We are comprehensive cloud management for modern enterprises, services providers, and the public sector.
Everything you need to manage and allocate costs, optimize spending, and save money.
Unified secure configuration, activity monitoring, and IAM tracking for the public cloud.
Take the guesswork out of managing your cloud and free up resources with dynamic automation.
The next step in cloud security—ensure your cloud infrastructure is audit-ready for 35 regulatory standards.
Built to optimize the best features of the major cloud providers in a single pane of glass.
With an integrated ecosystem carefully chosen for your success.
Our technology partners amplify the advantages of the cloud.
Comprehensive management and automation of cost, security, compliance, inventory, and utilization for the modern enterprise.
A full suite of modules and tools to support the unique business needs of MSPs, CSPs and resellers, from custom invoicing to analytics and reporting.
Unified cloud management for federal, state, local, and higher education institutions.
You may have heard a few Cloud Management Providers talking about a “single pane of glass” interface, and that sounds intriguing. Who wouldn’t want a single view that optimizes cloud costs, automates billing and invoicing, and ensures security and compliance? But talk is cheap, and some of our competitors are promising more than they deliver. By overstating their security features, customers might get a false sense of added security.
Looking below the surface, the features that some CMPs claim to have developed are merely AWS Trusted Advisor checks displayed in a new GUI, and are included security features that AWS actually provides. Passing those checks off as their own, and charging for them, is misleading at best, and malfeasance at worst.
The handful of AWS Trusted Advisor checks are a good start, and CloudCheckr adds hundreds of additional checks, many with automated self-healing capabilities to fix vulnerabilities, even while administrators sleep. Such capabilities are only possible because of our extensive library of internally-developed Best Practice Checks. And don’t forget, CloudCheckr’s Total Compliance reports display a compliance score, plotted over time, for 35 distinct regulatory frameworks including HIPAA, PCI-DSS, NIST and CIS. CloudCheckr’s Security functionality is generations ahead of competitors and additive to the functionality contained within AWS native tools.
Security is in CloudCheckr’s DNA. CloudCheckr started life as “Cloud Compliance”, a cloud security startup in 2011. Only after adding cost optimization, billing, and expense reporting, in response to cloud sprawl, did we become CloudCheckr—a full cloud management suite. Cost management is increasingly important for fast growing cloud-enabled businesses, and security is mission critical—and not easily added to vendor solutions. This is something cost-only providers are finding out the hard way. And unlike security-only offerings, it becomes evident that CloudCheckr pays for itself many times over, thanks to the cost savings identified.
Let’s define what a modern Cloud Management Platform (CMP) needs. It starts with reducing costs. More specifically, a CMP should help optimize cloud spend by identifying idle, underutilized and even completely unused resources. Plus, a CMP should make recommendations for Right Sizing instances and purchases of Reserved Instances and Spot Instances. A modern CMP must help service providers and businesses automatically create invoices to charge or “show back” different departments. And because the cost of a security breach can be far more expensive than any cost savings identified, a CMP also needs to ensure security and compliance in the public cloud.
Security is more than AWS Trusted Advisor
But how do you define “cloud” security features? AWS Trusted Advisor checks are a great start and users who are paying for Trusted Advisor should certainly leverage those checks. That’s why CloudCheckr also includes the AWS Trusted Advisor checks, but with full attribution to AWS, side-by-side with hundreds of our own internally-developed checks. CloudCheckr’s native security checks are more thorough, customizable, and flexible because we have developed them internally.
AWS Trusted Advisor Checks, clearly labeled next to CloudCheckr’s hundreds of native Best Practice Checks
Check Your Buckets
Competitors may have a single check for S3 Bucket permissions, perhaps the most written about vulnerability of the past two years. CloudCheckr has more than 20 distinct checks for S3 security. It’s not just a question of if your buckets are public or private (a check we provide to the public for FREE with S3Checkr.com and BlobCheckr.com) but do you have permissions properly set for Read, List, Upload/Delete, View Permissions, Edit Permissions? Do those rules apply to Everyone or just AWS authenticated users? Are the buckets encrypted? Do they contain sensitive data? These variations and others result in a need for dozens of different checks.
CloudCheckr’s S3 Security Best Practice Checks outnumber competitors by a factor of 20:1. Plus many of CloudCheckr’s checks offer Self-Healing Automation to fix vulnerabilities upon detection.
Some of CloudCheckr’s 20+ S3 Bucket Security Best Practice Checks
Many of CloudCheckr’s security checks support self-healing automation, via Fix Now and Always Fix. With Fix Now, those vulnerabilities can be fixed at the click of a button, without having to login to the AWS Console to manually correct the issue. With Always Fix, CloudCheckr can fix the issue every time it detects it, even while you are sleeping, and send you an email letting you know of the fix. Competitors direct users to the AWS Console with a link to Amazon’s help. CloudCheckr has context-sensitive help, built-in to the app, and detailed explanations of what CloudCheckr will do via automation.
Some of CloudCheckr’s Best Practice Checks. The blue icon indicates if a check supports Automated Self-Healing via Fix Now or Always Fix.
Once you fix a security issue, it doesn’t necessarily stay fixed. In addition to our Always Fix option, CloudCheckr provides Change Monitoring, Perimeter Assessment, Visualization tools and Security Alerts, which can integrate with ServiceNow, Slack, SNS, PagerDuty, Jira and email. CloudCheckr can even initiate a Lambda function for a completely custom response.
Parroting what AWS provides does nothing to address Microsoft Azure Security. CloudCheckr delivers internally-developed Security Best Practice Checks for Microsoft Azure, side-by-side with Azure Security Center recommendations, again with full attribution.
CloudCheckr now offers Total Compliance, featuring graphical charts and a compliance score. We map our hundreds of best practice checks to 35 different regulations including HIPAA, PCI-DSS, CIS, NIST and more, accessible via the user interface and API. With CloudCheckr, you can see, at-a-glance, your security posture specifically scored for the regulations in your industry.
CloudCheckr’s TOTAL COMPLIANCE Scoring of 35 Regulations and Industry Standards Including HIPAA, PCI-DSS, CIS, NIST and more. This is possible because of the 100’s of checks CloudCheckr has developed internally. Other vendors cannot deliver this by relying on AWS Trusted Advisor.
Adding It All Up
At CloudCheckr, we know that cloud security should not be an add-on or an afterthought. It needs to be integrated, robust, actionable and automated if you are truly going to have a healthy cloud.