Press Release
Cavirin's security and compliance platform delivers AWS Baseline reporting, Terraform Automation, and so much more
San Jose, CA, February 25, 2021 – The introduction of Version 6 of Cavirin's cloud security and compliance product delivers more efficient reporting and remediation.
Rapid response to threats and awareness of a system's health is a critical factor. The new AWS baseline policy addresses this issue by gathering system-wide security and compliance status information and condensing this crucial information into a single and easily understood view.
Terraform Automation for AWS Cloud Policies enables rapid automated policy execution across system-wide resources. The Terraform open-source infrastructure leverages the predefined policies and standards definitions built into the Cavirin security and compliance solution. Terraform significantly improves scan times through its API-driven architecture.
Lightweight OS Container PODs enable fast OS Container scans by minimizing the network bandwidth required. This revolutionary feature facilitates timely and efficient resource discovery and assessment across multiple platforms from SaaS to the On-Premise data center.
Finally, Cavirin has introduced a new Cybersecurity Maturity Model assessment (CMMC) policy that enables defense suppliers to evaluate their cloud/compute systems for CMMC compliance.
Initially targeting CMMC level 1, the CMMC policy pack ensures preparedness and measures your hybrid cloud assets' compliance against defense cybersecurity controls.
Cavirin CEO Toru Kashima said:
"Our focus has always been to offer the best possible reporting and remediation in the fastest possible time.
Typically, users of Cavirin's security and compliance solution work with hundreds of targeted resources, but what they really need is the ability to see system-wide health from a single view. Until now, they lacked the tools to respond rapidly to any threats detected. Cavirin's AWS Baseline policy makes this a reality and reduces the time needed to keep systems secure.
The introduction of Terraform Automation for AWS Cloud Policies and Cavirin's lightweight access PODs also offers significant performance enhancements. For example, the bandwidth consumed to scan bastion hosts is high, and the process is typically slow. Cavirin's lightweight access PODs solve that problem and significantly shorten scan times."
At a time when a data breach seems like a daily event, employing effective cybersecurity is critical. Cloud-based systems offer rapid development and instant scalability, but the risk of unintentionally growing the attack surface on those systems increases significantly.
Cavirin's security and compliance solution offers real-time monitoring, threat detection, and auto-remediation across many platforms, including AWS, GCP, Azure, On-premises, OS, containers, and Kubernetes.
To learn more about the tools available for maintaining the health and compliance of your hybrid cloud systems, contact Cavirin today at https://cavirin.com or check out this short video introduction to the solution https://cavirin.com/products/introducing-the-cavirin-multi-tenant-security-solution.
About Cavirin
Cavirin, headquartered in San Jose, Calif., is a privately held, global provider of risk, cybersecurity, and compliance posture intelligence for the hybrid cloud. We are committed to helping customers build their "First Line of Defense" via robust configurations across key cloud services and workloads.
Media Contact
Dael Bartlett
This email address is being protected from spambots. You need JavaScript enabled to view it.
(408) 383 7615
Security and compliance awareness and correction in one agent-free platform
SAN JOSE, Calif. – Nov 12, 2020 – The introduction of Version 5 of Cavirin's cloud security and compliance product steps up to provide on-the-spot access to laser focussed reporting and remediation of all your prioritized security and compliance issues.
DevSecOps is a critical factor in today's development programs, and Cavirin's ability to deliver real-time alerts keeps DevOps on track.
To ensure effective security and compliance management, Cavirin operates seamlessly across multiple cloud services and on-premises systems, including AWS, GCP, Azure, VMWare, Docker, and Kubernetes.
The Cavirin solution empowers organizations to set a security and compliance baseline specific to their requirements.
The system is built around a set of industry-standard and custom benchmarks, known as policy packs.
Configurable and custom policies enable defining an organization's specific security, encryption, and administrative criteria.
Compliance Policy packs such as HiPAA, PCI, CJIS, and SOC2, enable rapid compliance reports that save a considerable amount of time, cost, and effort.
The new interactive dashboard enables immediate access to reports, remediation, cyber posture, and detailed and actionable warnings of critical vulnerabilities.
Amar Bhadrashetty, Head of Product Managementat Cavirin, said "Our early customer trials have been really positive; customers appreciate the clean interface that puts all the tools they need on a day-to-day basis at their fingertips."
