Contact Us

Google Cloud Platform Announcements Align with Cavirin’s Vision

google cloud compliance

Google Cloud Security Command Center and Multi-Cloud Lead the Way


Google Cloud Security Command Center

Last week, as part of a very successful and over-subscribed Google Next, we participated in the general availability announcement of Google’s Cloud Security Command Center (Cloud SCC). Cloud SCC is an intuitive, intelligent risk dashboard and analytics system for surfacing, understanding, and remediating Google Cloud Platform (GCP) security and data risks across an organization. The Cloud SCC Dashboard serves as a launching point for Cavirin’s CyberPosture Intelligence platform which includes assessment, monitoring, scoring, and remediation. Our deep integration with the Google Cloud Platform provides you visibility and manageability for Google Cloud Platform and hybrid cloud deployments, including multi-cloud deployments.

Google Multi-Cloud 

Speaking of hybrid and multi-cloud deployments--Cavirin's sweet spot--we provide overall visibility, securing both workloads and cloud services, across any infrastructure, anywhere.  Google’s focus on security across not only its own cloud but across the hybrid/multi-cloud in general, matches very well with Cavirin’s vision.  Google’s deep commitment to multi-cloud deployments, unique amongst the three major providers, was announced with its Anthos open management architecture on April 9th.  From Google:

“…..this is really the stack for the next 20 years, meaning that it’s not really about the three different clouds that are all randomly different in small ways. This is the way that makes these three clouds — and actually on-premise environments, too — look the same.”

Google’s new strategy is to encourage and protect multi-cloud deployments, a direction aligned with almost ¾ of organizations. Customers require a security solution that spans this hybrid infrastructure, looking at both workloads as well as any cloud services consumed.  So you can see why I'm pretty stoked that the Cavirin solution, announced back in April 2018, aligns with the Google Cloud Platform strategy.  Google’s native security tools are complementary to what Cavirin offers with continuous compliance and automation, visibility, and consistency, major concerns identified by organizations moving to or planning to move to the cloud.


Primary Cloud Deployment Strategy

(Source:  2019 Cybersecurity Insiders Cloud Security Survey)


How Cavirin Fits Into Your Cloud Picture

The Cavirin solution leverages the broadest set of benchmarks, frameworks, and regulations, to continually assess the compliance and security score of workloads, both on-prem and across the hybrid/multi-cloud, immediately informing the operator of any security drift and recommending remediation. In some cases, the solution is able to carry out automated remediation via Ansible Playbooks, closing the loop from monitoring to change management. Scoring accuracy is improved by leveraging machine learning to better map and weight technical controls.

The same approach applies to cloud services, wherein the case of Google Cloud, the system continually monitors the various cloud services via StackDriver, identifying potentials for breach, and then triggering auto-remediation via Google Functions. This, along with Cavirin’s workload remediation, is the essence of closed-loop security for the hybrid cloud. In parallel, the system forwards all security observations to the Google Cloud SCC, where, in combination with other Google Cloud security services, the operator is presented with a unified and actionable view of his or her security posture.

Where the organization has implemented a true hybrid or multi-cloud architecture, Cavirin presents security findings from across the multiple clouds via the CyberPosture Dashboard, a simple-to-interpret view that correlates security and compliance and offers prioritized guidance.

So, check out Cavirin’s closed-loop security for Google Cloud and our SCC integration on the Google Cloud Marketplace.


© 2019 Cavirin Systems, Inc. All rights reserved.