing the loop from alerts to scoring and remediation is at the heart of closed-loop security and helps address the top three concerns for protecting cloud workloads as described in a just-released AWS cloud security survey by Cybersecurity Research – visibility into infrastructure security (44%), setting consistent security policies (42%), and compliance (42%).

The complete list of Winter 2019 features includes:

Closed-loop security for Google Cloud via Google StackDriver Monitoring and Google Functions for auto-remediation: This closes the loop from monitoring to change management by offering automated identification and correction of account and services security issues before they become an issue.

Google Cloud Security Command Center integration: Offers customers single-pane visibility into CyberPosture scoring and management for Google Cloud Platform (GCP) services and resources, extending to on-premise assets. It permits visibility into risk posture monitoring and remediation of the customer’s Google Cloud services and resources configurations, alerting the user to any changes including the what, who, and when. Cavirin’s Google Cloud SCC Companion is available via the Google Cloud Marketplace.

Ansible integration to streamline the hardening of operating systems powering compute instances: Cavirin periodically assesses all instances, checking for drift against a known baseline and recommending and carrying out remediation through Ansible to re-establish the instances’ golden posture.

Technical controls mapped to compliance and security frameworks (e.g. HIPAA, NIST 800-171): These controls now leverage a machine learning based Cavirin Recommender System to ensure consistency of mapping and the resulting weights and severity. This further improves the efficacy of CyberPosture scoring and resulting remediation guidance.

Reporting enhancements: A new change reports feature offers the ability to compare the latest assessments against the previous one, enabling users to quickly gauge the effectiveness of change management. A new reporting service for RSA-Archer permits management of Cavirin-reported compliance posture gaps through an organization’s existing GRC platform.

Enhanced connectivity through bastion and proxy hosts: Network segmentation and isolation are important best practices. With the Winter release, customers can isolate compute instances behind bastions and proxy hosts while allowing Cavirin to discover and assess these assets.

Cavirin removes security compliance as a barrier to cloud adoption through automation with the broadest set of customizable frameworks, benchmarks and guidelines available. The company’s solution secures both the public cloud control plane as well as target hybrid cloud workloads (servers), on-premise, within the public cloud, and within containers. Cavirin maintains its cost-optimized footprint, quick deployment on-premise or within AWS, Google Cloud, and Azure, and less than 30 minutes to first remediation, on-par with SaaS-based offerings. Contact Cavirin for trials. The company will showcase its latest CyberPosture Intelligence capabilities at booth #4210 at RSA, which takes place March 4-8 in San Francisco. Register here for a free pass or demo.