MVISION Cloud for Infrastructure as a Service (IaaS) provides a safety net for corporate resources and data in services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform.
Secure Configuration Management
IaaS providers create an "easy button" for application developers that can sometimes lead to misconfigurations and vulnerabilities. MVISION Cloud for IaaS helps to protect your resources and data by ensuring that standards are adhered to and security best practices are followed.
MVISION Cloud Cloud’s built-in templates allow customers to check compliance against popular benchmarks such as CIS and identify vulnerable infrastructure or storage in minutes.
Cloud object storage provides unparalleled flexibility and opportunities for analytics. However, this presents the risk of data loss or misuse. MVISION Cloud’s data protection can help ensure compliance and protect objects from unauthorized storage or disclosure.
When deployed as part of a McAfee Enterprise Unified Cloud Edge (UCE) solution, data protection policies already defined for an endpoint, Shadow IT, or Sanctioned SaaS can be seamlessly applied to IaaS.
MVISION Cloud for IaaS provides activity monitoring similar described in the Sanctioned SaaS section. A near real-time feed of IaaS activity including API calls and configuration changes are streamed to MVISION Cloud and analyzed for anomalous activity and compliance with configuration policies.
Code and Container Security
Posture Management (CSPM)
In addition to applying best practices and benchmarks to IaaS resources, MVISION Cloud does the same for code and container orchestration tools such as Kubernetes and Docker.
MVISION Cloud for Containers automatically scans code checked into code automation tools such as Jenkins and causes builds with insecure configuration or components to fail.
MVISION Cloud for Containers includes a lightweight shim that is inserted into each container. This shim operates somewhat like a firewall, allowing MVISION Cloud to baseline normal behavior for an application and alert and block abnormal activity.