Universal Foundational Support
In addition to supporting AWS cloud database services, SecureCloudDB provides coverage for traditional databases hosted on EC2 instances as well as security tooling for data migrations from on-premises data centers to the cloud.
Universal Foundational Support provides asset discovery and configuration checks for cloud database services and traditional databases hosted on EC2 instances as well as seamless monitoring and tracking before, during, and after migrations to the cloud.
To locate and report on EC2 and on-prem databases, set up a new Asset Discovery Configuration by selecting “Setup” in the main menu, then “Asset Discovery”. Hit the blue add button in the lower right corner of the table and follow the setup prompts. Note, for on-premises databases, be sure to choose “Non-AWS” for “Scan Type” in step 2. To discover databases on EC2, select “AWS Configuration (Managed Databases / Databases on EC2)” in step 2.
Once you’ve configured the Asset Discovery and run a scan, an inventory of your assets as well as Foundational Security reporting will be available.
To see the inventory of your EC2 and on-prem databases, select “Foundational Security” in the main menu, “Inventory”, then “Databases”.
- On-premises assets are distinguished as “Self Managed ”in the “Provider” column of the table labeled “Databases”
- EC2 instances are evident via the “Service” column — look for “AWS EC2”
Sample Use Case
Foundational Security tooling can be configured to scan for and alert on super users. For example, if elevated permissions were granted to an external team that was helping migrate data from on-premises to the cloud, SecureCloudDB can notify the appropriate internal team of the permissions so that they can be rescinded when appropriate.
SecureCloudDB connects to EC2 and on-prem databases through a secure, self updating Agent that is easy to deploy.
It doesn't matter what operating system your organization runs on or what container service your cloud provider uses — our Agent is compatible with everything. Simply drop it into your environment and you’re good to go, no need to coordinate setup internally between teams or spend time figuring out if it's compatible.
Easy Setup: One and Done
SecureCloudDB makes setup easy. Our Cloud Formation template and setup wizard mean you only need to configure AWS Authentication once in order to:
- Scan cloud-based, EC2 and on-prem assets
- Manage multiple accounts
- Selectively push accounts into AWS Security Hub
- Save all of your authentication methods and use them as often as you would like (e.g., use the same authentication method for an Asset Discovery and Database Activity Monitoring — as long as permissions are enabled for the method on both)
- Easily track what methods you have set up/ are using that are specific to SecureCloudDB (e.g., if 100 roles exist in your AWS account, pull up the authentication methods to see which roles are connected to SecureCloudDB)