Cavirin Pioneers Machine Learning Driven CyberPosture Scoring and Closed Loop Security for Google Cloud, AWS and OS Resources

January 22, 2019 Off By David

Cavirin Systems, Inc., the only company providing risk, cybersecurity and compliance posture for the enterprise hybrid cloud, today announced the general availability of its Winter 2019 CyberPosture Intelligence release. New capabilities include closed-loop security for Google Cloud and Amazon Web Services (AWS), Google Cloud Security Command Center (SCC) integration, Ansible auto-remediation for Linux workloads, and machine learning-based CyberPosture scoring that helps customers prioritize remediation based on risk.

"Our Winter 2019 release is the next step in delivering on our vision of true multi-cloud closed-loop security," said Bashyam Anant, Vice President of Product Management at Cavirin. "Current security solutions use a siloed approach for proactive and reactive security, leaving organizations vulnerable. With closed-loop security, Cavirin is the first to assess the impact of alerts related to new, deleted or changed resources from monitoring solutions like AWS CloudTrail and Google StackDriver, using CyberPosture scoring to prioritize infrastructure changes based on their risk. Security gaps can be auto-remediated using each cloud’s serverless functions."

Cavirin is also the first to apply machine learning to recommend technical controls for industry standards (e.g. NIST 800-171) and regulatory frameworks (e.g HIPAA) with associated weights and severities, which in turn drives the ability for customers to drive compliance based on risk, using Cavirin’s CyberPosture scores.

"Compliance and security professionals struggle with translating regulatory requirements and industry standards to automated technical controls – spreadsheets and manual mapping processes are the state of the art. While organizations like the Unified Compliance Framework (UCF) have provided a universal/canonical representation of regulatory requirements, gaps still remain with respect to mapping requirements to technical controls with quantitative inputs that can drive risk scoring and analytics," said Mukul Kumar, Vice President of Cyberpractice at Cavirin. "Cavirin’s Recommender System streamlines the mapping process while automatically assigning inputs required for CyberPosture scoring and risk-based remediation."

Furthermore, Cavirin’s auto-remediation capabilities, based on serverless functions for AWS and Google Cloud, can be invoked to affect the required remediation, significantly reducing the time and effort to close security gaps identified by alerts. Closing the loop from alerts to scoring and remediation is at the heart of closed-loop security and helps address the top three concerns for protecting cloud workloads as described in a just-released AWS cloud security survey by Cybersecurity Research – visibility into infrastructure security (44%), setting consistent security policies (42%), and compliance (42%).

The complete list of Winter 2019 features includes:

  • Closed-loop security for Google Cloud via Google StackDriver Monitoring and Google Functions for auto-remediation: This closes the loop from monitoring to change management by offering automated identification and correction of account and services security issues before they become an issue.
  • Google Cloud Security Command Center integration: Offers customers single-pane visibility into CyberPosture scoring and management for Google Cloud Platform (GCP) services and resources, extending to on-premise assets. It permits visibility into risk posture monitoring and remediation of the customer’s Google Cloud services and resources configurations, alerting the user to any changes including the what, who, and when. Cavirin’s Google Cloud SCC Companion is available via the Google Cloud Marketplace.
  • Ansible integration to streamline the hardening of operating systems powering compute instances: Cavirin periodically assesses all instances, checking for drift against a known baseline and recommending and carrying out remediation through Ansible to re-establish the instances’ golden posture.
  • Technical controls mapped to compliance and security frameworks (e.g. HIPAA, NIST 800-171): These controls now leverage a machine learning based Cavirin Recommender System to ensure consistency of mapping and the resulting weights and severity. This further improves the efficacy of CyberPosture scoring and resulting remediation guidance.
  • Reporting enhancements: A new change reports feature offers the ability to compare the latest assessments against the previous one, enabling users to quickly gauge the effectiveness of change management. A new reporting service for RSA-Archer permits management of Cavirin-reported compliance posture gaps through an organization’s existing GRC platform.
  • Enhanced connectivity through bastion and proxy hosts: Network segmentation and isolation are important best practices. With the Winter release, customers can isolate compute instances behind bastions and proxy hosts while allowing Cavirin to discover and assess these assets.

Cavirin removes security compliance as a barrier to cloud adoption through automation with the broadest set of customizable frameworks, benchmarks and guidelines available. The company’s solution secures both the public cloud control plane as well as target hybrid cloud workloads (servers), on-premise, within the public cloud, and within containers.