cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Offir_Zigelman
inside CloudGuard-Dome9 yesterday
views 84 1 1
Employee

CloudGuard Dome9 Feature Enhancement: IAM Safety

CloudGuard Dome9 IAM Safety is a public cloud Privileged Identity Protection for Amazon Web Services (AWS) IAM users and roles. It provides just-in-time access to the most sensitive operations in AWS. We’re now enhancing the capabilities of IAM Safety, with better support for groups and better workflows. The changes include: Each IAM user/role can now be controlled by a group of Dome9 Users, and each Dome9 user can control a group of IAM users/roles.These new capabilities would allow a real team-based work in IAM safety. A use case example is explained later. Simplified UI, reducing the number of screens to improve usability. Enhanced UI capabilities, including multi-select, which would help Dome9 users to be more efficient. Added screen to present active permission elevations, to monitor current status. New Major Use Case: As mentioned above, with the new enhancements it is now possible to work in teams. For example, you can provide the Security Team access to Dome9, and let each team member control the IAM permission elevation of other AWS IAM users (Developers, DevOps and others). When AWS IAM users need to perform an operation restricted by IAM Safety, they can contact one of the Security Team members, explain the need, and ask for permission elevation. The Security team member can then login to Dome9 and authorize the permission elevation for the relevant IAM users or roles, for a specified time frame. When the time expires, the IAM restrictions are applied again. For more information on IAM Safety visit our new documentation site: https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/IAM-Safety/IAM.html
Eyal_Fingold
inside CloudGuard-Dome9 Saturday
views 83 1
Employee

CloudBots GCP support released

Hi all, Weve just release CloudBots support of GCP. Getting started is easy and info is here
Offir_Zigelman
inside CloudGuard-Dome9 a week ago
views 82 2
Employee

New CloudGuard Dome9 Feature: Alerts tab in Entity Page

We added Alert tab for all the protected assets in the Inventory. Background The Dome9 Inventory present all the assets that Dome9 fetch from the all onboarded cloud accounts, across all the platforms, in a single place. The inventory includes powerful filtering capabilities and export capabilities. For each asset in the inventory we provide an "Asset Page" that presents information on the asset. The page for all supported asset types presents the attributes we retrieve from the cloud platform, and for some assets we present additional information (such as IAM permissions and more). New Capability You can now see all the Compliance and Log.ic alerts in the asset page, for all the entity types. This new information makes the asset page the place to see 360 view on a protected asset. We plan to add additional information to the asset page - stay tuned!
Martins
Martins inside CloudGuard-Dome9 2 weeks ago
views 115 1

Why Dome9 doesn't control IAM on Azure?

Hi,I want to understand why the Dome9 actualy do not support IAM control on Azure.Maybe a API limitation on Azure?Thanks!
cjunior
cjunior inside CloudGuard-Dome9 2 weeks ago
views 108 1

How Dome9 can help us on serverless architecture?

Hello,Is the Dome9 able to give us visibility to a PaaS, Kubernetes services or it is able to only inventory IaaS (EC2, RDS, VM)?I asked because we have accounts that do not have IaaS and so not appears items on Inventory and Clarity flow map, for example.Wich features have Dome9 to help us on this environment kind?Thank you.
Offir_Zigelman
inside CloudGuard-Dome9 2 weeks ago
views 87 2
Employee

New CloudGuard Dome9 Feature: Compliance Playground Layout Improvements

We enhanced the the Compliance Playground layout, making it more usable for you. The new page layout separates cloud platforms by putting them on their own tabs and adding sorting functionality based on service categories. Cloud Provider tabs separation applies to all the rule building screens. Note: there will be no effect to the GSL Builder (GSL Playground) functionality or GSL syntax. For more information on the Compliance Engine you can refer to the documentation site: https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Compliance-and-Governance/Compliance.html
Offir_Zigelman
inside CloudGuard-Dome9 2 weeks ago
views 261 1
Employee

