cloud security posture assessment
Overview
Cloud Security Posture Management is defined by Gartner as “a continuous process of cloud security improvement and adaptation to reduce the likelihood of a successful attack.” The unique nature of the cloud requires a new security concept that can address the distributed and constantly changing cloud infrastructure. Cloud Security Posture Assessment (CSPA) reviews enterprise cloud environments to identify gaps between their stated security policy and the actual security posture and mitigate any cloud security risks that might occur.
Benefits of Cloud Security Posture Assessment
At the heart of CSPA is the detection of cloud misconfiguration vulnerabilities that can lead to compliance violations and data breaches. CSPA offerings typically use APIs of the underlying cloud providers to monitor environments for security or policy violations with the option of remediating the violations to ensure compliance with policies.
Some of the benefits of CSPA include:
- Visibility of multi-cloud environments to identify cloud misconfiguration vulnerabilities
- Optional ability to perform remediation of misconfigurations to ensure continuous compliance and protect critical cloud services
- Leverage of prebuilt compliance libraries of common standards or best practices such as CIS Foundations Benchmarks, SOC 2, PCI, NIST 800-53, or HIPAA to verify that configurations are compliant
Areas Covered in Assessment
-
Identity and access management
Protecting users through securing accounts and ensuring appropriate access control policies are implemented
-
Threat protection and cloud security
Minimising risk of attack across endpoint, mail, cloud and web, through appropriate Microsoft Defender configuration
-
Data Protection
Ensuring labelling is applied consistently, Data Loss Prevention is appropriately configured, and data sharing is monitored and controlled
-
Endpoint management
Defining appropriate device and mobile application management processes to protect corporate and non-corporate devices
-
Security Management
Integrating with existing procedures and processes to ensure that configuration and security changes are properly managed and governed.
Service Highlights
Identity and Access Management
- Single Sign-On & Self-Service Password Reset
- Multi-Factor Authentication
- Conditional Access
- Privileged Access Management
Endpoint Management
- Mobile Application Management
- Mobile Device Management
Data Protection
- Data Discovery
- Data Classification
- Data Loss Prevention
- Insider Risk Management
- Device Encryption
- Encrypted Cloud Storage
- Secrets Management
- Information & Messaging Encryption
Cloud Security
- Cloud Access Security Broker
- Cloud Security Posture Management
Threat Protection
- Endpoint Detection & Response
- Endpoint Protection Platform
- Forensic Tools
- Intrusion Prevention System
- Threat Vulnerability Management
- Anti-Phishing
- User & Entity Behaviour Analytics
- Threat Intelligence Feeds
- App & Browser Isolation
- Attachment Sandboxing
- Application Control
- End-user Training
- Network Firewall (URL Detonation)
- Host Firewall
- Secure Email Gateway
- Security Assessment
- SIEM
- SOARIncident Response Services
- DDoS Protection
- IoT Protection