As a company born on and designed for AWS, Dome9 has more specialized security support for AWS than any other cloud platform. From security group policy automation to agentless cloud API orchestration to visualization of CloudFormation templates, we’ve built a unique user experience dedicated to improving security and manageability for the AWS security administrator. Dome9 SecOps is typically the security operations console for our customers on AWS.
Security Visualization for AWS
Dome9 SecOps includes Clarity, a visualization console that can help enterprises gain the visibility and control they seek in the cloud, and drastically cut down on the time it takes to identify network misconfigurations. Clarity enables dynamic and real-time topology maps of your security groups and instances, even CloudFormation templates.
Stop unauthorized users and applications from modifying security groups without your permission. Automatically revert mistaken or malicious policy configurations. And the new Region Lock feature guarantees that no network changes can be made to the region, unless created via the Dome9 console. With Region Lock, newly detected security groups will immediately have their rules cleared on both ingress and egress.
Centralized security management
Consolidate policy controls across your EC2 and VPC security groups and instances and across multiple AWS accounts and regions. Build security policies using a simple web-based interface with the Dome9 SecOps console with one single policy working across groups of servers over multiple cloud accounts and cloud platforms. Policies update automatically as servers come and go, or are modified.
Readable and reusable policy objects
Don’t settle for cryptic. With Dome9 SecOps, you can create meaningful policy names and descriptions for your AWS services. Never write the same IP address twice either. With Dome9 SecOps, you can define custom lists of IPs to reference in whitelists and rulesets.
– Configuration management – continuous monitoring of security configurations across server instances and AWS security groups.
– Dynamic Access Leases – leave ports closed by default, and open secure, on-demand access through a single click on a browser or mobile app.
– File Integrity Monitoring – encapsulated within the lightweight Dome9 agent for both Windows and Linux
– Compliance auditing – create a detailed archive of ALL policy changes across accounts and regions.
“We leverage Dome9 to protect our growing and distributed Cloud based file storage environment. Dome9 provides us improved access controls through on demand dynamic access leasing and improved security and compliance through detailed auditing and alerting.”
Senior Manager, Security and Compliance
“We see Dome9’s feature set as critical to the day to day cloud security operations in the F100 enterprises that we work with. In fact, I have not seen another product that can redefine the security operations experience on AWS like Dome9 SecOps.”
VP Security and Governance Practice Lead, Cloud Technology Partners
“As a financial trading services SaaS solution Dome9 is an essential part of our AWS infrastructure security. Dome9 helps us minimize attack surface, manage dynamic access and comply with ongoing compliance requirements.”
Director Of Innovation And Product, Tradair