Cloud & Digital
Risk & Regulatory

Cloud Compliance and Security Inspector

Assess and monitor cloud security in your cloud environment

How secure is your cloud?

The diversity of cloud services leads to a very high level of complexity in the IT landscape. Each cloud provider, such as Azure or Amazon, has its own unique security features using different technologies. However, checking for misconfigurations is very time-consuming and complex. Especially when using multiple cloud services, it is difficult to control and manage security.

Benefits

650 +
Configurations

Hundreds of security-relevant configurations can be checked with the Cloud Compliance and Security Inspector in the form of automated assessments.

10 +
Benchmarks

In addition to industry standards such as NIST SP 800-53/CSF, ISO27001 and CIS, benchmarks can be customised to meet the needs of individual users.

- 80 %
Security Incidents

Using a CSPM tool can reduce cloud-based security incidents due to misconfiguration by up to 80 percent.

The solution for your cloud security

The Cloud Compliance and Security Inspector can be used for continuous monitoring of compliance with standards and requirements as well as user and authorisation audits.

01

Automated monitoring

Automated monitoring of the multi-cloud environment provides real-time insights, showing status and details of the cloud environment's security controls. Controls of different domains are considered, such as identity and access management, data security, infrastructure security, logging and monitoring.

02

Benchmarking and scoring model

Our tool checks the compliance of the cloud environment with various standards, including NIST, CIS, ISO as well as self-generated independent PwC Good Practices. Thanks to a uniform, in-house developed scoring system, comparable assessment results on the security of the cloud environments of different cloud providers are made possible.

03

Holistic view of the cloud

In addition to the automated benchmarking of the technical security configurations, the associated higher-level processes are identified, analysed and evaluated. This ensures a thorough holistic view of the cloud environment.

04

Integrated and diverse controls

With our tool, you can audit user as well as privileged accounts and keep an eye on compliance status. Hundreds of built-in, automated controls are available in a flexible and customisable way – along with the development of your own controls based on your individual requirements.

05

Management report and quick wins

The comprehensive reporting gives you detailed insights into the security of your multi-cloud environment. This includes both easy-to-implement quick wins and long-term strategic recommendations. We use the results to create a roadmap tailored to your needs.

In the Spotlight

Pricing

Baseline Check

Independent of cloud provider and service model

  • Security baseline for 5 cloud domains
  • Cloud process check, cloud risk report, cloud security roadmap
  • Automated configuration check (tool-based with the Cloud Compliance and Security Inspector) of 40+ PwC "must-haves"

€ 15,000

per assessment

Full-Scope Assessment

Fully comprehensive cloud assessment based on the established Cloud Security Governance Framework (CSGF). Includes all contents from the Baseline Check

  • Comprehensive evaluation: cloud processes and cloud configurations
  • 200+ best practices as well as client specific rules
  • Detailed risk analysis, risk mitigating recommendations, maturity assessment and management report

upon request

Managed Service

Implementation of the PwC Cybersecurity Baseline Check or an customised Cloud Security Assessment as a Managed Service

  • Regular benchmarking
  • Preparation of frequent reports including interpretation of all results and recommendations

upon request

Price is based on the scope and frequency of implementation

One Pager

Brochure

You have questions or would like more information about the Cloud Compliance and Security Inspector?

Contact our experts now

This might also be interesting for you:

© 2024 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity.
Please see www.pwc.com/structure for further details.

The PwC Store uses Open Source Software.