Tripwire Expands Support for Cloud Environments With Cloud Management Assessor

Tripwire, Inc. announced expanded support for cloud environments with Cloud Management Assessor (CMA).

Click to enlarge

As an extension of the company’s secure configuration solution, Tripwire Enterprise, CMA assesses cloud assets for publicly exposed data and secure configurations. It expanded coverage and new functionality allows organizations to monitor and control third-party SaaS applications such as Salesforce.com, in addition to Amazon Web Services, Azure and Google Cloud subscription accounts and cloud storage.

Cloud Management Assessor helps customers determine the security state of their cloud deployments by gathering and evaluating configuration data. Building on its ability to monitor cloud platform accounts, CMA monitors SaaS configurations, ensuring they adhere to company policies and industry practices like the Center for Internet Security (CIS) benchmarks. The cybersecurity solution also monitors for configuration changes that may affect the confidentiality, integrity or availability of a user’s cloud assets, giving administrators the ability to maintain security and compliance.

“As IT environments shift more of their workload to the cloud, we’re helping them stay on top of the changing and growing attack surface,” said Tim Erlin, VP, product management and strategy, Tripwire. “Misconfiguration is one of the biggest threats to cloud security, and we have seen this in several cases where private data was inadvertently exposed through the cloud. With the proliferation of so many different cloud services, it’s critical to manage and secure the configuration of an organization’s cloud usage.“

Click to enlarge

With its integrity monitoring capabilities, CMA alerts organizations if sensitive information is mistakenly left exposed on the internet through public cloud storage services like Amazon S3 and Google Cloud buckets and Azure blobs. By providing change monitoring of files stored in the cloud and alerting to suspicious or unauthorized changes, CMA gives organizations information for mitigating publicly exposed cloud data.

Erlin added: “Misconfigured storage elements are not the only cloud threat CMA addresses. The average enterprise subscribes to approximately 16 SaaS services, like Salesforce.com, that hold sensitive customer data. Given increased privacy regulations like GDPR and the California Consumer Privacy Act, organizations should be especially careful about protecting the data held in these applications.“

The company is suited to address security and compliance concerns and the needs of hybrid cloud environments – spanning on-premise, cloud and multi-cloud deployments – with unified management and support for elastic monitoring, container assessment, and cloud platforms and policies.