New CloudGuard Dome9 Feature: API Key name

CloudGuard Dome9 API Keys now support name and creation date. API Keys are required for working with Dome9 REST APIs. These new attributes would allow more informative use of the API Keys. It would also be clearer when key rotation (or deletion) may be required. For more information on API Keys management see here: Create CloudGuard Dome9 API Key.
Offir_Zigelman
inside CloudGuard-Dome9 2 weeks ago
views 77
Employee

New Compliance Entity: Azure LogProfile

We added a new Azure Entity in the Compliance Engine: LogProfile. Log Profiles are part of the Azure Activity log, and it it now possible to reason on configurations such as log retention policy, locations categories and more. We'd soon add additional GSL rules to some of the relevant compliance rulesets.
Eyal_Fingold
inside CloudGuard-Dome9 2 weeks ago
views 140 2
Employee

CloudBots new version and Azure support released

Hi all, We've just released a new version of CloudBots, CloudBots is an automatic remediation solution for public cloud platforms (AWS and Azure). An open source project Deployed in your cloud environment Powered and curated by Check Point CloudGuard Dome9 Ensures your cloud environment is protected So getting started is easy and info is here
Eyal_Fingold
inside CloudGuard-Dome9 2 weeks ago
views 106
Employee

AWS Organizations synchronization of accounts and organizational units into Cloud Guard Dome9

Some great work done by Matt Ambroziak that enables fully automated solution to onboard accounts into Dome9 using three options: Simple on-boarding of the AWS account that is running the script Cross-account on-boarding of child accounts from a parent AWS account AWS Organizations synchronization of accounts and organizational units (OUs) for on-boarding Check it out its open source so appreciate your contribution a well: https://github.com/Dome9/onboarding-scripts/tree/master/AWS/full_automation
Offir_Zigelman
inside CloudGuard-Dome9 2 weeks ago
views 116 2
Employee

New Dome9 Feature: Edit Exclusions

In CloudGuard Dome9 it is possible exclude specific findings from appearing in the results of assessments, for both manually triggered compliance assessments, and continuous compliance assessments. Using exclusions, you can declutter the findings lists by removing findings that are not interesting to you. The excluded findings will also not be included in the calculation of the overall assessment results, or the results for a specific rule. Excluded findings will also not be sent as notification messages (by email, SNS, etc) to external systems. It is now possible to edit existing exclusion policy. To edit exclusions, go to the Compliance & Governance -> Exclusions, hover on the exclusion policy, and click the pencil icon. For more information on exclusions refer to the official documentation: https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Compliance-and-Governance/Exclusions.html
Offir_Zigelman
inside CloudGuard-Dome9 2 weeks ago
views 118 1
Employee

New Dome9 Feature: Onboarding Azure Gov accounts

We now support onboarding of Azure Gov accounts (https://azure.microsoft.com/en-in/global-infrastructure/government). The onboarding of Gov subscriptions is similar to the regular subscriptions. All the CloudGuard Dome9 features are supported, as well as all the services that Azure support in Gov subscriptions.
venkata_marutur
venkata_marutur inside CloudGuard-Dome9 3 weeks ago
views 125 1

How to protect PaaS Assets using Checkpoint Solution

Hello All,I would like know the Checkpoint solution for PaaS assets like Azure web apps, Azure SQL Databases and such. Is it Dome9 in conjunction with Cloudbots the best approach or is there any other option available.Thanks.
Sean_Van_Loon
Sean_Van_Loon inside CloudGuard-Dome9 a month ago
views 2059 4 1

Dome9 course/exercises/training

Dear (check)mates, At CPX360 I saw a first (little) demo of Dome9, which is a magnificent piece of technology.However, I'm looking for a course, exercises or training about it, I would like to know more about.Does something like this exist already? Or is this coming in the near future? Will Dome9 integrations be done by Partners? Or is it at this point only with Check Point Professional Services? Thanks in advance! Kind regards, Sean