Only Offering in GovCloud that Provides Complete and Continuous Visibility of Security and Compliance
Pleasanton, Calif. — Jun 8, 2017 — Evident.io, a leading provider of security and compliance automation platforms for Public Clouds, today announced that Evident Security Platform (ESP) GOV SaaS is now available for the Amazon Web Services (AWS) GovCloud region. The ESP GOV offering comes enabled with NIST 800-53 Compliance View which provides one-click reporting for the pass/fail status of all testable controls.
Agencies and organizations that want to run sensitive workloads where they can benefit from public cloud efficiency while remaining in compliance with government regulations and guidelines like NIST 800-53, FedRAMP, CJIS, NIST 800-171 and HIPAA use AWS GovCloud. While AWS simplifies compliance by covering the physical security and access controls, with over 400 configurable security measures, the users’ shared responsibility for the security in the cloud requires them to monitor for changes to their infrastructure that inadvertently puts them out of compliance.
“A security-first mindset with a focus on continuous monitoring, compliance and management of security risks enables organizations to differentiate themselves from others stuck in legacy environments,” said Tim Prendergast, CEO and co-founder of Evident.io. “Continuous measurement of your NIST controls validates that you treat security as an always-on feature of your products and services. We repeatedly see breaches where basic controls were not followed resulting in reputational and monetary damages against organizations, their clients, and their vendors.”
Continuous Compliance for GovCloud Environments
The Evident.io solutions for GovCloud make continuous compliance possible by automating the continuous monitoring and reporting of security controls. With ESP enabled, the security controls are validated as often as every five minutes and when configurations do not pass the requirements of any particular control check alerts are issued. Automated enforcement workflows can also be triggered to get the infrastructure back to a secure and compliant state.
Organizations like Jive Software that provide services to the federal government use Evident Security Platform to maintain their cloud environments in compliance with NIST standards. The activities involved in monitoring and enforcing compliance in a dynamic cloud environment requires automation.
“The Evident Security Platform and the NIST Compliance Report provides practitioners, executives and auditors the information they need to manage and demonstrate compliance,” said Matt Willman, Principal Security Systems Engineer at Jive Software. “Having the ability to drill down from a compliance report to a control and then down to the actual risks in a clear and easily understandable way gives 3rd parties confidence in our security management practices."
The ESP GOV product includes continuous monitoring, risk assessment, user attribution, which can help identify insider threats, and easy one-button reporting for NIST 800-53 and CIS AWS Foundations Benchmark. Additional compliance products are available today for NIST 800-171 and PCI DSS 3.2, and HIPAA, ISO 27001 and SOC2 compliance reports are coming soon.
With on-going assessment of security best practices throughout the entire development lifecycle, organizations can speed attainment of Authorization to Operate (ATO) for their software projects using ESP. With workflow and monitoring collaboration capabilities, DevOps and SecOps teams can use ESP for AWS GovCloud to rapidly and repeatedly meet ATO guidelines.
Evident.io recently announced a strategic partnership and investment from In-Q-Tel. The partnership will advance the development of technology features needed to help the Intelligence Community (IC) secure its infrastructure in all AWS environments including AWS CS2 Cloud and AWS GovCloud, allowing deployment of FedRamp High compliant architectures quickly and confidently.
A free trial of the ESP GOV product is also now available allowing organizations to get an assessment of their cloud security within minutes of signing up.
Evident.io is the pioneer and leader in security and compliance automation for public cloud. The Evident Security Platform (ESP) enables organizations of all sizes to proactively manage cloud security risk — minimizing attack surface and improving overall security posture, all from a single dashboard. Evident.io is a privately held company based in Pleasanton, Calif. and backed by Bain Capital Ventures, True Ventures, Venrock, GV, and In-Q-Tel. For more information, please visit: www.evident.io
Evident.io, ESP, and the Evident.io logos are trademarks of Evident.io, Inc. in the United States.
*Other names and brands may be claimed as the property of others.