Dome9 Security today announced the launch of the Dome9 Compliance Engine as part of the integrated, end-to-end Dome9 Arc platform. The powerful new capabilities of the Compliance Engine simplify how enterprises aggregate, assess, remediate and enforce the compliance posture across IaaS public cloud environments and speed up the compliance lifecycle of cloud infrastructure.
Common data and information security best practices lie at the heart of all standards-based regulations, such as PCI DSS, HIPAA and SOC 2. Traditional tools and controls that worked well for security and compliance in the datacenter fail in software-defined cloud environments that demand agility, efficiency and always-on protection across all assets. Compliance remains a leading concern as organizations move critical workloads to the public cloud. Managing compliance in public cloud environments requires a new breed of network and server security tools and controls that enable faster, more efficient monitoring, remediation and continuous enforcement.
“Regulatory compliance is a top business priority for building customer confidence and trust and has become a headache for organizations migrating applications and their infrastructure to the public cloud,” said Zohar Alon, CEO and co-founder of Dome9 Security. “Security and compliance professionals can deploy Dome9 and immediately have at their fingertips the necessary information and control to simplify and streamline compliance across their cloud environments.”
Dome9 Arc delivers comprehensive compliance management in public cloud environments. Businesses can assess their compliance posture, identify risks and gaps, fix issues such as overly permissive security group rules and weak password policies, enforce compliance requirements and prove compliance in audits.
Dome9 Compliance Engine Features Include:
Automated data aggregation for compliance audits across unlimited AWS accounts, eliminating the need for time-consuming manual data gathering
Single dashboard to manage the compliance lifecycle across monitoring, remediation and enforcement
Printable reports of assessment and compliance status history that make tracking more manageable at scale across business units, Virtual Private Clouds (VPCs), regions and cloud accounts
Customized test suites that allow businesses to assess and manage compliance to industry standards such as PCI DSS
Comprehensive logging and auditing, real-time alerts and active policy enforcement to ensure continuous compliance
Agentless, cloud-native architecture that allows security and compliance capabilities to cover all cloud entities, including built-in services such as Amazon RDS, AWS ELB and AWS Lambda that agent-based solutions cannot protect
"GuidePoint works with companies to ensure their compliance and governance approaches are mapped to security controls on public clouds," said Jonathan Villa, Practice Lead, Cloud Security at GuidePoint Security. "The new Compliance Engine from Dome9 simplifies data aggregation, tracking and reporting of compliance in the cloud to bring immediate visibility of the cloud infrastructure's security posture. The platform is built with the needs of both the business user and the cloud security practitioner in mind."