Integrated and ready to use
Cloud Scanning has been released as an integrated feature of the VMP (Vulnerability Management Platform) and is available to all customers. Cloud Scanning works directly through the cloud service providers’ API interfaces, which enables complete coverage of cloud services — both cloud-based (such as AWS DynamoDB) and infrastructure-based services (such as AWS EC2).
There is already extensive coverage on AWS’s most used services, and the coverage will be extended to Microsoft Azure in the near future.
Cloud Scanning is not a separate product that would need to be purchased, but rather a new feature available to all Holm Security VMP customers.
Broad coverage & authentication
Broad coverage is achieved by scanning resources in the cloud in all available regions, making it easy to get an overview of exposure to security threats between various regions. Using simple management settings, you can define what needs to be covered and create your own IAM compatible account, where Cloud Scanning uses API keys for authentication (which are stored encrypted on Holm Security side). The tenant holder always gets full rights to control the identification data and other similar information entitled to review the cloud accounts.
Policies and supported platform services
Holm Security’s research team have developed a set of quality-assured policies built right into Cloud Scanning. These policies are maintained and continuously developed to provide more coverage for more cloud services and service providers.
The first published version of Cloud Scanning supports 10 most used cloud services of AWS (Amazon Web Services) — which means more than 200 different policies related to identifying information security risks are being used.
Getting started with Cloud Scanning couldn't be any easier
To start using Cloud Scanning, go to the Scan Cloud menu in the Security Center. From there you will be able to set the profile, authentication, schedule and continuous check settings — all in a few minutes time. We recommend scheduling Cloud Scanning checks so that scans are performed somewhere between one day and one-week intervals.
Cloud Scanning will later be gradually integrated into unified views. The scan results can then be viewed in asset and vulnerability manager views, as Holm Security publishes new unified views and risk scores.