Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

C3M Enhances its Unified Cloud Control Platform with IaC Security Scanning

by Jessica Weisman-Pitts
0 comment
euro news f1ueJKrd

5 October 2021

Protecting infrastructure-as-code environments demonstrates company’s vision to solve all cloud security and compliance challenges

5th October 2021, San Francisco, CA – C3M, a leader in Cloud Security Posture Management (CSPM) and Cloud Identity and Entitlement Management (CIEM) has today further expanded its comprehensive set of cloud native security capabilities with the launch of its Infrastructure as Code (IaC) Security Scanning module that governs and protects IaC by addressing compliance and security concerns before deployment.

C3M’s IaC Security Scanning helps organisations by identifying and remediating the misconfigurations and security vulnerabilities in the early stages of the build process. Integrated seamlessly in the development cycle, the C3M platform improves the cloud security posture by inspecting resources being created using IaC. Automatic scans that reduce the chance of human error are run against over 300 security governance policies to support companies achieve compliance standards. Providing continuous insight, the C3M IaC platform investigates the root cause of issues and facilitates engineers with recommendations to fix the issues.

With IaC templates containing thousands of potential vulnerabilities, 44% of templates non-compliant and more than 43% of cloud databases currently unencrypted, C3M’s IaC Security Scanning solves the security and compliance challenges of adopting IaC by shifting security left in the development cycle to identify misconfigurations before launched.

“Up to 80% of companies are using IaC to easily manage and provision their infrastructures on cloud, but the traditional security tools are inadequate to overcome the numerous challenges of adopting IaC. C3M’s IaC Security Scanning platform automates the security posture, identifying mistakes where they are made thus securing the infrastructure at code level and maintaining compliance standards,” said Paddy Viswanathan, CEO and Founder, C3M. “Our IaC scanning capability is yet another significant additional feature on our unified Cloud Control platform and underlines our ability to enable enterprises to confidently and seamlessly adopt the cloud.”

C3M’s IaC Security Scanning supports scanning of IaC templates written in Hashicorp Terraform. Seamlessly integrated with self-managed GITLab SCM and Github, it runs scans on every merge for every repository once on-boarded, posting results back to the SCM. It has provisions to perform out of process, ad-hoc scans, uploading the code in zip format and generating scan results at the click of a button. The module is also able to integrate with API based scanning enabling customisation and integration in any workflow.

About C3M
C3M, LLC is a San Francisco headquartered Cloud Security solutions provider. C3M’s Cloud Control is a 100% Agent-less, API based, cloud-native security solution that offers organisations complete cloud control through automated security intelligence, giving them actionable insights into the cloud, its security, and infrastructure, while also auto-remediating any security violations it detects. C3M Access Control helps enterprises gain complete control over identities and infrastructure entitlements, and right size identity privileges.