News

Paladin Cloud Launches Open Source Security-as-Code Platform

• By David Ramel
• 07/11/2022

Flush with $3.3 million in seed funding, startup Paladin Cloud has launched an open source Security-as-Code platform that aims to holistically improve cloud security.

The new platform is designed to address increasingly complex and dynamic cloud configuration issues that could lead to user misconfigurations, a longstanding and continuing problem that has resulted in many high-profile data breaches and other cybersecurity issues.

The company said the open architecture of its security framework allows connections into a wide variety of cloud-based enterprise systems -- including Kubernetes, container scanning, API gateways and threat intelligence -- across the "Big 3" public cloud platforms: Amazon Web Services (AWS), Microsoft Azure and Google Cloud. It does that in part with self-healing auto-fixes for identified problems and role-based access control (RBAC), used to drive automated workflow and remediation.

Featuring an extensible policy management plane across multi-cloud and enterprise systems, the platform contains hundreds of best practice security policies and performs continuous monitoring of cloud assets, while also prioritizing security violations based on severity levels to help users focus on important events. It also has authoring capabilities to help users build their own custom policies and rules.

"The platform's resource discovery capability creates an asset inventory, then security policies are evaluated against each asset," the project's GitHub repo states. "Powerful visualization allows developers to quickly see and remediate violations on a risk adjusted basis. An auto-fix framework provides the ability to automatically respond to policy violations by taking predefined actions. Paladin Cloud is more than a tool to manage cloud misconfiguration, it's a holistic cloud security platform that can be used to do continuous monitoring and reporting for any domain."

All of the above functionality is included in the company's complete bullet-point list of key features:

• Continuous asset discovery
• Continuous security policy evaluation
• Detailed reporting
• Auto-Fix for policy violations
• Ability to search all discovered resources
• Simplified policy violation tracking and prioritization
• Easy to use Self-Service portal
• Custom policies and custom auto-fix actions
• Dynamic asset grouping to view compliance
• Ability to create multiple compliance domains
• Exception management
• Email digests
• Supports unlimited AWS, Azure, and GCP accounts
• Completely automated installer
• OAuth2 Support
• Azure AD integration for login
• Role-based access control

"We launched the company to change the security paradigm for developers and security teams by providing a holistic approach to cloud security through a modern open source platform that functions as a policy management plane across multi-cloud and enterprise systems," said Daniel Deeney, co-founder and CEO, in a July 11 news release. "Our vision for the open source community is to provide developers a powerful platform with visibility into their cloud environments to identify key risks and protect their applications," added Steve Hull, co-founder and CTO.