Save Assignee Cc Number with airSlate SignNow

Save assignee cc number

today I wanted to walk through the features and functions of the cloud conformity platform as you can see here this is the summary screen of the platform whereby you know working with the AWS and Azure clouds down the left hand side you will be able to see across your entire environment whether that being as your AWS as you can see here each of these are the accounts within the system so you can group various accounts like you can see here with seven AWS accounts and then you can look at individual accounts as well so what this is meaning is the conformity bot is running in the backend looking for miss configurations aligning to best practice and in reporting back to you is there a high severity failure in the system and then we have various severity so from extreme very high high medium and low naturally the conformity bot is running every hour in the system but we also have a real-time monitoring capability to get instant you know inputs around the the value within the system what you can see here is I'll go to a bit more of a broader look so you can see if you go to the threat monitoring open monitoring dashboard this is basically a audit of the real-time monitoring component so this is a mixture of cloud trail and cloud watch eventbus listen allows us to capture the information and then report back to you via various channels or provides an order a mediation in real-time to this as well the real-time component is what largely all of our clients have because they want to understand if someone was gonna come into your environment and sign in as root you would get a real-time notification through a slack channel for an example of that occur happening another example is if there was a product and with critical information and an Easter Eve bucket was left open or an a des was not encrypted those you know high severity failures you would be alerted on in real time as I scroll down you can quickly see as well I'm just going to go to an individual account so you can see more specific information we have a cost monitoring capability as well today we will just purely be focused around the base security and compliance and real-time component if we look at the compliance status you will see the five pillars aligning to the well architected framework and this is a huge component where cloaca for me looks to automate the compliance standards within the system to help you on that journey one of them is the AWS as well I could take the framework whereby it's it's in the DNA of our of our organization you can also see compliance levels in the evolution and in the the status of your data which has housed you know in various regions as well so this gives you an entire view of where it has placed various accounts of various services and gives you clarity around if there was some action with outside of your your region obviously that provides you a strong level of detail to to go into it what I will do next is go to the settings go to the broad setting so this is the backbone of cloud conformity where we provide five hundred and thirty rules or controls and that's across sixty AWS services as cloud conformity is a security and compliance governance tool you know the forefront of our organization as the security component so if I just click on security so we get a defined view on security controls we have three hundred and seventy seven in our system so a good example is understanding that trusted adviser to date has just over seventy controls and I believed is around 17 of those that are aligned for security so this is a good example of the native tools of AWS which are excellent but what we look to do is obviously take it to their mix level understanding that various organizations operate function in different ways when you see a particular chick so you can see here the rule name the category the well architect the framework which AWS service is a and then we have a prescriptive rest level so cloud conformity through education of the market analysis the understanding of compliance standards we provide a an out-of-the-box risk level but what we allow you to do if I take the unrestricted a DPX is for example if I press the configure button this gives you the ability to understand this chick in more detail you can actually start adapting and changing the severity to whether your business wants to you know obtain this information we can also enable and disable the rule in various examples sections an example here of an s3 bucket was connected to your public website because they had static content with the net that was obviously an action that you want to you wanted to occur in an action so by setting an exception or mean that rule will continue to action understanding that we try and be as out-of-the-box as possible there are a number of rules which we would need our client to configure fortune 49 of these are in the system a good example is we would not know your you're blacklisted am eyes will come down to look at also good examples are users silent to AWS from a white listed IP address so this is a perfect example where you can start adapting the severity you can start adding these IP addresses with them a system so what we try and do again these users activity and blacklisted regions and other good example so we're looking to not only report on misconfigurations allow them to be practice but give you the ability to have additional security layers in your infrastructure as well as I move back to the main screen there will give you an understanding of the engine behind cloud conformity whereas we're evaluating the environment we understand that currently the Matis master account in a demo environment is 43 percent compliant by going into the improved button what this gives you is a view by the rule or a view by the particular resource if unless instance just look at the view by rule you can see again