Dome9 Security, the public cloud security company, announced powerful new capabilities in the Dome9 Compliance Engine that extend the scope of the platform’s automation beyond security and compliance monitoring and assessment to active remediation. Using this new Compliance Engine functionality, enterprises can accelerate the resolution of dangerous misconfigurations and minimize the window of vulnerability in their public cloud environments.
“The dynamic nature of the public cloud and its fluid perimeters create a very small window within which any potential issues such as exposed storage buckets need to be found and fixed before they are exploited by malicious actors,” said Zohar Alon, co-founder and CEO of Dome9 Security. “The most effective way to secure public cloud environments is through end-to-end automation and continuous enforcement of a strict security posture.”
The Dome9 Compliance Engine offers comprehensive automation to quickly assess the security and compliance posture of cloud environments and identify risks and gaps such as overly permissive security rules and weak passwords. The unique open-source CloudBots framework extends the Dome9 Compliance Engine to bring the power of automation to the entire compliance management lifecycle while still giving security operations teams complete control and flexibility over what actions are taken in their cloud environment.
CloudBots is a server-less framework that can be deployed with a single click in just a few minutes. A cloud security administrator can configure the Compliance Engine to automatically trigger a remediation function when a check associated with a compliance control or security best practice fails. The function, called a CloudBot, is run entirely within the customer’s environment, eliminating the need to grant third-party access to sensitive services and permissions. Dome9 has created an open-source GitHub repository for the community to build a library of CloudBots that represent remediation best practices.
“The Dome9 Compliance Engine continuously scans relevant cloud accounts in AWS, Azure and Google Cloud environments for policy violations, and then provides immediate alerts and reports. For some organizations, that is enough,” said Roy Feintuch, Dome9’s co-founder and CTO. “However, in large-scale cloud adoption, organizations prefer to move towards an automatic remediation approach where the system leverages CloudBots to address specific violations. This approach can reduce the workload for security operators and drastically reduce the time to resolve security issues.”
