The constant evolution of threats combined with the ever-changing attack surface of your infrastructure requires steady monitoring to ensure you stay secure.

Сloudguard continuously scans your environment for changes and any potential weaknesses using both inspection and attack simulation – leveraging the same TTPs as a real-world adversary.

  • Source Control and CI/CD Resources
    Identify vulnerabilities early in the value chain where their impacts and remediation costs are lower.
  • Dependency Scanning
    Scan container images and app libraries for vulnerabilities to ensure your application is safe.
  • Configuration Scanning
    Verify your cloud environments are securely configured and catch environment drift automatically.
  • Test the Runtime Stack
    Check for vulnerabilities in your stack whether its virtual machines, container orchestration, or serverless.
image

Identify Misconfigurations and Nested Vulnerabilities

Continuously monitor your cloud environments to alert of any misconfigurations and potential security issues. Expose vulnerabilities in your application code and nested dependencies.

Scan Cloud Configurations
and Infrastructure Code

Verify your cloud environments are configured with secure best practices using CIS provider, service, and other industry-standard benchmarks.
image logo
image logo
image logo
image logo
image logo

Analyse Code Quality and
Security in Over 30 Languages

Catch vulnerabilities introduced early in the development cycle – with robust code quality and package vulnerability support for every popular framework and language.
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo

Scan Containers
from Any Registry

Check for vulnerabilities in container images and layers across all major cloud provider registries and any registry that supports the Docker V2 API.
image logo
image logo
image logo
image logo

Easily Integrate with Your
CI/CD Pipeline

From commit and pull request scan triggers, to issue tracking, to chat ops, the CloudGuard platform supports deep integration with your DevOps workflows.
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo
image logo

Expose Exploitable Weaknesses

Continuously scan for runtime vulnerabilities in your servers, containers, and applications. Combined with configuration scanners and static code analysis, runtime scanning gives you a complete 360° view of your attack surface.
  • Complete App Lifecycle Scanning

    Get 360° coverage by inspecting for vulnerabilities and best practices when your apps are built, and continuously as they run.
  • OS and app scanning

    CloudGuard probes your servers for OS-level vulnerabilities. We also probe for installed applications and test for vulnerabilities in the application layer – including containers and nested virtualization.

Attack Simulation and Penetration Testing

Gain deeper insights into how a threat actor could exploit the weaknesses in your system across each stage of the kill chain. CloudGuard provides continuous attack simulation and manual penetration testing with detailed evidence and guidance for remediation.
1RECONNAISSANCE

Phishing Awareness

CloudGuard's attack simulation platform tests both the technical and human elements of security. Test your users' security aptitude with automated and curated phishing campaigns.
2WEAPONISATION

Endpoint Security

We validate that your client and server endpoints have appropriate immunity to exploits to limit the number of attacks a threat actor can utilise.
3DISTRIBUTION

Email Gateway

Continuously validate your email delivery system to ensure proper quarantining and filtering. We'll also ensure email is appropriately encrypted or signed based on policies defined by you.

Network Security

CloudGuard simulates payload delivery on your network to detect weaknesses in your traffic inspection and firewall configurations.
4EXPLOITATION

Endpoint Security

CloudGuard integrates with your EDR solution to ensure threats are contained when weaknesses are exploited. The responsiveness of your EDR solution impacts risk scoring and prioritisation.

Web Application Firewall

In addition to "assume-breach" scenarios, CloudGuard will also test for exploits from outside of your network, including tests against web applications and other public-facing assets.
5PERSISTENCE

Lateral Movement

From the installed CloudGuard VA/PT agent, our attack simulation attempts to move laterally across your network, dropping micro-agents from which we'll pivot to other VLANs.
6COMMAND
& CONTROL

Web Gateway

CloudGuard tests outbound access controls to ensure connections to known bad addresses and domain names, such as Command and Control (C&C) nodes, malware depots, and more.
7EXECUTE

Exfiltration & DLP

We also validate proper network controls such as DLP are in place to prevent exfiltration. Sample data includes credit cards, PII, and more.

Ransomware Recovery

CloudGuard tests your ability to prevent or recover from a ransomware attack by deploying real ransomware on sample datasets.

Service Plans

  • Vulnerability Scanning
  • Container Scanning
  • Cloud Security Scanning
  • Web Application Scanning
  • 1 per Year Human Penetration Testing
  • Remediation Validation
  • Zero-Day Analysis
  • Real-Time Vulnerability Scans
  • 2 per Year Human Penetration Testing
  • Automated Attack Simulation
  • Custom Attack Simulation Scenarios
  • Custom CMDB Integration
  • Custom Service Desk Integration
  • 4 per Year Human Penetration Testing
  • Vulnerability Scanning
  • Container Scanning
  • Cloud Security Scanning
  • Web Application Scanning
  • 1 per Year Human Penetration Testing
  • Remediation Validation
  • Vulnerability Scanning
  • Container Scanning
  • Cloud Security Scanning
  • Web Application Scanning
  • 1 per Year Human Penetration Testing
  • Remediation Validation
  • Zero-Day Analysis
  • Real-Time Vulnerability Scans
  • 2 per Year Human Penetration Testing
  • Automated Attack Simulation
  • Vulnerability Scanning
  • Container Scanning
  • Cloud Security Scanning
  • Web Application Scanning
  • 1 per Year Human Penetration Testing
  • Remediation Validation
  • Zero-Day Analysis
  • Real-Time Vulnerability Scans
  • 2 per Year Human Penetration Testing
  • Automated Attack Simulation
  • Custom Attack Simulation Scenarios
  • Custom CMDB Integration
  • Custom Service Desk Integration
  • 4 per Year Human Penetration Testing
Internally Scanned Asset
16
min max
Externally Scanned Asset 2 £ 60
Container Scanning 10 £ 60
Web Application Scanning £ 200
Cloud Configuration Scanning 5 £ 150
Illustrative cost
£  1 136 /mo. ProfessionalBased on 2 year term

Ready to see what Cloudguard Security can do for you?

Our cybersecurity experts are ready to understand your needs and walk you through our strategy and approach. In addition, gain knowledge of your cybersecurity and risk posture with our free cyber health check.