Cavirin Auto-Remediation Workflows Help Hybrid Cloud Enterprises Maintain Golden Security Posture

By Chidi Oparah on November 13, 2018@chidi_oparah

Cavirin Auto-Remediation Workflows Help Hybrid Cloud Enterprises Maintain Golden Security Posture

This is a Press Release:

SANTA CLARA, Calif. – November 13, 2018 – Cavirin Systems, Inc., the only company providing risk, cybersecurity and compliance posture for the enterprise hybrid cloud, today announced auto-remediation capabilities spanning compute instances and cloud services in Amazon Web Services (AWS) and on-premise environments. Many organizations separate security posture monitoring from change management, leaving them exposed when security alerts monitored by SecOps teams wait for DevOps teams for remediation. Closing this security gap via auto-remediation is a key outcome enabled by Cavirin’s CyberPosture Intelligence platform.

Cavirin’s CyberPosture Intelligence platform secures both the public cloud control plane as well as target hybrid cloud workloads (servers), on-premise, within the public cloud, and within containers. The resulting CyberPosture score permits comparison with the organization’s current security posture against the desired ‘golden posture’ and immediately take corrective action. The latest update delivers auto-remediation workflows for both AWS as well as on-premise infrastructure as follows:

For AWS, Cavirin monitors network ports associated with AWS Security Groups and ranks vulnerabilities based on Cavirin’s CyberPosture Scoring methodology. DevOps users can remediate one or more security groups with one click, which invokes a Cavirin-authored Lambda function deployed within a customer’s AWS account(s). Remediation for Google Cloud and Azure will follow in upcoming releases.
For compute instances in AWS, GCP, Azure or on-premise environments, Cavirin monitors operating level configuration parameters for drift compared to a golden state defined for a group of machines. Cavirin automatically creates the list of drifting machines as well as a list of configuration settings that require remediation in Ansible’s format. The Ansible server combines the Ansible artefacts with the Cavirin-supplied Ansible playbook to remediate machines to the golden state. The same approach can also be used to create ‘golden’ images during pre-production by assessing candidate images against a golden posture and involving Ansible with Cavirin playbooks to remediate images to a golden state.

Cavarin Auto-Remediation Workflow

These workflows enable enterprises to significantly reduce the effort and time required to plug security holes and minimize risk.

“Cavirin’s capability to bridge security posture monitoring and change management, both on-premise and in the cloud, speaks to the flexibility and usefulness of the solution’s design,” said Brajesh Goyal, vice president of engineering at Cavirin. “This new functionality of Cavirin’s CyberPosture Intelligence platform is just the beginning of delivering a true closed-loop remediation solution across the hybrid cloud.”

Cavirin removes security compliance as a barrier to cloud adoption by automating with the broadest set of customizable frameworks, benchmarks and guidelines available. The company will showcase its CyberPosture Intelligence platform at booth #2725 at AWS re:Invent 2018, which takes place November 26-30 in Las Vegas. For more information, please visit https://www.cavirin.com/why-cavirin/get-cyberposture-score.

About Cavirin

Santa Clara, California-based Cavirin is a global provider of risk, cybersecurity and compliance posture intelligence for the enterprise hybrid cloud. Cavirin is the only organization that delivers CyberPosture intelligence for the hybrid cloud by providing real-time risk & cybersecurity posture management and continuous compliance, while further integrating security into DevOps. For more information, visit the company’s website, and follow the company on Twitter at @Cavirin and on LinkedIn.