www.trendmicro.com
Open in
urlscan Pro
2.19.60.187
Public Scan
Submitted URL: http://cloudconformity.com/
Effective URL: https://www.trendmicro.com/cloudoneconformity/
Submission Tags: tranco_l324
Submission: On April 24 via api from DE — Scanned from DE
Effective URL: https://www.trendmicro.com/cloudoneconformity/
Submission Tags: tranco_l324
Submission: On April 24 via api from DE — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
*
Sign In
*
Buy
* Free Trial
--------------------------------------------------------------------------------
* Knowledge Base
* AWS
* Azure
* GCP
* Conformity
* Products
* Cloud One™ - Conformity
* All Cloud One™ Services
* Help
*
* Knowledge Base
* AWS
* Azure
* GCP
* Conformity
* Products
* Cloud One™ - Conformity
* All Cloud One™ Services
* Help
* Sign In
* Buy
* Free Trial
Use the Conformity Knowledge Base AI to help improve your Cloud Posture 💬
Conformity Knowledge Base AI >
TREND MICRO CLOUD ONE™
CONFORMITY KNOWLEDGE BASE
Cloud One - Conformity provides real-time monitoring and auto-remediation for
the security, compliance and governance of your cloud infrastructure. Leaving
you to grow and scale your business with confidence with over 750 automated best
practice checks.
Get Started Get Pricing Contact Us
KNOWLEDGE BASE
Along with better visibility, compliance and faster remediation for your cloud
infrastructure, Conformity also has a growing public library of 750+ cloud
infrastructure configuration best practices for your AWS™, Microsoft® Azure, and
Google Cloud™ environments. Providing simple, step-by-step resolutions to
rectify any security vulnerabilities, performance, cost inefficiencies, and
reliability risks. This catalogue of cloud guardrails is a core part of
Conformity which automatically monitors and auto-remediates cloud
infrastructure.
Below are the cloud, services and their associated best practice rules with
clear instructions on how to perform the updates – made either through the
console or via the Command Line Interface (CLI).
AWS
AWS supported services View all AWS rules
Azure
Azure supported services View all Azure rules
GCP supported services View all GCP rules
Conformity best practices
--------------------------------------------------------------------------------
SERVICE COVERAGE FOR
AWS View all AWS rules
* AWS CERTIFICATE MANAGER
To easily provision, manage, and deploy public and private SSL/TLS
certificates for use with AWS services and your internal connected resources
* AMAZON API GATEWAY
Create, maintain, and secure APIs at any scale
* AMAZON ACCESSANALYZER
Start querying data instantly. Get results in seconds. Pay only for the
queries you run.
* AMAZON APPFLOW
Amazon AppFlow is a fully-managed integration service that enables you to
securely exchange data between software as a service (SaaS) applications
* AWS APP MESH
AWS App Mesh is a service mesh that makes it easy to monitor and control
services.
* AMAZON ATHENA
Start querying data instantly. Get results in seconds. Pay only for the
queries you run.
* AWS AUTO SCALING
Application scaling to optimize performance and costs
* AWS BACKUP
Centrally manage and automate backups across AWS services
* AWS BUDGETS
Set custom budgets that alert you when you exceed your budgeted thresholds.
* AWS CLOUD FORMATION
Model and provision all your cloud infrastructure resources
* AMAZON CLOUDFRONT
Fast, highly secure and programmable content delivery network (CDN)
* AWS CLOUDTRAIL
Track user activity and API usage
* AMAZON CLOUDWATCH
Observability of your AWS resources and applications on AWS and on-premises
* AMAZON CLOUDWATCH EVENTS
Amazon CloudWatch Events delivers a near real-time stream of system events
that describe changes in AWS resources
* AMAZON CLOUDWATCH LOGS
Monitor, store, and access your log files from Amazon Elastic Compute Cloud
(Amazon EC2) instances, AWS CloudTrail, Route 53, and other sources
* AWS CODEBUILD
Build and test code with automatic scaling
* AMAZON COMPREHEND
Discover insights and relationships in text
* AWS COMPUTE OPTIMIZER
Recommends optimal AWS resources to reduce costs and improve performance for
your workloads
* AWS CONFIG
Record and evaluate configurations of your AWS resources
* AWS CONFIGSERVICE
AWS ConfigService is a fully managed service that provides you with a
detailed inventory of your AWS resources and their current configurations.
