Public Cloud
Public Cloud Vulnerabilities
The explosion and ease of deploying Cloud instances has been hugely efficient for IT. For Security Operations on the other hand, the lack of Governance and insight into Vulnerabilities within these Cloud instances poses massive risk.
Until now, there has been a lack of visibility into an organizations Public Cloud Vulnerability status. Fatstacks realtime integration with EC2 SSM solves this, providing the same realtime Vulnerability Intelligence to your Public Cloud, as we do to your internal network, while integrated directly into your SecOps application.
Challenges
- Traditional Scan tools are not architected to discover EC2 instances
- 80% of Cloud instances exist for less than 1 Day. 10% of these for only 5 minutes
- Security and IT lack proper Governance of Public Cloud instances
- Public Cloud Security is currently measured at image, ignoring what gets installed
- No GRC or Discovery tool can directly correlate a known Vulnerability to a known Software Title installed on EC2
How can you apply your existing SecOps model to your Public Cloud usage?
AWS has recently released Amazon EC2 System Manager a native software inventory discovery for your Linux and Windows instances. You may now collect detailed information of the software installed in your Public Cloud. fatstacks sRTMS integrates with EC2 to provide realtime Vulnerability Intelligence of your OS, Applications, Agent and Network detail. By combining these two realtime solutions, visibility into your Public Cloud is now governed by your same Security Operations and Patching processes.
fatstacks sRTMS for EC2 provides vulnerability ‘CVE’, correlated directly to unique product enumeration ‘CPE’ of all of your Public Cloud instances, no matter how dynamic your EC2 usage.