New Offering Simplifies the IaaS Compliance Lifecycle Across Any Public Cloud, from Aggregation and Analysis to Remediation and Continuous Enforcement
MENLO PARK, Calif. ā Sept. 29, 2016Ā āĀ Dome9Ā Security, the leader in public cloud security, today announced the launch of the Dome9 Compliance Engine as part of the integrated, end-to-end Dome9 Arc platform. The powerful new capabilities of the Compliance Engine radically simplify how enterprises aggregate, assess, remediate and enforce their compliance posture across IaaS public cloud environments and speed up the compliance lifecycle of the cloud infrastructure.
Common data and information security best practices lie at the heart of all standards-based regulations, such as PCI DSS, HIPAA and SOC 2. However, traditional tools and controls that worked well for security and compliance in the datacenter fail in software-defined cloud environments that demand agility, efficiency and always-on protection across all assets. Compliance remains a leading concern as organizations move critical workloads to the public cloud. Managing compliance in public cloud environments requires a new breed of network and server security tools and controls that enable faster, more efficient monitoring and remediation and continuous enforcement.
āRegulatory compliance is a top business priority for building customer confidence and trust and has become a headache for organizations migrating their applications and infrastructure to the public cloud,ā said Zohar Alon, CEO and co-founder of Dome9 Security. āSecurity and compliance professionals can deploy Dome9 and immediately have at their fingertips the necessary information and control to simplify and streamline compliance across their cloud environments.ā
The Dome9 Arc platform delivers comprehensive compliance management in public cloud environments. Businesses can assess their compliance posture, identify risks and gaps, fix issues such as overly permissive security group rules and weak password policies, enforce compliance requirements and prove compliance in audits.
Dome9 Compliance Engine Features Include:
- Automated data aggregation for compliance audits across unlimited Amazon Web Services (AWS) accounts, eliminating the need for time-consuming manual data gathering
- A single dashboard to manage the compliance lifecycle across monitoring, remediation and enforcement
- Printable reports of assessment and compliance status history that make tracking more manageable at scale across business units, Virtual Private Clouds (VPCs), regions and cloud accounts
- Customized test suites that allow businesses to assess and manage compliance to industry standards such as PCI DSS
- Comprehensive logging and auditing, real-time alerts and active policy enforcement to ensure continuous compliance
- Agentless, cloud-native architecture that allows security and compliance capabilities to cover all cloud entities, including built-in services such as Amazon relational database services (RDS), AWS elastic load balancing (ELB) and AWS Lambda that agent-based solutions cannot protect
“GuidePointĀ works with companies to ensure that their compliance and governance approaches are mapped to security controls on public clouds,” said Jonathan Villa, practice lead, cloud security, at GuidePoint Security. “The new Compliance Engine from Dome9 simplifies data aggregation, tracking and reporting of compliance in the cloudĀ to bring immediate visibility of the cloud infrastructure’s security posture. The platform is built with the needs of both the business user and the cloud security practitioner in mind.”