* AWS COST EXPLORER
* AMAZON DYNAMODB ACCELERATOR
Fully managed, in-memory cache for DynamoDB
* AMAZON DATA LIFECYCLE MANAGER
Manage the lifecycle of your AWS resources
* AWS DATABASE MIGRATION SERVICE
Migrate your databases to AWS with minimal downtim
* AMAZON DOCUMENTDB
Fast, scalable, highly available MongoDB-compatible database service
* AMAZON DYNAMODB
Fast and flexible NoSQL database service for any scale
* AMAZON ELASTIC BLOCK STORE (EBS)
Easy to use, high performance block storage at any scale
* AMAZON EC2
Secure and resizable compute capacity in the cloud. Launch applications when
needed without upfront commitments
* AMAZON ELASTIC CONTAINER REGISTRY
Easily store, manage, and deploy container images
* AMAZON ELASTIC CONTAINER SERVICE (ECS)
Run containerized applications in production
* AMAZON ELASTIC FILE SYSTEM (EFS)
Scalable, elastic, cloud-native file system for Linux
* AMAZON ELASTIC KUBERNETES SERVICE (EKS)
Highly available, scalable, and secure Kubernetes service
* ELASTIC LOAD BALANCING
Achieve fault tolerance for any application by ensuring scalability,
performance, and security
* ELASTIC LOAD BALANCING V2
Achieve fault tolerance for any application by ensuring scalability,
performance, and security
* AMAZON EMR
Easily Run and Scale Apache Spark, Hadoop, HBase, Presto, Hive, and other Big
Data Frameworks
* AMAZON ELASTICACHE
Managed, Redis or Memcached-compatible in-memory data store
* AWS ELASTIC BEANSTALK
Easy to begin, Impossible to outgrow
* AMAZON OPENSEARCH SERVICE
Fully managed, scalable, and secure Opensearch service
* AMAZON FSX
Fully managed third-party file systems
* AMAZON KINESIS DATA FIREHOSE
Prepare and load real-time data streams into data stores and analytics tools
* AWS GLUE
Simple, flexible, and cost-effective ETL
* AMAZON GUARD DUTY
Protect your AWS accounts and workloads with intelligent threat detection and
continuous monitoring
* AWS HEALTH
Provides ongoing visibility into the state of your AWS resources, services,
and accounts
* AWS IDENTITY AND ACCESS MANAGEMENT (IAM)
Securely manage access to AWS services and resources
* AMAZON INSPECTOR
Automated security assessment service to help improve the security and
compliance of applications deployed on AWS
* AMAZON INSPECTOR 2
The new version of Amazon Inspector has undergone a comprehensive
rearchitecture, streamlining vulnerability management by automating processes
and promptly delivering findings to swiftly detect emerging vulnerabilities.
Once enabled, the new Inspector service diligently locates all your workloads
and maintains a continuous cycle of vulnerability scans for both software and
unintended network exposures.
* AWS KEY MANAGEMENT SERVICE
Easily create and control the keys used to encrypt your data
* AMAZON KINESIS
Easily collect, process, and analyze video and data streams in real time
* AWS LAMBDA
Run code without thinking about servers. Pay only for the compute time you
consume
* AMAZON MQ
Managed message broker service for Apache ActiveMQ
* AMAZON MANAGED STREAMING FOR APACHE KAFKA
Fully managed, highly available, and secure Apache Kafka service
* AMAZON MACIE
A machine learning-powered security service to discover, classify, and
protect sensitive data
* AWS MACIE V2
* COMPLIANCE AND CERTIFICATIONS
Ensure your AWS services are compliant towards certification classification.
