Cloud Security Posture Management
How Do I Sign Up?
Follow these steps to start monitoring your environment:
Step 1
Sign up for a free Armor demo.
Step 2
Log into Armor CSPM.
Step 3
Set up a Connector in the Armor Management Portal (AMP).
Step 4
Run a Report.
Product Overview
Armor Anywhere with cloud security posture management (CSPM) enables users to monitor the security posture of their public cloud infrastructure and helps them remain compliant against major mandates such as PCI, HIPAA and CIS Benchmarks. Users can quickly identify and get direction to remediate accidental risks through the Armor Management Portal.
CSPM currently supports the following three public cloud environments:
Amazon Web Services (AWS)
Microsoft Azure
Google Cloud Platform (GCP)
Features
Ease of Use
Immediate setup with no workload interference
CSPM can be set up in minutes and does not require an Armor Anywhere agent. CSPM uses cloud connectors to establish connection into a user's public cloud account. Cloud connectors use APIs to aggregate data from user accounts without interfering with their public cloud service. It builds an inventory of the cloud account with detailed metadata and relationship mapping used for subsequent analysis.
Comprehensive workload visibility
Armor Anywhere with CSPM delivers a single-pane-of-glass view across all deployments from the Armor Management Portal. CSPM discovers and aggregates a user's assets and resources from one or multiple cloud providers.
Compliance Features
Mandate based assessments
Users can view the compliance posture of their environment against selected compliance mandate(s). Example report views include HIPAA and PCI.
Supported report generation of policies and mandates aligns with the supported cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
Discover and apply mandates on resources to detect cloud misconfigurations
Remediation and Resources
Each report pulled contains both resources and remediation steps for each control group. Compliance status of the assessment can be viewed for each resource.
In depth Compliance documentation can be found here.
Pricing
Pricing is on a per connector basis. You are billed for each connector that was active during the month. A connector is comprised of a provider and a unique account id. Users may add several different connectors for a single provider where they have multiple accounts, or multiple accounts for multiple providers or just a single connector for one provider. A single account may consist of something like:
AWS - 987987987
AWS - 876876876
GCP - 1234123455
Azure - 4548484848
Each month, the invoice is billed for each active connection.
Rerunning a report should be done using the Rerun Report option. Deleting a connector and adding it back should not be done to rerun a report. A connector should not be deleted unless it is no longer required. A connector that is reporting offline or pending for an extended period of time should follow troubleshooting documentation.