Dome9 was the first cloud security vendor to offer native, agentless security orchestration for the three leading IaaS services — AWS, Azure and GCP. We have continued to build out our security and compliance automation capabilities for Azure in the past year. As we get ready to attend the Microsoft Ignite conference in Orlando, Florida next week, let’s take a quick look at what Dome9 offers our Azure customers.
If you have been following the news in the past 12-16 months, you’ve probably noticed the big uptick in the number of breaches and data exposures and the public cloud. Pretty much every breach was the result of configuration errors and a lack of continuous policy enforcement. These are the issues that Dome9 helps our customers stay protected against. Dome9 gives you the ability to visualize your network assets, assess your security posture, and actively protect against vulnerabilities and misconfigurations.
What Value Does Dome9 Offer Azure Customers?
1. Visibility into Cloud Assets
Dome9 gives you a comprehensive view of all the assets in your Azure cloud environment, across regions, vnets, from a single pane of glass.
2. Visibility of Network Security Posture
As you navigate Azure environments, you can now leverage Clarity to visualize your cloud security using a dedicated, purpose-built platform. This allows you to interactively identify configuration drift, assess impact of new vulnerabilities and spot firewall rule misconfigurations quickly.
3. Continuous Compliance and Governance
The Dome9 Compliance Engine allows customers to automatically and continuously assess their cloud security configuration against regulatory standards (such as CIS, NIST, SOC 2, and PCI) and built-in security best practices. They can use pre-packaged test suites that check for compliance or they can easily create their own customized test suites that capture their organization’s unique requirements.
With GSL, or Governance Specification Language, you can write rules using plain english instead of complicated code, and anybody can understand them. Don’t know the syntax? Use the guided rule-builder interface!
4. Infrastructure Guardrails
Tamper Protection is an extra layer of protection for your cloud without you having to manage it on an ongoing basis. It gives Dome9 complete authority to your network security group (NSG).
– Lock down and deny changes to network security groups (NSGs) outside of Dome9
– The system automatically reverts unauthorized modifications to last known good state
– All changes are audited and tracked
This feature helps you know when a configuration drift has occured and and when it was corrected.
Come chat with us to learn more at Microsoft Ignite Booth 1803! See you all next week!