* AMAZON NEPTUNE
Fast, reliable graph database built for the cloud
* AWS NETWORK FIREWALL
* AWS ORGANIZATIONS
Central governance and management across AWS accounts
* AMAZON RELATIONAL DATABASE SERVICE
Set up, operate, and scale a relational database in the cloud with just a few
clicks
* CONFORMITY REAL-TIME THREAT MONITORING
A Real-time threat detection tool
* AMAZON REDSHIFT
The most popular and fastest growing cloud data warehouse
* AWS RESOURCE GROUPS
Organize your AWS resources
* AMAZON ROUTE 53
A reliable and cost-effective way to route end users to Internet applications
* AMAZON ROUTE 53 DOMAINS
A reliable and cost-effective way to manage domain names
* AMAZON S3
Object storage built to store and retrieve any amount of data from anywhere
* AMAZON SIMPLE EMAIL SERVICE
Flexible, affordable, and highly-scalable email sending and receiving service
for businesses and developers
* AMAZON SIMPLE NOTIFICATION SERVICE (SNS)
Fully managed pub/sub messaging for microservices, distributed systems, and
serverless applications
* AMAZON SIMPLE QUEUE SERVICE
Fully managed message queues for microservices, distributed systems, and
serverless applications
* AWS SYSTEMS MANAGER
Gain operational insights and take action on AWS resources
* AMAZON SAGEMAKER
Machine learning for every developer and data scientist
* AWS SECRETS MANAGER
Easily rotate, manage, and retrieve database credentials, API keys, and other
secrets through their lifecycle
* AWS SECURITY HUB
Centrally view and manage security alerts and automate compliance checks
* SERVICE QUOTAS
Service Quotas enables you to view and manage your quotas for AWS services
from a central location.
* AWS SHIELD
Managed DDoS protection
* AWS STORAGE GATEWAY
Hybrid cloud storage with local caching
* AWS SUPPORT
AWS Support
* AWS TRANSFER
Fully managed SFTP service
* AWS TRUSTED ADVISOR
Reduce Costs, Increase Performance, and Improve Security
* AMAZON VIRTUAL PRIVATE CLOUD (VPC)
Provision a logically isolated section of the Amazon Web Services (AWS) Cloud
where you can launch AWS resources in a virtual network that you define
* AWS WAF - WEB APPLICATION FIREWALL
Protect your web applications from common web exploits
* AWS WELL-ARCHITECTED
Learn, measure, and build using architectural best practices
* AWS WORKDOCS
Secure content collaboration, simplified
* AMAZON WORKSPACES
Access your desktop anywhere, anytime, from any device
* AWS X-RAY
Analyze and debug production, distributed applications
--------------------------------------------------------------------------------
SERVICE COVERAGE FOR
Azure View all Azure rules
* AKS
Microsoft AKS allows you to quickly deploy a production ready Kubernetes
cluster in Azure
* API MANAGEMENT
Microsoft Azure API Management is a hybrid, multicloud management platform
for APIs across all environments. As a platform-as-a-service, API Management
supports the complete API lifecycle.
* ACCESS CONTROL
Microsoft Entra ID Access Control (also known as Access Control Service or
ACS) is a cloud-based service that provides an easy way of authenticating and
authorizing users to gain access to your web applications and services
* MICROSOFT ENTRA ID
Microsoft Entra ID provides an identity platform with enhanced security,
access management, scalability, and reliability for connecting users with all
the apps they need.
* ACTIVITY LOG
The Azure Activity Log provides insight into subscription-level events that
have occurred in Azure
* ADVISOR
Azure Advisor is a personalized cloud consultant that helps you follow best
practices to optimize your Azure deployments.
* APPSERVICE
Azure AppService
* COSMOSDB
Microsoft Cosmos DB enables you to elastically and independently scale
throughput and storage across any number of Azure regions worldwide.
* AZURE FUNCTIONS
Azure Functions is a serverless solution that allows you to write less code,
maintain less infrastructure, and save on costs. Instead of worrying about
deploying and maintaining servers, the cloud infrastructure provides all the
up-to-date resources needed to keep your applications running.
