What CSPM can offer

CSPMでは、IaaSやPaaSの以下のような課題に対する解決策を提供します。

Number of incidents caused by misconfigurations found in the investigation

Many IaaS setting errors go unnoticed by administrators and operators.
McAfee conducted a survey of 1,000 companies in 11 countries on the number of misconfigurations that occur each month, and found that about 99% of misconfigurations go unrecognized.

引用：McAfee社 - クラウド固有の問題: IaaS（Infrastructure-as-a-Service ）の採用とリスク
https://www.mcafee.com/enterprise/ja-jp/forms/gated-form.html?docID=5580a0ae-cb39-42e8-9d59-ab8385a36a5

At what points are configuration errors likely to occur?

It can occur with IaaS-specific elements such as: It is necessary to have a different perspective from the on-premise environment where security operations have been conducted so far.

Such…

Issues with Security Monitoring Functions Provided by Cloud Providers

Task ①
We provide audit tools for each cloud provider, but in the case of a multi-cloud environment, an audit mechanism is required for each.

課題②
IaaSでは日々新しいサービスが提供されています。運用者がこれらのサービス追加スピードに追随するためには、高い学習コスト・工数が必要となります。

Detects setting errors related to setting items unique to the IaaS/PaaS environment

CSPM products store configuration audit items for each IaaS and PaaS environment as templates.
Detect vulnerable settings of IaaS/PaaS through regular scans.

* Excerpt from McAfee MVISION Cloud management console

Provides framework-compliant configuration audit items

It provides audit policies that comply with security frameworks such as NIST (National Institute of Standards and Technology), CIS (Center For Internet Security Controls), HIPAA (Health Insurance Portability and Accountability Act), and PCI-DSS.

Manage from one console for multi-cloud

Multiple cloud environments can be centrally managed on one console.
By integrating and managing settings and access status on a single dashboard, you can break away from complicated management and significantly reduce operation man-hours.