Vendor: Cavirin
Website: www.cavirin.com
Product: Cavirin CyberPosture Intelligence for the Hybrid Cloud
Price: Starts at $500 per month

Quick Read

Strengths:
Excellent hybrid cloud environment with real-time visibility.
Weakness:
None that we observed.
Verdict:
Great API-driven technology that integrates with Slack, Jira and Okta for SSO, also provides users concrete documentation and workflow suggestions. This is a strong contender in its space and worth a look.

Rating Breakdown

SC Labs Reviews

Reviews from our expert team

Features:
Rating: %s
Documentation:
Rating: %s
Value for Money:
Rating: %s
Performance:
Rating: %s
Support:
Rating: %s
Ease of Use:
Rating: %s
Rating: 5.00/5 5.00/5

Summary

Tested by: Matthew Hreben & Katelyn Dunn

Cavirin CyberPosture Intelligence is an analytics-minded solution that ensures continuous compliance, workload security posture and cloud security posture. The challenge many modern enterprises face is a complex and ever-changing network architecture that spans multiple cloud and hybrid-cloud environments. This sprawling landscape requires a solution that can accurately determine if security policies and measures are enforced.

Leading this charge is the solution’s most prominent feature, the CyberPosture Score. CyberPosture is scored from 0-100 (0 being poorest score, 100 being best). To propagate this scoring, CyberPosture discovers and classifies resources, assesses threats, identifies weakness, evaluates controls, determines likelihood of a threat event and analyzes the impact that threat would have on the business.

Analysts can view asset groups to drill into a specific grouping’s CyberPosture score, the state it is in, the resource count and the environment in which it is located. Analysts achieve this visibility using the CyberPosture Dashboard, which breaks down scoring in security and compliance as subsets of the overall CyberPosture score. In the dashboard’s resource view, users can assign criticality to one or more specific assets to get a score. Note, these ratings correlate to the amount of resources in use, which makes it more practical when analysts drill into the CyberPosture score to see where critical issues are and how they have been prioritized.

We have found this approach to be practical. For example, analysts can review the current score compared to a desired one and run a report based on that target score. Cavirin will generate a remediation plan to achieve that desired score. This is essential to many compliance frameworks, addressing both the current state of a system as well as its more developed, future version.

Users typically struggle building a meaningful risk security assessment process across a hybrid environment due to the lack of network visibility and the cost of needing multiple products. Cavirin CyberPosture Intelligence for the Hybrid Cloud serves as a single, unified view of the hybrid cloud environment that gives real-time, continuous monitoring and assessment, has automatic asset discovery and encompasses an API-first architecture that integrates security into DevOps. It enables continuous improvement of security posture and is cost-effective compared to alternatives requiring multiple products.

Several roles within an organization would benefit from the visibility permitted by this solution. Consider how integrating Security into DevSecOps creates headaches, usually surrounding coordination between those teams. Security reviews that occur late in the development process and infrastructure planning inefficiencies result in overprovisioning. The professionals most apt to benefit from this portion of the platform would be vice presidents of engineering, heads of operations and DevOps professionals. Or in the case of secure cloud migration, the general pain points are usually surrounding need for continuous compliance post-cloud migration, lack of visibility and multiple tools for hybrid infrastructure and IT integration. Professionals benefiting from this portion would be CISOs, SecOps, chief compliance officers and chief risk officers.

With Cavirin, analysts can add cloud environment credentials to essentially create a perimeter on a cloud. They can then proceed to discovering resources and picking a policy pack from the varied selection available to choose from. Users have the flexibility to tailor these policy packs to meet their specific business needs due to the solution’s layered visibility and control with hybrid cloud workloads and a public cloud control panel.

Cavirin offers basic no-cost support, with 24/7 phone and web support that’s included in the monthly licensing at Core and Plus. A robust knowledgebase is offered as well as an FAQ list.