* KEYVAULT
Microsoft Azure Key Vault enables you to securely store and access secrets
within your Azure cloud environment
* LOCKS
Microsoft Azure Locks provide a way for administrators to lock down resources
to prevent deletion or changing of a resource
* MONITOR
Monitor your applications and infrastructure
* MYSQL
Azure Database for MySQL servers
* NETWORK
Network
* POLICY
Policy
* POSTGRESQL
Azure Database for PostgreSQL servers
* RECOVERY SERVICES
Azure Recovery Services provides multiple backup solutions based on the
backup requirement and infrastructure topology
* REDIS CACHE
* RESOURCES
* SEARCH
* DEFENDER
Security posture management for cloud workloads
* SQL
Azure Database for SQL servers
* STORAGE ACCOUNTS
An Azure storage account contains all of your Azure Storage data objects
* SUBSCRIPTIONS
* SYNAPSE
Azure Synapse is a limitless analytics service that brings together
enterprise data warehousing and Big Data analytics.
* VIRTUAL MACHINES
VirtualMachines your applications and infrastructure
--------------------------------------------------------------------------------
SERVICE COVERAGE FOR
View all GCP rules
* GCP APIGATEWAY
* GCP BIGQUERY
BigQuery's serverless architecture lets you use SQL queries to analyze your
data. You can store and analyze your data within BigQuery or use BigQuery to
assess your data where it lives. To test how it works for yourself, query
data—without a credit card—using the BigQuery sandbox.
* GCP CERTIFICATEMANAGER
Certificate Manager securely stores and deploys certificates to your selected
proxies, which lets you provision certificates in advance and helps ensure
zero downtime during migrations.
* GCP API
Google Cloud APIs are programmatic interfaces to Google Cloud Platform
services. They are a key part of Google Cloud Platform, allowing you to
easily add the power of everything from computing to networking to storage to
machine-learning-based data analysis to your applications.
* GCP CLOUDCDN
Cloud CDN works with the global external Application Load Balancer or the
classic Application Load Balancer to deliver content to your users. The
external Application Load Balancer provides the frontend IP addresses and
ports that receive requests and the backends that respond to the requests.
* GCP DOMAIN NAME SYSTEM (DNS)
Cloud DNS offers both public zones and private managed DNS zones. A public
zone is visible to the public internet, while a private zone is visible only
from one or more Virtual Private Cloud (VPC) networks that you specify.
* GCP CLOUD FUNCTIONS
Cloud Functions is a serverless execution environment for building and
connecting cloud services. With Cloud Functions you write simple,
single-purpose functions that are attached to events emitted from your cloud
infrastructure and services. Your function is triggered when an event being
watched is fired, or by an HTTP request.
* GCP IDENTITY AND ACCESS MANAGEMENT (IAM)
With IAM, you manage access control by defining who (identity) has what
access (role) for which resource. For example, Compute Engine virtual machine
instances, Google Kubernetes Engine (GKE) clusters, and Cloud Storage buckets
are all Google Cloud resources. The organizations, folders, and projects that
you use to organize your resources are also resources.
* GCP CLOUD KEY MANAGEMENT SERVICE (KMS)
Cloud Key Management Service allows you to create, import, and manage
cryptographic keys and perform cryptographic operations in a single
centralized cloud service. You can use these keys and perform these
operations by using Cloud KMS directly, by using Cloud HSM or Cloud External
Key Manager, or by using Customer-Managed Encryption Keys (CMEK) integrations
within other Google Cloud services.
* GCP CLOUD LOAD BALANCING
A load balancer distributes user traffic across multiple instances of your
applications. By spreading the load, load balancing reduces the risk that
your applications experience performance issues. Google's Cloud Load
Balancing is built on reliable, high-performing technologies such as Maglev,
Andromeda, Google Front Ends, and Envoy—the same technologies that power
Google's own products.
