We are comprehensive cloud management for modern enterprises, services providers, and the public sector.
Everything you need to manage and allocate costs, optimize spending, and save money.
Unified secure configuration, activity monitoring, and IAM tracking for the public cloud.
Give financial operations a complete picture of IT costs across hybrid cloud infrastructure.
The next step in cloud security—ensure your cloud infrastructure is audit-ready for 35 regulatory standards.
Built to optimize the best features of the major cloud providers in a single pane of glass.
With an integrated ecosystem carefully chosen for your success.
Our technology partners amplify the advantages of the cloud.
Comprehensive management and automation of cost, security, compliance, inventory, and utilization for the modern enterprise.
A full suite of modules and tools to support the unique business needs of MSPs, CSPs and resellers, from custom invoicing to analytics and reporting.
Unified cloud management for federal, state, local, and higher education institutions.
Amazon Web Services recently announced the Authority to Operate (ATO) on AWS program. ATO provides resources to software developers, such as CloudCheckr, to encourage their compliance efforts. Even before this announcement, CloudCheckr has invested heavily in internal security and certifications of dozens of personnel. In fact, nearly half of CloudCheckr staff is certified on AWS solutions with more on the way. Additionally, CloudCheckr is actively pursuing FedRAMP certification.
CloudCheckr already empowers organizations looking to achieve compliance with numerous standards, thanks to hundreds of Best Practice Checks (BPCs) that scan for misconfigurations and vulnerabilities. Many of those checks support Self-Healing Automation, allowing administrators to fix issues with the click of a Fix Now button, or a Request Fix button which initiates an approval workflow. Admins can even select Always Fix, which empowers CloudCheckr to fix the issue immediately upon detection.
Recently, CloudCheckr launched Total Compliance, a new module that builds on these Security Best Practice Checks. The controls of 35 distinct regulatory standards are mapped to CloudCheckr’s BPCs and displayed as a score. Compliance scores are plotted over time, so enterprises can track their progress. CloudCheckr’s recently announced SnapBack service is supported, so auditors can go back in time, as far as seven years, to evaluate a point-in-time compliance score.
The announcement from Amazon notes that “ATO on AWS is a partner-driven process that includes training, tools, pre-built CloudFormation templates, control implementation details, and pre-built artifacts. Additionally, customers are able to access direct engagement and guidance from AWS compliance specialists and support from expert AWS consulting and technology partners who are a part of our Security Automation and Orchestration (SAO) initiative, including GitHub, Yubico, RedHat, Splunk, Allgress, Puppet, Trend Micro, Telos, CloudCheckr, Saint, Center for Internet Security (CIS), OKTA, Barracuda, Anitian, Kratos, and Coalfire.”
“Security is top-of-mind for many organization as they move to the cloud, and rightly-so. The only way to consistently achieve compliance, at scale, is through automation,” said Aaron Newman, CEO/Founder at CloudCheckr. “Our security, compliance and automation tools provide organizations with the most advanced, robust and secure cloud management capabilities on the market.”
Even with the specific security and compliance benefits inherent with AWS, organizations must be aware of the Shared Responsibility Model. Within its Shared Responsibility Model, AWS provides a secure IT infrastructure or environment, similar to a secure house with a strong door and lock. However, it is still the homeowner’s responsibility to lock the door to ensure security. Similarly, organizations must play their part in securing their cloud. CloudCheckr provides the tools to automate security to meet government regulations while enhancing availability and optimizing costs.