Here at FireMon we have a bit of a different take on Cloud Security Posture Management. Cloud Defense was built from the ground up to support real-time security operations. Our goal, from day one, has been to help detect and remediate cloud security issues before they become cloud security problems.

Although we support automated remediations, either via the console, ChatOps, or full automated, in many situations it makes more sense to manually review and fix something so you are less likely to experience an unintended consequence. For many issues this should be handled by the team that owns the account/subscription/project, which is why we created our advanced ChatOps and ticketing notifications. By sending issues right to teams in the tools they already use in real-time you empower them to fix things more quickly using their preferred technique.

But sometimes, especially if something is exposed to the Internet at large (and maybe in the middle of the night) you will want SecOps to step in and fix it right away. This kind of break glass access should be restricted, used judiciously, and comprehensively logged.

That’s the example in this video. Watch, in real time (really, there aren’t any cuts) an entire response process from misconfiguration to remediation in less than two minutes: