Get My Score

Cavirin 2018 Summer Release Overview (Part 1)

CyberPosture Intelligence

“NEW” CyberPosture Intelligence Solution

Single-click Hybrid Cloud CyberPosture scoring with actionable intelligence using a breakthrough user experience that’s dynamic, interactive and contextual. CyberPosture provides a credit-score like rating 0-100, quantifies the health of the infrastructure, which can be used by customers to do root cause analysis for all cybersecurity, risk and compliance issues followed by protection, monitoring and remediation through prioritized gap reports and/or auto-remediation using Cavirin automation based “CavBots".

Cavirin has announced the “new” CyberPosture Intelligence solution with its Summer 2018 release, now available. With the Summer 2018 release, customers benefit from breakthrough improvements on multiple fronts (visit the "Why Cavirin" page for an introduction into our CyberPosture Intelligence solution). Here is the first part (in a two-part series) a highlight of the of the customer benefits along with the features supported in this release: 

 

1.  New User Experience - CISO Dashboard with single-click actionable intelligence 

A new CISO/SecOps dashboard with a new CyberPosture scoring algorithm which enables a “credit-score” like representation of risk, security and compliance posture across the hybrid cloud infrastructure, including AWS, Google Cloud, Azure, containers and on-premises infrastructure. The CyberPosture score “quantifies” the health of the hybrid cloud infrastructure by assigning a score between 0-100, higher the score the better it is. More on the scoring methodology later.

Customers can get contextual actionable intelligence in the form of prioritized gap reports which is updated contextually based on the selections made in the middle pane. Remedial actions such as opening a JIRA/ServiceNow ticket, or signaling through Slack messages is one click away!

Customers can analyze trends and drill down into scores by asset group, environment, policy pack, cloud service, operating systems, and individual resources to pinpoint risk and prioritize remediation plans. Every score provides security & compliance drill downs for on-premise and cloud resources. 

 

enterprise security score 

 

In summary, the new user experience, which has received rave reviews from customers provides the following:

  • CyberPosture Scoring – contributions from security/compliance issues
  • Dynamic, Interactive and personalize-able based on role-based access control. The Dashboard is continuously updated in real-time
  • Ability to click-through and drill down to do root cause analysis to understand the cause for the various issues affecting the customer
  • Actionable intelligence is a click or two away

 

2.  Enhanced Hybrid Cloud Infrastructure Support

Several new enhancements have been made to augment support for the Hybrid Cloud infrastructure in the summer release.

CyberPosture Scoring: Credit score like rating between 0-100 - The CyberPosture score analyses and quantifies the health of the end-to-end hybrid cloud infrastructure by assigning a score between 0-100 using several variables described below. This is unique in the industry and Cavirin is the only company that provides a CyberPosture score for the hybrid cloud.

Higher scores mean that the risk exposure of the infrastructure is lower. This score quantifies the Cyber- Risk Exposure and is a measure of the risk for the hybrid infrastructure due to a combination of security and compliance issues which could lead to cyber-breaches. The list of various contributing factors that contribute to the overall CyberPosture scoring:

  • Asset Criticality: Asset criticality ensures that all the critical assets contribute more towards the overall CyberPosture score than less critical ones. CyberPosture scores are now based on user-assigned Confidentiality, Integrity and Availability ratings for every resource. As a result, critical resources can be identified, scored and prioritized for remediation.
  • Configuration Vulnerability Assessment: All configuration and vulnerabilities related issues are quantified and contribute towards the overall CyberPosture scoring.
  • Real-time Monitoring: the hybrid infrastructure is continuously monitored, and the real-time impact of the monitoring is included in the overall CyberPosture. The score is updated in real-time continuously.
  • Control Frameworks: Cavirin supports 25 control frameworks, 80,000 policies. Depending on the frameworks selected each control policy contributes towards the overall CyberPosture score.

For more information on CyberPosture Scoring, download our whitepaper.  

Enhanced Cloud Policies and Resource Scoring - The cloud resources discovery process has been greatly enhanced in the summer release. Several new control frameworks have been added, please see details below.

Cloud Resource Discovery and Scoring (New) - All cloud resources, services, and accounts are discovered and scored separately as an asset.  Cavirin’s cloud and on-premise resource inventory discovers and depicts resources associated with AWS, Google Cloud and Azure services including object stores (e.g. AWS S3, Google GCS), VPC, Security Groups, databases (e.g. AWS RDS), key management services (e.g. AWS KMS) and more.

CyberPosture for Azure Cloud (New) - Support for CIS Azure control policy framework along with Cavirin specific policies for Azure cloud infrastructure. Developed new Visibility of Azure Cloud resource types (e.g. Azure Cloud Storage) and additional technical controls from CIS Azure Foundation to drive CyberPosture scoring and remediation guidance for Azure.

CyberPosture for Google Cloud (New) - Support for CIS GCP control policy framework along with Cavirin specific policies for Google cloud infrastructure. Visibility of Google Cloud (e.g. Google Cloud Storage) resources and Cavirin-defined technical controls for Google Cloud to drive CyberPosture scoring and remediation guidance for Google Cloud.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Part 2 of this blog series (now available) shares more of the customer benefits and features supported in this summer release.  

0
0
0
s2sdefault

© 2018 Cavirin Systems, Inc. All rights reserved.