Dashboard

Dashboard Overview

The ASecureCloud dashboard is your central command center for managing cloud security and compliance across your organization. It provides comprehensive visibility into your cloud security posture and actionable insights to help you maintain a strong security stance.

Key Features

The dashboard enables you to:

  • Launch new security assessments across your cloud environments
  • View and analyze assessment results for any cloud account
  • Track security trends over time with historical assessment data
  • Generate and export detailed security reports
  • Access AI-powered remediation guidance

Dashboard Sections

The dashboard is organized into several key sections to help you efficiently monitor and manage your cloud security:

  • Overview: A high-level summary of your cloud security posture with key metrics and trends
  • Threat Management: Consolidated view of security findings, vulnerabilities and threats across your cloud environment
  • Remediation Plan: Prioritized recommendations and step-by-step guidance for addressing security gaps
  • Assessment Details: In-depth analysis of security controls grouped by security domain and cloud service
  • Compliance Reports: Automated compliance mapping and reporting against major standards and frameworks
  • Additional Reports: Role-specific reports tailored for different stakeholders in your organization

Overview

The Overview section provides a quick glance of the status of your cloud.

Overview

Threat Management

This dashboard consolidates the configuration and findings of the security services. For AWS, this includes:

  • Threat Detection : Amazon GuardDuty
  • Vulnerability Management : Amazon Inspector
  • Data Protection : Amazon Macie
  • Identity and Access Management : AWS IAM Access Analyzer

Threat Management

For each of these services, you can find more details by clicking and opening the popup tab associated

aws macie summary

Remediation Plan

The Remediation Plan section provides a list of recommendations for your cloud environment.

Remediation Plan

For each of the recommendations, you can find more details by clicking on the recommendation to reveal:

  • FAQ : Quick answers to common questions or ask your own!
  • Affected Resources : hyperlinks to the resources impacted
  • Remediation steps: step by step guide to fix the issue (includes Cloudformation, Console and CLI)
  • Exceptions: a way to exclude resources from future assessments

Remediation details

Assessments Details

In this section, you can find the details of the assessment including:

  • Security Maturity Graph : Glance at your security maturity accross domains and see how it evolves over time
  • Security Domain Breakdown : Detailed view of the security posture of your cloud environment across domains
  • Service Breakdown : Detailed view of the security posture of your cloud environment across services

Assessments details

Reports

We offer 2 type of reports:

  • Compliance reports
  • Specialized reports

Compliance Reports

Many industry compliance and standard frameworks are supported, with new ones being added regularly. The following reports are currently available:


ReportDescription
CIS AWS FoundationsThe CIS AWS Foundations Benchmark provides a high-level compliance standard for securing Amazon Web Services resources. The benchmark offers prescriptive instructions for configuring AWS services in accordance with industry best practices
SOC 2System and Organization Controls (SOC) 2 is an auditing procedure that ensures a company’s data is securely managed. It’s intended for use by service organizations (organizations that provide information systems as a service to other organizations) to issue validated reports of internal controls over those information systems to the users of those services. The reports focus on controls grouped into five categories known as Trust Service Principles
NIST 800-53NIST SP 800-53 provides a list of controls that support the development of secure and resilient federal information systems. These controls are the operational, technical, and management standards and guidelines used by information systems to maintain confidentiality, integrity, and availability
NIST CSFNIST Cybersecurity Framework is a set of guidelines for mitigating organizational cybersecurity risks, published by the US National Institute of Standards and Technology (NIST) based on existing standards, guidelines, and practices. It provides a “taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes”, in addition to guidance on the protection of privacy and civil liberties in a cybersecurity context
HIPAAThe Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge
PCI DSS v3.2.1PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all entities that store, process, or transmit cardholder data – with requirements for software developers and manufacturers of applications and devices used in those transactions
FedRAMP (Moderate)FedRAMP (Federal Risk and Authorization Management Program) is the US federal government’s approach to securing the cloud services that its agencies use internally
Canada GC GuardrailsA preliminary set of baseline controls is provided through the GC Cloud Guardrails, which help to ensure that cloud-based environments are protected upon receipt of enrolment under the GC Cloud Services Framework Agreement
Canada Protected B Medium Integrity Medium Availability (PBMM)PBMM controls identify the baseline security controls that must be implemented by CSPs and GC departments and agencies in order to appropriately protect cloud-based GC services and related information having a security category of Protected B, medium integrity, and medium availability (PBMM)
Reserve Bank India (RBI) Cyber Security FrameworkA comprehensive cyber security framework by RBI for Urban Cooperative Banks, as a graded approach, based on their digital depth and interconnectedness with the payment systems landscape, digital products offered by them, and assessment of cyber security risk

Specialized Reports

Beyond the compliance reports, the dashboard also includes specialized reports that provide focused insights for specific aspects of your AWS environment:

These include:


ReportDescription
Backup StatusBackup status summary across the various options for AWS services and resources
Resiliency & HAStatus of Resiliency and HA related settings for AWS services and resources such as Multi-AZ and Delete Protection
Public ResourcesReview status of any potential public resources across all AWS services
Encryption At-RestReview encryption at-rest status and configuration for AWS services and resources
Encryption in-TransitStatus of encryption in-transit settings (where applicable) across AWS services and resources
Service Access LogsReview AWS service-specific log settings such as S3 access logs, Load Balancer logs, etc.
Getting StartedUser Settings