Technology Partners are companies that provide Software, Infrastructure or Integration services that satisfy the Governance Risk and Compliance requirements of our clients. Cloud technology providers, offering SaaS, IaaS and PaaS are selected with particular attention to ways that these product features benefit the overall business strategy of our clients.
Fourth generation security platform for Enterprise, SaaS and MSP
Cavirin Systems, Inc., today announces the release of Pulsar, Cavirin’s fourth generation elastic security platform performing security compliance and risk assessments for complex IT infrastructure at enterprise scale. Pulsar’s agentless architecture is capable of running trusted, deep security scans across distributed infrastructure regardless of the topology such as private, hybrid, and public clouds. Representing substantial investment and commitment, Pulsar is a natural product progression based on the changing pace and complexities of cloud-based technology and augments Cavirin’s ARAP (Automated Risk Analysis Platform) that is popular among small to medium sized enterprises.
"Pulsar is built for the Enterprise, SaaS, and Managed Service Providers. We’re moving ahead to the next level, offering greater flexibility in the adoption of DevOps environment." Dr. Rao Papolu, CEO and Chairman, Cavirin
Cloud Agnostic Discovery
With enhanced cloud-agnostic discovery, policy analysis, risk signaling and compliance reporting engines, Pulsar supports real-time security monitoring with continuous risk assessments of infrastructure hosted on Amazon Web Services (AWS), Microsoft Azure, and Google Cloud as well as private and hybrid clouds based on VMware, OpenStack and other virtualization technologies such as containers. The risk and compliance of container security, such as Docker, can be scanned against industry standards like HIPAA, PCI, SOC2, NIST, and many others. The risk and security of a host, Docker engine, and container can be checked against Docker Benchmark by Center for Internet Security (CIS). Cavirin’s implementation of the benchmark rules is certified by CIS.
Pulsar’s DevOps friendly API platform has been designed from the ground up. Today’s high-performance, security-minded enterprise teams require systems that integrate with key business critical applications and platforms. Pulsar leverages RESTful API architecture, providing DevOps engineers with enough flexibility and the opportunity to design and operate customized security & compliance workflow meeting the business process standards followed within the enterprise. Pulsar provides security monitoring and management across such modules as Amazon Simple Storage Service (S3), OpenStack and Cloud Data Management Interface (CDMI).
"Pulsar, with its open, eco-system platform architecture, and a special “Risk Signaling Engine” concept, is envisioned to be a hyper-plane endpoint to provide a total, integrated visibility of security & compliance posture, and to provide an automation mechanism against remediation workflow to target and remediate deviations." Dr. Ravi Rajamiyer, VP Engineering
Detection to Correction - Scan Once Comply Many
Pulsar’s next generation UI is flexible, relevant, scalable and simple to use. Security software has to facilitate rapid decisions through visible risks and clear remediation steps. Customizable scanning and reporting make managing complex security scans and multiple compliance assessments as simple as a few mouse clicks. Cavirin Pulsar empowers users with relevant knowledge and integration to the tools required to continuously optimize IT operations while reducing attack surface.
Entry to Regulated Markets
AWS customers using the AWS cloud plus Pulsar for sensitive federal and state government workloads, experience one additional byproduct, their continuous compliance over their investment and implementation of AWS advanced security services and features. Monitoring, tracking and assuring activity logging (AWS CloudTrail), encryption of data in motion and at rest (Amazon S3’s Server-Side Encryption), comprehensive key management and protection (AWS Key Management Service and AWS CloudHSM), along with integrated access management (IAM federated identity management, multi-factor authentication) drive the successful adoption of cloud for business and successful entry of these cloud-enabled services to heavily regulated markets.
Simplified and Extensive Security Mapping
Pulsar is packaged with a large set of comprehensive, dynamically curated policy packs that help security-conscious IT organizations to get compliant and stay compliant. Security Engineering is finally heard, with Pulsar merging and managing findings across multiple regulatory standards such as PCI DSS 3.2, HIPAA, ISO27002, SOC 2, NIST CSF, CJIS, UK Cyber Essentials, CIS CSC top 20, FFIEC, NERC, GLBA, etc.
"We go beyond CIS certified criteria for benchmark, evaluating major regulatory framework objectives relative to their impact to threat and cybersecurity. We ask “What is the target? Who is accountable? When does the threat occur?” and use this extended analysis to create hundreds of thousands of platform based policy-to-threat, detect-to-correct mapped connections. We embrace Pulsar’s neutron star emitting a million beams of compliance light." Robin Basham M.IT, CISSP, CISA, CRISC, CGEIT, VP Security & Compliance
Products today have vaguely aligned security to compliance, but Pulsar changes all that. Pulsar platform evaluates system policy infrastructure “rules” and considers their potential for STRIDE (spoofing, tampering, repudiation, information disclosure, denials of service, elevation of privilege).
CIOs and CISOs will appreciate the Pulsar comprehensive dashboard for the visualization of scan results highlighting security posture across the entire infrastructure, including historical trends. CAE’s and the Board gain continuous assurance of Infrastructure, DevOps, and Security Operations Center activities that identify, protect, detect, respond, and recover from evolving cyber security threats
Cavirin is transforming the way IT security manages risk. Founded in 2012, Cavirin’s platform is a purpose-built agent-less solution that deploys quickly to on-premises, cloud, and containerized infrastructures, helping organizations reduce complexity, become more agile, and drive dramatic increases in efficiency with their risk and compliance programs. Leveraging continuous visibility and automated assessments, companies are empowered to make the right decisions faster. Cavirin’s Automated Risk Analysis Platform (ARAP) is a security and compliance fabric that provides continuous configuration evaluation with recommendations for alignment to industry standards and best practices, prioritizing systems and risk remediation efforts across complex hybrid IT infrastructures. Offering up-to-the-minute compliance assessments, Cavirin supplies audit ready evidence as measured by every major regulatory, and security best practice framework.
About Center for Internet Security
The Center for Internet Security, Inc. (CIS) is a 501c3 nonprofit organization focused on enhancing the cyber security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS provides resources that help partners achieve security goals through expert guidance and cost-effective solutions.
DISA, a Combat Support Agency, provides, operates, and assures command and control, information sharing capabilities, and a globally accessible enterprise information infrastructure in direct support to joint warfighters, national level leaders, and other mission and coalition partners across the full spectrum of operations.
LoginSecure is an all-round design company specialised in website presentation and security. EnterpriseGRC Solutions trusts hosting and security administration, as well as template design to LoginSecure. We also recommend them to our business partners and clients.
The Holistic Information Security Practitioner Institute (HISPI) now welcomes EnterpriseGRC Solutions as a member of their HISP Certification Board/Committee. We are in the initial stages of establishing how we can best offer support to this very worthwhile organization.