Cloud Security Posture Management (CSPM)
Ensures secure and compliant cloud environments through continuous monitoring
Cloud Workload Protection Platform (CWPP)
Secures cloud workloads with advanced protection features
IaC Scanning
Checks cloud infrastructure code for security and compliance
Attack Surface Management
Continuous monitoring and analysis of digital assets to identify and mitigate vulnerabilities
Features
User
Infrastructure Projects
IaC Projects
Audit
Tenant
Assets
Total
Nodes
Clusters
CSPM
Asset Inventory
Remediations
Asset Graphs
Multi-Cloud Compliance
KSPM
Risk Analysis, Security Compliance, and Misconfigurations
Workload Protection
Vulnerability Scanning (VMs, Containers, and Serverless Functions)
CIEM
Secure identities and cloud entitlements
IaC
Shift Left Security - Repository Scans (Gitlab, Github & Bitbucket)
Remediations
Attack Path Analysis
Red Teaming Testing
Integrations
Slack
Microsoft Teams
JIRA
ServiceNow
Tines
PagerDuty
CloudServices (Amazon SQS/SNS, Google Cloud Pub/Sub, Microsoft Azure Service Bus)
Single
5
10
Weekly
Multi-tenant
50
20
2
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
-
Only Email
-
-
-
-
-
-
-
Multi
100
20
Daily
Dedicated cluster
200
120
6
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
All
✓
✓
✓
✓
✓
✓
✓
Multi
Custom
Custom
Daily
Multi-tenant
Custom
Custom
Custom
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
Resources are all underlying available cloud platform services and tools for e.g. Organization or accounts, Organization Units, Projects, VPC, Compute Engine, Databases, functions et al across all supported cloud platforms.
Single click manually approved or configured auto resolution of any configuration anomalies or policy violation drifts applicable to all controlled underlying infrastructure.
Remediation follows detection of the anomalies and drifts based on data collected using deep observability features.
Prebuild landing zone is a generic or customized standards compliant landing zone setup from ground up on a chosen cloud platform for an account using an IaC template from the repository.
Landing Zone includes organization, administrative accounts setup with basic cloud resources like VPC’s, Subnets and governing policies.
IaC repos are account owned repositories setup on known source code management and version control solutions (for e.g github) that have infrastructure as code validated and ready for execution.
These repositories are managed by account owners and access is limited to account users.
Security compliance is ensuring compliance of industry standard governance or predefined specific organization governance practices during build and runtime as well as whenever any updates are done to any of the underlying cloud resources.
Additional governance can also be established using a predefined set of policies on top of existing repository template policies at the time of onboarding an account or application.
Limited relevant API’s exposed for integrations with in-house dashboard and governance tools for accounts.