"It is a simpler interface than your previous version, and the filters are much easier to use. I like the way actionable items are listed and that I can initiate remediation directly from the dashboard. Also, the ability to define specific alert criteria, post those alerts directly to our ticketing system, and notify key players, gives even greater confidence we can keep our systems safe." Says Judsen Schneider - CTO, Nashville Biosciences.
To learn more about the tools available for maintaining the health and compliance of your hybrid cloud systems, contact Cavirin today at https://cavirin.com
About Cavirin
Cavirin, headquartered in San Jose, Calif., is a privately held, global provider of risk, cybersecurity, and compliance posture intelligence for the hybrid cloud. We are committed to helping customers build their “First Line of Defense” via robust configurations across key cloud services and workloads.
Media Contact
Dael Bartlett
This email address is being protected from spambots. You need JavaScript enabled to view it.
(408) 383 7615
SANTA CLARA, Calif. – Nov 13, 2019 – Cavirin is excited to announce the introduction of the market's first CIS benchmark for cloud security as a free service. The Cavirin free service offers genuine value when compared to the cost of CIS compliance from CSPs or other cloud security vendors. This free service offers organizations a runway to get started with their cloud security initiatives.
The free license includes CIS and network policy packs for AWS, GCP, and Azure cloud services and compute instances. The combined free policy packs provide over 7000 plus controls, along with interactive reports and our dashboard. Use the free license to CIS harden VMs and cloud services, thereby improving your cybersecurity posture.
Nisha Agarwal, VP, GTM and Products, Cavirin Systems said, "Security in the cloud requires a new approach. Without a physical perimeter, each software service must itself be locked down. The first step in securing your cloud is the ability to check and remediate to ensure proper configurations of critical cloud infrastructure. We at Cavirin know that building the "First Line of Defense" begins with requiring regular scanning and remediation. It is the first step in a strategic, security-oriented approach to implementing cloud services."
Peter Bierfeldt, VP Global Compliance/Information Security/Privacy, Reltio, said:
"We believe configurations of cloud services is an important first step in securing cloud environments. The Cavirin platform has empowered our governance & security teams to regularly scan & fix configurations for our OSs and cloud services across multiple clouds!"
Stuart Horne, EVP Business Development, DigitalOnUs stated:
"Configurations of cloud services is an important first step for cloud security. We have selected the Cavirin platform to implement robust policy checks across AWS, GCP, and Azure cloud workloads for our customers. It is easy to use, extensible, scalable, and provides significant value to our capabilities in assessing security risks."
Cavirin Free is available for download from both the AWS and GCP marketplaces or can be requested directly from the Cavirin site.
For more information on the Cavirin Free service, access to downloads and a comparison with the advanced paid offerings, please follow this link: https://www.staging2.cavirin.com/environments/cavirin-free.html
About Cavirin
Cavirin, headquartered in Santa Clara, Calif., is a privately held global provider of risk, cybersecurity, and compliance posture intelligence for the hybrid cloud. We are committed to helping customers build their “First Line of Defense” via robust configurations across key cloud services and workloads. For further details, please visit: https://www.staging2.cavirin.com
Media Contact:
Nisha Agarwal
VP of GTM and Products
1 415 937 0203
This email address is being protected from spambots. You need JavaScript enabled to view it.
SANTA CLARA, Calif. – Feb 11, 2020 – Cavirin announces the launch of its SaaS ‘First Line of Defense’ service.
Building the “First Line of Defense” for your AWS, GCP, and Azure accounts is now as simple as signing up for Cavirin SaaS and selecting the appropriate one-click policy packs.
“There is just no excuse at this point for lack of secOps for business-critical public cloud deployments. Anyone not having robust configuration checks for encryption, access controls, boundary controls, and logging for their important customer/business data, needs to invest in a cloud security service today. In our field experience, we have found a lack of cloud security operational practices all too common. We have also found a misconception of equating cloud or devOps automation (terraform scripts) with secure resources/assets in the cloud.” Says Nisha Agarwal, VP, GTM, and Products, Cavirin Systems.
Standards for cloud ‘controls’ across AWS, GCP, and Azure services are slowly developing. The Cavirin service offers CIS policy packs for AWS, GCP, and Azure. However, these standards are currently relatively sparse, leaving out critical services and checks. The Cavirin authored policies fill this vital gap, covering a broad range of common services. These core policies map to a host of security and compliance standards – NIST, HIPAA, and PCI.