the rule name the AWS service which category the well-acted framework and the risk level again from extreme working all the way down through to lower severity if I was to choose one particular control here I might come down to and click on the s3 bucket default encryption so wherever you see a plus sign it gives you the ability to click on it and obtain more information on that particular chick or control or resource so in this example it provides you when the failure was introduced what is the back what is the message at hand the region we give you the hot link as well and then if you move to the right hand side we've provided you some actual items on here if you click on obviously providing the visibility and understanding this is a high severity failure we want to start resolving that particular chick so what we've done is come outside of the platform to thee to the knowledge base which is on our website what this provides you is which is what is the check at hand if I scroll down what is the pillar the well architected what risk level actually tells you it's a tie and why it's not acceptable this is the the inputs here on my that's not acceptable so there's a group a great reasoning when you're reporting back to your business on why you're you're taking certain actions and then we provide you the the audit steps through AWS as console as well as the command-line interface as you can see here and then we provide the remediation and resolution steps aligning to that as well the power of this knowledge base as we have over 700 best practices currently for for AWS and in Asia but as I scroll down it will show you the particular services and and knowledge based controls and best practices as well so basically what that means is it's really tricky to be an AWS or Asia security expert but this page will help you action and remediate those particular values in the environment through best practice moving back to the the main screen now also within that particular failure you can see that you can start configuring that control as well enabling and disabling as before and then wherever you would make a change if I had a tagging convention which had the exception website and I went to say press save you cannot save anything in the system unless you lift a audit control or that note so that way you can save that also you can you know ascend that particular message to someone by email but these a I'll show you in the the and the settings and a second how we do that on a more regular basis you can also start suppressing particular controls in the system as well so gives you the ability to do it by a days or just a number of hours so if you had you know some critical workloads going you could be quite specific on on when you'd suppress that particular check obviously to make a audit note on that as well as I go back to the main screen I'm actually gonna go up to the the settings bar and go into the communication settings so what I have here is the communication and notification channels that we currently have in our system this gives the ability to cloud full cloud conformity to fit into your workflows on a day to day basis an example was you know 90-odd percent of our clients would never actually come into the the main UI but basically they'd be synced you know a a JIRA ticket for an example around those particular failures or tickets associate to my specific business unit and so that's how they would perform on it on a daily and regular basis what you can do here from management perspective as you're setting up the cloud conformity our UI and platform you can have notification automatic notification channels set up what you can do here is start being really particular around what information are you you're looking to send to a particular person or a particular business unit so this gives you the ability as you can see here there's been previous settings set so in this example dining dynamo DB and RDS are the main focus so this would be the the chicks that will be seen through so whenever there's a dynamo DB and a des you know service running which has picked up in the u.s. West Oregon region which is purely focused around security and we will make this extreme or very high I want to say that this channel and be seen to the Steve team or this engineering team through tackle so this way it gives you the ability to be very specific and then you can start configuring that to your zero URL as well so basically populating that into the system so then you can set the correct you know projects assignees to each of these these channels as well once you have that set up this is something that you can start duplicating across various accounts on the system as well so as you can see these various you can start populating I'm afraid one more piece thinking around the remediation component we also have a open source project via our github page whereby we have a bit of a visual on on how it works so basically you can see the grey box here which is the cloak conformity API so if we had an intruder coming into your environment and turning gadget guard duty off for an example what would happen is we would get an API call to cloud conformity which would send a message to the SNS topic which would trigger to the orchestrator and turn ID a duty back on which is a lambda function associated to this open source project we have just over 50 our lambda functions associated you know for those examples around having gadget enabled every region having you know cloud trail enabled in every region this one here and ensure history buckets do not allow public read exists so here the the those functions associated to automate order remediates are components in your environment as well there are various other you know github pages within cloud conformity so that's around our api and add CloudFormation template scanning capabilities as well so that will be all for our walkthrough today thank you