* GCP CLOUD LOGGING
Cloud Logging is a fully managed service that allows you to store, search,
analyze, monitor, and alert on logging data and events from Google Cloud and
Amazon Web Services. Using BindPlane, you can also collect this data from
over 50 common application components, on-premise systems, and hybrid cloud
systems.
* GCP CLOUD PUB/SUB SERVICE
Pub/Sub is an asynchronous and scalable messaging service that decouples
services producing messages from services processing those messages.
* GCP CLOUD RUN
Cloud Run is a fully managed platform that enables you to run your code
directly on top of Google’s scalable infrastructure. Cloud Run is simple,
automated, and designed to make you more productive.
* GCP CLOUD SQL
Cloud SQL manages your databases so you don't have to, so your business can
run without disruption. It automates all your backups, replication, patches,
encryption, and storage capacity increases to give your applications the
reliability, scalability, and security they need.
* GCP CLOUD STORAGE
Cloud Storage's nearline storage provides fast, low-cost, highly durable
storage for data accessed less than once a month, reducing the cost of
backups and archives while still retaining immediate access. Backup data in
Cloud Storage can be used for more than just recovery because all storage
classes have ms latency and are accessed through a single API.
* GCP VPC
Google Cloud Virtual Private Cloud (VPC) provides networking functionality to
Compute Engine virtual machine (VM) instances, Google Kubernetes Engine (GKE)
containers, and serverless workloads. VPC provides networking for your
cloud-based services that is global, scalable, and flexible.
* GCP COMPUTE ENGINE
Compute Engine is a computing and hosting service that lets you create and
run virtual machines on Google infrastructure, comparable to Amazon EC2 and
Azure Virtual Machines. Compute Engine offers scale, performance, and value
that lets you easily launch large compute clusters with no up-front
investment.
* GCP DATAPROC SERVICE
Use Dataproc Serverless to run Spark batch workloads without provisioning and
managing your own cluster. Specify workload parameters, and then submit the
workload to the Dataproc Serverless service. The service will run the
workload on a managed compute infrastructure, autoscaling resources as
needed. Dataproc Serverless charges apply only to the time when the workload
is executing.
* GCP CLOUD FUNCTIONS
Cloud Functions is a serverless execution environment for building and
connecting cloud services. With Cloud Functions you write simple,
single-purpose functions that are attached to events emitted from your cloud
infrastructure and services. Your function is triggered when an event being
watched is fired, or by an HTTP request.
* GCP GOOGLE KUBERNETES ENGINE SERVICE
A GKE cluster has a control plane and machines called nodes. Nodes run the
services supporting the containers that make up your workload. The control
plane decides what runs on those nodes, including scheduling and scaling.
Autopilot mode manages this complexity; you simply deploy and run your apps.
* GCP RESOURCE MANAGER
Google Cloud provides resource containers such as organizations, folders, and
projects that allow you to group and hierarchically organize other Google
Cloud resources. This hierarchical organization lets you easily manage common
aspects of your resources such as access control and configuration settings.
Resource Manager enables you to programmatically manage these resource
containers.
--------------------------------------------------------------------------------
Whether your cloud exploration is just starting to take shape, you’re mid-way
through a migration or you’re already running complex workloads in the cloud,
Conformity offers full visibility into your overall security and governance
posture across various standards and frameworks.
CONTINUOUS SECURITY & COMPLIANCE FOR CLOUD ENVIRONMENTS. GROW AND SCALE YOUR
BUSINESS WITH CONFIDENCE
Try it for free Get pricing
Products
* Conformity
* Workload Security
* Container Security
* File Storage Security
* Application Security
* Network Security
Solutions For
* Cloud Migration
* Cloud Operational Excellence
* Cloud Native App Development
* Data Center Security
Help
* Help by Topic
* Help AI Assistant
* API Documentation
* Contact Us
* Knowledge Base AI Assistant
Company
* About Us
* Careers
* Newsroom
Privacy and Protection
* Terms and Conditions
* Privacy Policy
* Report a Security Vulnerability
Copyright © 2024 Trend Micro Incorporated. All rights reserved. Version
v1.188.9-184-gbee5d104