Configuration Management

Maintain your organization’s “gold standard” security and compliance posture across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud environments

Configuration Management is a Moving Target

For many organizations, managing configurations is a key business requirement to ensure compliance and governance. Unlike static on-premise environments where this can be addressed using a configuration management database (CMDB), public cloud environments face new challenges:

Dynamic Environment

The ephemeral nature of cloud resources makes it challenging to keep track of all assets and their associated configurations across the environment. Automatic asset inventory and reporting are necessary to keep pace.

Privileged Users

In the cloud, multiple users that have elevated privileges and changes to resource configurations occur without any security oversight, increasing the likelihood of misconfigurations. Policy guardrails and user attribution are necessary to ensure users are immediately notified about issues.

Feature Velocity

Cloud providers are releasing thousands of new features and capabilities every year. With this unprecedented pace of innovation, it’s hard for developers and security teams to understand the potential security impact that the configurations of these features can have on organizational security posture.

Alert Fatigue

The rapid pace of change in cloud environments can inundate the security team with alerts. In order for security to keep pace, alerts must support auto-remediation or integrate with DevOps workflows.

RedLock Enables Configuration Management

The RedLock Cloud 360™ platform provides the necessary tools for automated configuration management across dynamic public cloud environments. This automated approach enables you to continuously maintain your organization’s “gold standard” security and compliance posture.

Asset Inventory

The RedLock Cloud 360 platform discovers cloud resources and profiles applications as soon as they are created or terminated. Having an understanding of your environment enables you to implement more granular configuration policies and reduce risk. For example, just knowing that you have 5000 cloud virtual machines running is not enough, because the configuration policies for web servers will drastically vary from those for databases.

Asset Inventory & Management

Policy Guardrails

The platform provides hundreds of out-of-the-box configuration policies that reflect established security best practices and map to granular controls for common compliance standards such as CIS, PCI, NIST, and HIPAA. It continuously assesses the configurations across resources as they are created or modified and violations trigger alerts. For example, you could monitor your environment for publicly exposed Amazon S3 or EBS volumes.

Policy Guardrails & Privileged Activity Monitoring

Audit Trail

Effective configuration management requires accountability to identify the user causing the violation. The RedLock Cloud 360 platform provides you with a DVR-like capability to view time-serialized activity for any given resource, enabling you to quickly identify the user who introduced a risky configuration. For example, if a new Amazon security group is created and left open to the internet, you can pinpoint the user who created the group and discuss if this was done in error.

Audit Trail & Network Threat Investigation

Automatic Remediation

When a misconfiguration occurs, it must be swiftly remediated to reduce the window of opportunity for malicious actors. The platform provides context on violations as well as identifies the responsible user which enables auto-remediation. This self-healing ability enables you to continuously maintain your organization’s “gold standard” security and compliance posture.

Enterprise Integration

Compliance Reporting

The RedLock Cloud 360 platform enables you to report on your current compliance posture. It also maintains historical snapshots of your environment which enables you to prove compliance for any past periods as well.

resource configuration monitoring

Want to learn more?

Configuration Management

Learn how to ensure resources adhere to configuration best practices across your entire public cloud environment.

RedLock Cloud 360 Demo

Get a demo of the RedLock Cloud 360 platform.

Cloud Threat Defense

Learn how the RedLock Cloud 360 platform enables comprehensive Cloud Threat Defense.

Get Started Today

Learn more about the problems that RedLock can help you solve or contact us for a free risk assessment of your public cloud infrastructure.

Learn More Get a Free Assessment

LIVE Webinar

REGISTER NOW