Learn more or request a SaaS login at https://staging2.cavirin.com/environments/cavirin-saas.html
About Cavirin
Cavirin, headquartered in Santa Clara, Calif., is a privately held global provider of risk, cybersecurity, and compliance posture intelligence for the hybrid cloud. We are committed to helping customers build their “First Line of Defense” via robust configurations across key cloud services and workloads. For further details, please visit: https://www.staging2.cavirin.com
Media Contact:
Nisha Agarwal
VP of GTM and Products
1 415 937 0203
Cavirin
This email address is being protected from spambots. You need JavaScript enabled to view it.
Company bolsters security for enterprises adopting hybrid and multi-cloud ecosystems
SANTA CLARA, Calif. – April 10, 2019 – Cavirin Systems, Inc., the only company providing risk, cybersecurity and compliance management for the enterprise hybrid cloud, will be demonstrating its closed-loop security for Google Cloud, as well as Google Cloud Security Command Center (Cloud SCC) integration at Next ‘19 (booth # S1409) which takes place April 9 -11, 2019, in San Francisco. A leader in providing Google Cloud support, Cavirin delivers on the demands for continuous security and compliance across platforms with its recently announced Google Cloud security capabilities.
As enterprises increasingly adopt hybrid and multi-cloud solutions, it is critical that these environments are protected. Augmented with machine learning, Cavirin closes the gap between monitoring and remediation, while Google Cloud SCC integration offers users a single point of security management across their different security tools. Combined with Cavirin’s CyberPosture scoring, which provides the user with a real-time score that reflects their current cybersecurity posture across both workloads and cloud services, Cavirin’s Google Cloud capabilities ensure a more secure hybrid cloud for critical applications.
“Our partnership with Google Cloud highlights a commitment to offering enterprises security across their hybrid environments, reducing the time to identify an attack and then remediating,” said Anupam Sahai, Vice President of Corporate Strategy and Business Development at Cavirin. “By closing the loop through monitoring, risk scoring and auto-remediation, enterprise customers will reap the benefits of a secure ecosystem, keeping any financial, reputational and legal security issues out of the question.”
Capabilities to be demonstrated at Next ‘19 include:
- Closed-loop Security for Google Cloud via Google StackDriver Monitoring and Google Functions for Auto-Remediation: This closes the loop from monitoring to change management by offering automated identification and correction of account and services security issues before they become an issue. Manual remediation through prioritized gap reports are supported as well. Services supported include Virtual Private Clouds, Subnets, IAM, GKE, Compute Engine, Cloud Storage, BigQuery, Cloud KMS and more. Additional services will follow in subsequent releases.
- Workload Assessment and Remediation: Discovery of and visibility into GCP workloads, both VM and container. The solution assesses and then scores these assets against a broad set of controls, including the NIST CSF, CIS, SOC2, PCI, HIPAA, and GDPR, and then offers auto-remediation via Ansible Playbooks.
- Google Cloud Security Command Center Integration: Helps security teams prevent, detect, and respond to threats targeting their Google Cloud Platform resources from a single pane of glass. It permits visibility and control into risk posture monitoring and remediation of the customer’s Google Cloud services and resources configurations, alerting the user to any changes including the what, who, and when, so he or she can take action. Cavirin’s Google Cloud SCC Companion is available via the GCP Marketplace.
- Application of Machine Learning to Mapping of Technical Controls: Cavirin is one of the first to apply machine learning to recommend technical controls for industry standards (e.g. NIST 800-171) and regulatory frameworks (e.g. HIPAA) with associated weights and severities, which in turn drives the ability for customers to drive compliance based on risk, using Cavirin’s CyberPosture scores.
Cavirin removes risk, security, and compliance as a barrier to cloud adoption by automating with a broad set of customizable frameworks, benchmarks and guidelines. The company’s solution secures both the public cloud control plane as well as target hybrid cloud workloads (servers), on-premise, within the public cloud, and within containers. Cavirin maintains its cost-optimized footprint, quick deployment on-premise or within AWS, Google Cloud, and Azure, and less than 30 minutes to first remediation on-par with SaaS-based offerings.
For more information, to read our blog, to set up a trial, or to request a Google Cloud SCC, please visit the Cavirin Google Cloud Resources Page.
PR Contact:
Dave Ginsburg
(408) 888-3953
This email address is being protected from spambots. You need JavaScript enabled to view it.