CLOUD SECURITY
POSTURE MANAGEMENT

combined service of Alice&Bob.Company and Lacework

why

Keeping visibility across public cloud accounts – probably across multiple public cloud vendors – is difficult. Hundreds and thousands of deployed cloud resources require an automated audit and mitigation approach.

A Cloud Security Posture Management (CSPM) delivers visibility into risk and compliance posture in modern cloud computing environments. It helps to automate cross account audits. Fix configuration errors before they get exploited! Take the Cloud Native security approach!

what

Alice&Bob.Company provides a managed CSPM solution, based upon Lacework. As a certified Lacework partner and reseller, Alice&Bob.Company sets up the
environment on behalf of the clients and takes over the operational responsibility.

This, on the one hand, gives our clients free resources to improve their digital product, on the other hand generates continuous insights into their cloud deployments, also across multiple public cloud vendors.

The most relevant public cloud platforms available are supported:

Among others, the CSPM platform covers
Here are the metrics we regularly achieve on projects using Lacework: 
HOW

Alice&Bob.Company will setup a new instance of the Lacework platform for the customer. This service is provided as a SaaS solution.

A&B will do all the initial configuration necessary. A&B attaches the CSPM platform read-only to client’s multiple cloud accounts. Afterwards A&B integrates into automation, set thresholds, and configure required alerting. When the platform starts working, Alice&Bob.Company constantly maintains the CSPM platform for you. A&B tweaks and optimizes the CSPM configuration rules to minimize false positives and automate as much as possible.

Alice&Bob.Company takes over the operational responsibility. integrates to the alert and notification chain. This also includes real-time alerting. In collaboration with the customer – and considering the concrete scope of the contract – Alice&Bob.Company can fix simple security issues themselves.

More complex security incidents are tracked and handled by Alice&Bob.Company’s Security Incident Management process.
They are resolved tandem working with the client.

The customer will get direct access to the CSPM tool and can take advantage of the detailed reporting.

This service is built upon 03 Launch services

YOUR BENEFITS

Main advantages of performing Cloud Security Posture Management (CSPM) with A&B:

Continuous Penetration Testing

Minimize the risk of application vulnerabilities by combining manual and continuously automated penetration testing for your web applications and API’s.

Cloud Security Trainings

Never stop learning! The cloud never stops teaching! In Jan 2021 AWS consists of more than 199 ready to use service. 45+ of those are security related. Let us help to enable and educate you team(s) with an individual training plan over a timeframe of 6 to 24  months.

Managed Container & Serverless Security

Have you heard about Kubernetes Security Posture Management (KSPM)? Keep a clear view on your Cloud and Serverless Security with A&B’s Managed Container & Serverless Security.

Managed Perimeter Protection

Protect your publicly accessible websites, e-commerce platforms, IoT-, IIoTT-applications and other dynamic web application against abuse of bugs, vulnerabilities and Distributed Denial of Service (DDoS) attacks. The team of A&B and AWS give you a peaceful sleep. 

CI/CD Pipeline improvement

Pimp your existing CI/CD pipeline to the next level! Alice&Bob.Company continuously monitors and improves your current CI/CD pipelines.
We continuously integrate automated and scalable Cloud Security into your software development lifecycle.

Security Champions Program
Accelerate your product development while staying secure by integrating security-as-code in your software development lifecycle. A&B provides a unique “integrate&enable” approach to set up and maintain a companies Security Champions Program.
Security Chaos Engineering Program

Transfer the disruptive operational method of chaos engineering, developed initially by Netflix, to cloud security. We accompany your team(s) over the course of 12 month to establish the concepts and culture of Security Chaos Engineering (SCE).

Custom Tailored Managed Service

Is there anything you need, but we haven’t covered? We are always curious and eager to learn about your requirements. And maybe, we develop a new Cloud Security Managed Service together.