Freely subscribe to our NEWSLETTER

In a new study of 250 hybrid cloud security leaders, “Cyber Security Posture: The Challenges and Strategies of Hybrid Cloud”, the two top concerns identified were verification that public cloud accounts are secure (69%) and confirmation that workloads in the cloud are secure as well (69%). This lends credence to the reality that both account and workload security are critical. However, security is still a key issue and barrier to adopting a hybrid cloud architecture, with specific concerns including increased complexity (55%), a lack of visibility into cloud endpoints (32%), difficulty instituting security controls (37%), and a clear need for more assessment tools (29%).

“Though our research shows that over 81% of enterprises are adopting a hybrid cloud approach, only 30% are using unified security tools that span on-premise and the cloud,” stated Doug Cahill, ESG’s lead cybersecurity and cloud analyst, quoting related research by ESG on hybrid cloud security. “The fact that this will grow to 70% over the next two years speaks well of Cavirin’s hybrid cloud approach, helping address a key barrier to hybrid cloud adoption – security and visibility.”

Traditional solutions provide siloed, delayed visibility, and require manual security remediation and testing which is not well suited for the flexibility and velocity that the hybrid cloud model offers. Cavirin’s CyberPosture Intelligence for the Hybrid Cloud eliminates these limitations and removes the barrier to the cloud with:

• Continuous Risk & Cybersecurity Posture Management - A central ‘CISO Dashboard’ depicts exactly what organizations have at each moment and where they are located. This includes cloud account security posture, as well as virtual machines and container instances.
• Integrating Security into DevOps - Bridges the gap between DevOps and SecOps by automatically injecting security into the DevOps cycle – development, staging, and deployment - through CI/CD integration.
• Continuous Compliance Management - Removes security compliance as a barrier to cloud adoption through automation and customization via the broadest set of customizable frameworks, benchmarks and guidelines.

Supporting Customer Quotes:

“We choose Cavirin because it is the only product in the industry that can effectively inspect and report on non-compliance issues against a wide range of security frameworks and regulatory standards in both cloud workloads and AWS security,” said Kin Kwan, Security Officer, Telus Health.

“Our deployments across AWS and GCP are a good match for the hybrid cloud capabilities of the Cavirin platform,” said Peter Bierfeldt, Chief Information Security Officer, Reltio. “Their support for frameworks and regulations including ISO and SOC2 will help us maintain continuous compliance across our cloud deployments.”

“Cavirin’s support for Azure will permit us to address both aspects of cloud security – the security posture of the cloud itself, as well as the individual workloads,” said Ray Espinoza, VP and Chief Information Security Officer, Atmosera. “Their vision of a CISO dashboard extending across the hybrid infrastructure is where we see the market going, and will help us deliver a more comprehensive and competitive service.”

“Given the sensitive nature of HLI’s data, we deploy the Cavirin platform as it helps ensure continuous compliance with government regulations,” said Ernesto Ruy Sanchez. DevOps Manager, Human Longevity, Inc.

“Cavirin’s ability for real-time visibility across the infrastructure permits organizations to accurately assess risk, security posture, then automatically remediate,” said Jack Kudale, COO, Cavirin. “This is the first platform available for organizations to easily migrate and achieve continuous security and compliance of their hybrid cloud deployments, knowing they are safe and secure.”

New Technical Capabilities include:
• “Golden Posture” and ‘Top 25’ recommendations for guided remediation.
• Container runtime monitoring delivering on Cavirin’s ‘full-stack’ container security that already includes image scanning, CIS container and Kubernetes hardening, and guest OS hardening.
• Custom policy creation and compensating controls based on a Cavirin Domain Specific Language
• Availability of the new, Cavirin-authored CIS Azure Foundation Benchmark.