Announcing Cloud Automation & Remediation

Hyperglance Launches Cloud Automation, Remediation & Actions

Hyperglance’s automation/action feature set builds on top of our inventory and rules engine to give you the ability to manage and automate your AWS environment directly from Hyperglance.

Using our built-in rule set (which includes CIS, NIST, PCI-DSS and AWS Well-Architected) or by creating your own rules, you can automatically save money and ensure the security of your entire AWS deployment.

How It Works

Hyperglance connects to a large range of AWS APIs to collect an extensive inventory.

Using that inventory, Hyperglance then creates a dependency model. A rules engine sits on top of this inventory and dependency model.

The rules engine runs on a periodic basis of your choice and can create a set of results when run. This set of results is stored in an S3 bucket which a lambda (which we provide) uses to run functions that act on the resources in the result set.

We ship a Lambda with a set of animations/actions that you can adjust, add to, or create your own.

The Lambda code is open source to ensure auditability. We include terraform code for deployment of the lambda and cross-account role creation.

1. A pre-built or custom rule triggers in Hyperglance
2. Hyperglance sends the search (rule) result to S3
3. A Lambda function reads the data from S3
4. A Lambda function executes, issuing commands to your AWS resources, resolving your problem

NOTE: You only need to deploy one lambda, using cross-account roles you can act on all of your accounts.

All of this functionality runs inside your AWS account with complete isolation from outside your organisation. None of your data is exposed to any other organisation, including Hyperglance. 

This functionality works with both Commercial and GovCloud.

You can schedule the automation or run actions on demand. Notifications can be set up to send slack messages, emails, SNS notifications or any combination of the three. 

An easy to read logging system is included so you can always see what was actioned and when. SAML support is built-in so you can also see who did what. All logs are stored in the S3 bucket so auditing is accounted for.

Even if you are not ready for full automation, Hyperglance provides the mechanism to be alerted to issues, then allows you to investigate and manually kick off the remediation action directly in Hyperglance.

Automation Use Cases

Use Case 1: Reduce Cost

The cloud was once touted as a low-cost way to run your applications. No more. While the agility use case can’t be disputed, it’s very easy for your costs to run away from you in the cloud.

Hyperglance provides an intuitive way to explore your billing data, track down extraneous costs and automate the saving of costs.

Here are a few examples of rules you can use to save costs in your AWS accounts:

1. Terminate EC2 instances running over 12 hours in your development environment
2. Delete orphaned snapshots over 30 days old
3. Schedule times for workspaces and instances to be stopped overnight and on weekends

Use Case 2: Secure Your Environment

Hyperglance ships with hundreds of rules covering many different frameworks. (PCI-DSS, NIST, CIS and AWS Well-Architected, to name a few).

Any of these rules can utilize our remediation actions to enforce your security policy. 

Here are a few examples of rules you can use to secure your AWS accounts:

1. Delete Internet Gateways in accounts where resources must go through a NAT Gateway or Load Balancer
2. Quarantine instances that have been exposed to the internet
3. Strip out insecure rules in Security Groups

Use Case 3: Enforce Compliance

Audits are not fun.

Keeping on top of compliance is a constant battle.

Hyperglance comes with hundreds of rules that will allow you to enforce compliance with standards such as NIST (800-53, 800-171), PCI-DSS, HIPAA, CIS and FedRAMP. It also comes with rules that keep you compliant with AWS Well-Architected.

Use Case 4: Consolidate Your Scripts

Use ours and add your own.

Keeping a grip on all the various scripts that are used in your company is difficult.

Using git and terraform, you can consolidate all your scripts into one place.

Our code is open source and lives in your account so you can adjust as you see fit.

Use Case 5: Belt & Braces on top of your Infrastructure as Code environments

Keeping your Infrastructure as Code is best practice in our industry.

If you’ve managed to get that far down the road I applaud you.

The trouble is, sometimes things slip through and you need something to keep an eye out for rogue operators and to be able to highlight shadow IT.

Hyperglance can both highlight and automatically shut down shadow IT contributors and resources that have been provisioned incorrectly.

Hyperglance & Cloud Automation

The Hyperglance automation feature gives you an easy way to automate and act on the data Hyperglance provides.

Hyperglance’s automation allows you to quickly and easily reduce costs, identify and remediate security issues, enforce and maintain strict compliance with organisation and industry standards.

Solve problems one time with easy-to-build automations that can remediate any future misconfiguration.

As with all Hyperglance updates, there is no extra cost for this feature and you can run them as many times as you like, as often as you like. You won’t have any billing surprises like with other systems.