Automated Security Assurance Platform (ASAP)

Spanugo ASAP: Revolutionizing Security Policy Assurance

Spanugo ASAP takes a completely unique approach to validating security posture, one that is comprehensive, continuous, and consistent. Delivered as a SaaS offering, ASAP easily integrates with existing security infrastructure and was designed to support hybrid cloud from its inception.

Spanugo's ASAP

Security assurance is a critical issue for organizations of all sizes. A documented policy isn’t enough: assurance requires that the relevant security systems and configurations to support the policy have to actually be implemented across all applications and data. Verifying this is extremely difficult in today’s dynamic IT environment, which is why most security breaches exploit relatively simple security configuration and process failures. What is needed is a new approach to dynamically validate the security posture, one that doesn’t rely on scripts and manual processes and is built to scale in a hybrid-cloud environment.

ASAP: Solution Deliverables for Effective Security Assurance

ASAP provides four key outputs that support efficient risk management and compliance:

VISIBILITY​

All organizations struggle to achieve and maintain full visibility into their environment and associated security risks. ASAP provides actionable intelligence that exposes objects, events, and risks across the hybrid environment. This situational awareness is invaluable to drive risk-based decision making and efficient use of limited resources.

VALIDATION

Validation Reports drive rapid remediation. ASAP provides both summary and detailed views of how closely the current environment matches the policy requirements. They detail all cases where a specific security control required by policy is not correctly implemented in the environment and how exactly the variation was detected.

DRIFT ANALYSIS

Drift Analysis delivers operationally efficient, "What’s new?" reports. They provide concise information about recent control changes, making it easy to spot degradation in security caused by environmental changes. Drift reports also enable continuous compliance by providing data that drives an ongoing process of control validation.

ASSURANCE ANALYTICS

ASAP analytics proactively identify potential risks independent of security policy. Threat Analytics discover where risky software or configurations exist, based on threat intelligence and other external datasets. This is particularly critical for recently deployed or upgraded infrastructure or applications that may not yet be covered by the organization’s security policy.

Spanugo ASAP enables a simple process for validating security systems and configurations.

Auto-discover on-premises and cloud objects where security controls should be deployed

Create policies based on organizational security requirements and compliance control objectives

Generate security templates that merge policy with the actual systems and technology in each in-scope domain
Create scheduled, automated security validation, or use APIs to perform event-triggered validations, for example upon cloud environmental changes

The Spanugo Difference

Unlike other solutions, ASAP was built from the ground up to operate across traditional on-premise, virtualized, and cloud environments. Its white-box architecture provides full visibility and control of platform logic, while also being extensible to leverage and integrate with existing technologies in the environment. These factors are key to allowing ASAP to augment, leverage or replace existing tools and processes, thereby reducing costs and operational overhead.
Unlike the fragmented approach to policy validation generally used today, ASAP
  • Automates all aspects of security assurance, including automating resource and configuration discovery
  • Supports traditional on-premise, cloud IaaS/PaaS, and SaaS architectures
  • Includes several best practice and regulatory controls sets including PCI, HIPAA, NIST and CIS “out of the box”
  • Provides the option of creating summary and detailed reports, automatic exception notifications or ITSM ticket generation
  • Is extensible to leverage existing technology investments and support new applications, compliance requirements and infrastructure quickly without software coding or scripting.