See our SolarStorm response
  • Network Security
  • Cloud Security
  • Security Operations
  • More
  • Get support
  • Sign In
  • Get Started

Evident.io Announces Evident Security Platform (ESP®) for AWS GovCloud

Jun 08, 2017 at 12:00 AM

Only Offering in GovCloud that Provides Complete and Continuous Visibility of Security and Compliance

Pleasanton, Calif. — Jun 8, 2017 — Evident.io, a leading provider of security and compliance automation platforms for Public Clouds, today announced that Evident Security Platform (ESP) GOV SaaS is now available for the Amazon Web Services (AWS) GovCloud region. The ESP GOV offering comes enabled with NIST 800-53 Compliance View which provides one-click reporting for the pass/fail status of all testable controls.

Agencies and organizations that want to run sensitive workloads where they can benefit from public cloud efficiency while remaining in compliance with government regulations and guidelines like NIST 800-53, FedRAMP, CJIS, NIST 800-171 and HIPAA use AWS GovCloud. While AWS simplifies compliance by covering the physical security and access controls, with over 400 configurable security measures, the users’ shared responsibility for the security in the cloud requires them to monitor for changes to their infrastructure that inadvertently puts them out of compliance.

“A security-first mindset with a focus on continuous monitoring, compliance and management of security risks enables organizations to differentiate themselves from others stuck in legacy environments,” said Tim Prendergast, CEO and co-founder of Evident.io. “Continuous measurement of your NIST controls validates that you treat security as an always-on feature of your products and services. We repeatedly see breaches where basic controls were not followed resulting in reputational and monetary damages against organizations, their clients, and their vendors.”

Continuous Compliance for GovCloud Environments 
The Evident.io solutions for GovCloud make continuous compliance possible by automating the continuous monitoring and reporting of security controls. With ESP enabled, the security controls are validated as often as every five minutes and when configurations do not pass the requirements of any particular control check alerts are issued. Automated enforcement workflows can also be triggered to get the infrastructure back to a secure and compliant state.

Organizations like Jive Software that provide services to the federal government use Evident Security Platform to maintain their cloud environments in compliance with NIST standards. The activities involved in monitoring and enforcing compliance in a dynamic cloud environment requires automation.

“The Evident Security Platform and the NIST Compliance Report provides practitioners, executives and auditors the information they need to manage and demonstrate compliance,” said Matt Willman, Principal Security Systems Engineer at Jive Software. “Having the ability to drill down from a compliance report to a control and then down to the actual risks in a clear and easily understandable way gives 3rd parties confidence in our security management practices."

The ESP GOV product includes continuous monitoring, risk assessment, user attribution, which can help identify insider threats, and easy one-button reporting for NIST 800-53 and CIS AWS Foundations Benchmark. Additional compliance products are available today for NIST 800-171 and PCI DSS 3.2, and HIPAA, ISO 27001 and SOC2 compliance reports are coming soon.

Speeds ATO 
With on-going assessment of security best practices throughout the entire development lifecycle, organizations can speed attainment of Authorization to Operate (ATO) for their software projects using ESP. With workflow and monitoring collaboration capabilities, DevOps and SecOps teams can use ESP for AWS GovCloud to rapidly and repeatedly meet ATO guidelines.

Evident.io recently announced a strategic partnership and investment from In-Q-Tel. The partnership will advance the development of technology features needed to help the Intelligence Community (IC) secure its infrastructure in all AWS environments including AWS CS2 Cloud and AWS GovCloud, allowing deployment of FedRamp High compliant architectures quickly and confidently.

A free trial of the ESP GOV product is also now available allowing organizations to get an assessment of their cloud security within minutes of signing up.

About Evident.io 
Evident.io is the pioneer and leader in security and compliance automation for public cloud. The Evident Security Platform (ESP) enables organizations of all sizes to proactively manage cloud security risk — minimizing attack surface and improving overall security posture, all from a single dashboard. Evident.io is a privately held company based in Pleasanton, Calif. and backed by Bain Capital Ventures, True Ventures, Venrock, GV, and In-Q-Tel. For more information, please visit: www.evident.io

Evident.io, ESP, and the Evident.io logos are trademarks of Evident.io, Inc. in the United States. 
*Other names and brands may be claimed as the property of others.


Related Resources

Article

What is a denial of service attack (DoS) ?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users.
September 2, 2020

Article

What Is SASE?

Secure access service edge, or SASE (pronounced “sassy”), is an emerging cybersecurity concept. It is the convergence of wide area networking.
September 2, 2020

Article

What is a Zero Trust Architecture

Zero Trust has become one of cybersecurity’s latest buzzwords. It’s imperative to understand what Zero Trust is, as well as what Zero Trust isn’t.
November 11, 2020

White Paper

How SOAR is transforming threat intelligence

This white paper talks about how we need to transform threat intelligence by integrating it into an extensible SOAR platform enabling analysts to take full control over their threat intelligence combined with the power of proven SOAR capabilities.
March 30, 2020

Article

What Is a Site-to-Site VPN?

A site-to-site virtual private network (VPN) is a connection between two or more networks, such as a corporate network and a branch office network.
September 2, 2020

Article

What is an Endpoint?

An endpoint is a remote computing device that communicates back and forth with a network to which it is connected.
November 10, 2020

Be the first to know.

As a member you’ll get exclusive invites to events, Unit 42 threat alerts and cybersecurity tips delivered to your inbox.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
Subscription Reward

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Investors
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Careers
  • Contact Us
  • Manage Email Preferences
Report a Vulnerability
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)
  • Facebook
  • Linkedin
  • Twitter
  • Youtube
Create an account or login

© 2021 Palo Alto Networks, Inc. All rights reserved.