ArcaWorx, a Google Cloud Platform (GCP) cloud security solution, will actively monitor cloud projects and assets for changes that violate cloud security posture management protocols. ArcaWorx utilizes the CAR+E Framework to Capture, Assess, and Report any gaps, then remediates violations to Enforce pre-established compliance standards and security best practices by using its suite of products ArcaScout and ArcaKnight.

ArcaWorx Value

  • Purpose built for GCP and will enhance the inherent security
  • ​Improves visibility of cloud assets reduces blind spots
  • Active detection of misconfigurations with reduced time for detection
  • Enhances security posture and governance
  • Automates remediation of cloud misconfigurations and improves remediation time
  • Customized rules and immediate validation against cloud security and compliance framework
  • Reduces control gaps and improves resiliency

How ArcaWorx

ArcaWorx delivers a security and compliance suite of products with CSPM and XDR capabilities. Following is a representation of how ArcaWorx protects your cloud assets.

CAR+E Framework

ArcaWorx addresses CSPM and XDR capabilities to protect the cloud infrastructure by enabling the CAR+E Framework. Our customized framework will address customized CSPM requirements, business rules for remediation and suitable compliance framework.

Instant Visibility of ​Cloud Security Posture

ArcaScout provides an interactive single pane view of cloud assets with a graphical tree view of cloud projects and its resources. This dynamic dashboard provides the health of cloud assets, as projects undergo lifecycle updates with addition of new assets or deletion of old assets.​

Active Validation of ​Cloud Configuration & Compliance
ArcaScout’s active radar provides a real time notification of changes under a project’s scope. The subsequent seamless validation of the changes against a single source of truth determines the ongoing adherence to security policies. Deviation from these established policies is notified to multiple preconfigured and supported channels of communication.

Ongoing Governance of ​Cloud Assets

ArcaScout in tandem with ArcaKnight provides active governance of all supported cloud assets of a project, adhering to known industry best practices and governance standards. As cloud projects and assets undergo dynamic transformation of their workloads and policies, ArcaWorx suite actively monitors for their adherence to a predefined compliance standard or custom security posture. Any deviation is flagged, notified and remediated instantly to limit any damage resulting from a misconfiguration or an attack, thus preventing a crisis.

ArcaWorx Use Cases

ArcaWorx use cases apply across organizational cross functional teams. A few examples are:

Infrastructure Incident​ Response

  • Rapid detection & notification of critical resource updates
  • Real time notification of compliance violations to Slack, email, pager, JIRA
  • Anomaly detection and notification
  • Choice of auto or manual remediation for violation incidences

Infrastructure Security

  • ​Detects, notifies and enforces​
  • IAM configuration updates
  • Cloud SQL instance updates 
  • Cloud storage bucket updates
  • BigQuery​
  • Cloud functions
  • Compute and GKE
  • Network security posture changes
  • VPC perimeter

Infrastructure Asset Inventory Visibility

ArcaWorx compliance coverage includes the following industry standards but not limited to the following:
  1. Healthcare - HIPAA alignment
  2. Retail and Finance - PCI-DSS
  3. Other industries - Custom or Cyber Security Framework