As organizations adopt or expand their presence in public cloud infrastructure, security and network operations teams are being asked to provide the same level of visibility their organizations are accustomed to in their premise environments. With the right tools in place, running workloads in public cloud infrastructure can provide significantly more visibility and control than traditional infrastructure.

CloudGuard Dome9 from Check Point provides not only the visibility required of public cloud environments compliance, governance and connectivity configurations, but also the orchestration and automation to remediate non-compliant portions of the public cloud. By providing instant mitigation and continuous real-time enforcement, enterprises are able to focus on projects that increase their organization’s productivity and revenue. Developed as a cloud native platform, Dome9 integrates with AWS, Google Cloud, and Microsoft Azure via API integrations and services accounts, enabling enterprises to unify policies across all of their projects, accounts, regions, and virtual networks.

Using Dome9 to check on the NIST posture of a test Azure Environment

The Dome9 solution has a robust feature set aimed at securing and optimizing a cloud environment, some of the key features include:

• A “remediate in place” feature that allows administrators to quickly mitigate risks from a single platform
• Prevention of unauthorized changes within the environment and immediate enforcement of configurations that were previously defined
• Governance and Compliance in the public cloud across accounts, regions, networks, and platforms leveraging native security controls and end-to-end lifecycle controls
• Privilege elevation management for IAM actions
• Enhanced threat hunting and security analytics through the “log.ic” feature, which transfers critical insights from cloud native log and event data into an organization’s SIEM

If you are interested in assessing the security of your current cloud build, Vandis offers a free cloud security assessment powered by Check Point Dome9. This assessment can be run for AWS, Azure, and GCP environments and for a number of different compliance rulesets like CIS benchmarks, HIPAA, SOC2, or Well Architected Frameworks. To learn more about this assessment please find the solution briefing here, or start a free consultative conversation today, please contact 516-281-2200 or cloud@vandis.com.