|
|
|
|
|
|
by david_obrien
1569 days ago
|
|
|
Thanks. CSPM products usually are great at finding any misconfiguration (compliance violation) in a cloud environment and mapping it to a Compliance framework.
This is important, compliance I mean, but I've seen numerous organizations struggle to find actual security issues within all those "compliance violations".
Don't get me wrong, configuring AWS Account contact details, resource tags and not underutilising resources is important, but not really a security issue. ARGOS takes (currently) a subset of controls from well-known frameworks (like CIS, NIST, etc) and maps them to security frameworks like MITRE Att&Ck, but also automatically investigates each misconfiguration to see if there are other things in the environment exposed because of this one misconfiguration (i.e. "is an AWS RDS exposed because its SG allows access from an EC2 that is publicly exposed?") and then draws a diagram of the immediate environment around this misconfiguration, literally showing a "path" (cyber kill chain) that someone could walk if they were to make it into the environment. ARGOS doesn't claim to find MORE things in an environment, we save you time where you'd have to manually investigate each alert, we show more context than just "here's a single misconfigured property" and we even have remediation baked into the platform. Really, ARGOS probably doesn't 100% fit into the CSPM category. We have users that use a CSPM AND ARGOS. |
|
|
Your site could really benefit from explaining what your differentiation is. Drawing the "path" sounds very cool, especially if you can do things like showing how an exposed VM could compromise an S3 bucket (via the VM's role).