The FireMon Cloud Security Maturity Model Dashboard automatically assess all the technical cloud security control objectives in the CSMM 2.0, and includes fast and easy interactive manual checks and exemptions for 100% coverage. It’s the simplest and most powerful way to understand the strengths, weaknesses, and ways to improve you security program.
Maturity, Automated
Assess, boost, and improve your cloud security program’s maturity with FireMon Cloud Defense. Cloud Defense is the only platform to automatically and fully assess your security program using the Cloud Security Maturity Model (CSMM). For free!
*30 days of Pro for free. Keep daily assessments and compliance reports with a 30-day resource inventory for life.
Break free from a sea of findings and rely on industry-standard Key Performance Indicators. Free for 30 days, with no subscription limits!
About the CSMM
The CSMM was developed by IANS Research and Securosis in partnership with the Cloud Security Alliance. It includes Cloud Security Control Objectives (KPIs) across 12 categories in 3 domains. The CSMM is designed to help organizations understand where they are on the cloud security journey and how to improve their cloud security program to achieve the best outcomes. Organizations can get started with the IANS Diagnostic Survey and FireMon Cloud Defense.
Cloud Defense Dashboard
Cloud Defense automatically assesses key cloud security controls from the CSMM, and combines these with written answers for control objectives that can’t be automatically aligned, to show you your overall maturity across your cloud deployments (AWS supported, Azure coming soon). This guide will walk you through the major features. For more information on the CSMM and to take the IANS survey-based diagnostic please visit https://www.iansresearch.com/resources/cloud-security-maturity-model
Domains and Categories
The CSMM includes 12 Categories organized into 3 Domains. Each Category includes between 1-3 Cloud Security Control Objectives for each maturity level. These all come directly from the published CSMM. Click on each Domain or Category to see your detailed results for that area.
Cloud Defense Scope
By default, Cloud Defense assesses every deployment onboarded to the platform and compiles the results. You can change the scope to only focus on specific projects or deployments.
Cloud Defense Maturity Rating
Your maturity is defined as highest level of maturity where you pass all checks and questions. Some checks are evaluated for the entire organization, and others for individual cloud deployments. The displayed percentages are the pass rates at your defined scope.
Detailed Results
You can easily dive in to assess your maturity across your deployments. Control Results shows your overall Pass or Fail. Check Results shows every pass or fail for every account and resource so you can pinpoint problems. Account Status shows which accounts have completely passed or which ones have any failures.
Real-Time Updates
Cloud Defense Pro continuously updates results in real-time. The model itself will also be adjusted to maintain alignment with the latest updates issued by IANS/CSA/Securosis so your maturity may change as the model changes. Pro customers will soon have the ability to swap out different automated checks to better tune the assessments to their operations.