CipherCloud, a provider of integrated cloud security and data privacy, has released its Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) solutions capabilities. This new offering would enable CipherCloud clients to prevent unintended cloud misconfigurations that can lead to data loss, while enabling more consistent compliance with industry standards such as GDPR, CCPA, HIPAA and PCI.
Delivered as an integrated component of the company’s CASB+ solution, CipherCloud CSPM and SSPM would directly address the leading cause of cloud security and data breaches – unseen cloud configuration errors. CipherCloud CSPM and SSPM deliver continuous oversight and real-time guardrails. It would enable practitioners to protect critical administrative and configuration controls across their numerous SaaS and IaaS environments – including Salesforce.com, Office 365, Amazon AWS, Microsoft Azure, and Google Cloud.
“Our customers are asking us to provide them with all the security and GRC capabilities they need to address their cloud security challenges in an integrated solution, and CSPM has become a huge requirement based on the sheer number of related breaches,” said Pravin Kothari, founder and CEO of CipherCloud. “The growing scale and complexity of SaaS and cloud environments have made it impossible for security teams to properly address this issue using manual processes. Organizations need automated analysis and remediation to prevent risky configuration exposures and remain both protected and compliant.”
CipherCloud’s CSPM and SSPM continuously scan SaaS and cloud services to discover problematic configurations, user errors, and perform automatic remediation of identified exposures. It would secure cloud accounts from unintended data loss due to security blindspots or configuration oversight.
The solution also defines pre-built rules to reflect leading security methodologies and compliance frameworks. This includes CIS Foundations Benchmarks, GDPR Compliance, HIPAA Compliance, and PCI DSS Best Practices. It would also provide the option to validate cloud security posture against the native CipherCloud Best Practices framework.
Key processes addressed by CipherCloud CSPM and SSPM include:
- Configuration changes – Detecting less secure configurations on new resources and unintentional access/configuration changes on all existing resources
- Compliance – Ensuring that the IaaS platform is deployed securely and appropriately configured to meet regulatory standards, security policies & CIS benchmarks
- Continuous Monitoring – Continuously monitoring configuration changes to alert on insecure configurations, applying tags to inform further analysis
- Reporting – Periodically running security assessments to analyze and detail changes, and generate corrective actions
CipherCloud CASB+ Platform
The CipherCloud CASB+ platform would enable complete control of SaaS and cloud applications to provide advanced visibility, data security, threat protection and compliance. CASB+ can protect any cloud service or application from unauthorized data access, upload, download, while sharing to meet corporate governance, compliance, and cybersecurity policies.
The cloud-native platform would ensure that confidential and sensitive data is protected at all locations – in the cloud and on users’ devices. CASB+ provides one centrally controlled unified platform for enterprises to safely use the largest and most diverse multi-cloud environments – email, SaaS, PaaS, or IaaS, and custom clouds. CipherCloud CASB+ has the ability to scale to fit any enterprise.