Frequently Asked Questions

FAQ

Find answers to the most frequently asked questions about Secberus.

If you have any other questions, drop us a line.

Secberus is a policy-first, centrally managed Cloud Governance platform. Secberus is agentless and integrates via read-only API access. Pre-configured integrations for AWS, GCP, AZURE and GitHub are supported. And power-users can configure integrations with any additional IaaS (IaC and CaC) data-providers. Assess, understand and manage cloud infrastructure drift at enterprise scale.

Who is the primary user of Secberus?

The primary user of Secberus is the enterprise Cloud Security Architect and/or similiar roles including but not limited to: InfoSec Risk & Compliance Manager, Compliance & Audit Manager, DevSecOps Engineer, InfoSec Risk & Compliance Manager, Cloud Infrastructure Architect

How would a CISO benefit from Secberus?

Secberus allows CISOs to:

Demonstrate to leadership that you have the controls in place in all of your cloud environments to meet mandatory requirements.
Set IaaS (pre-deployment and production) security and compliance policies for each business unit, cloud, region, application, or any other scope.
Ensure accurate and relevant reporting.
Improve MTTD and MTTR.

Is Secberus a CSPM?

Secberus is a Next-Gen CSPM. Secberus delivers what CSPM solutions have been missing: it allows you to customize policies to ensure they’re right for your business and scale that customization across the organization for faster, more accurate insight into cloud infrastructure misconfiguration risk.

What does Secberus mean when they talk about cloud governance?

We’re so glad you asked. Governance solves the core problem of complexity: how to confidently make the right decisions in an environment of constant uncertainty while also accelerating the business rather than slowing it down.

Security governance is an oversight practice where business goals drive security decision-making. It blends real-world experience, best practices, and technology to:

Automate the things that should be automated.
Focus people’s attention where they can be most effective.
Use the superior computing capabilities of technology to track and manage compliance and risk issues.

Read more about how we define cloud security governance here.

Why is Secberus CSPM different than other CSPM solutions?

With Secberus, you can adjust your policies to ensure that the configuration violations Secberus detects are accurate. This capability eliminates false positives and reduces alert fatigue for your technical teams.

How does Secberus manage risk distribtuion?

Our Federated Risk Management approach centralizes policy definition and management. Define configuration policy according to the needs of the business, and benefit from alert management at scale. You set your intention once and maintain that intent when you add more data sources. Our Federated Risk Management approach leverages Attribute-based access control (ABAC), Role-based access control (RBAC), organizational management and workflows to enable risk distribution, optimize alerting, and manage remediation workflow at scale.

How does Secberus allow you to manage a policy/control?

Use one of our 525+ policies out-of-box, create a custom policy from scratch, clone and edit an existing policy.

And add exceptions as needed. Secberus provides the ability to pause violations so that they are excluded from compliance and risk calculations, violation counts, and workflow notifications. Violations can be manually marked as an exception, or rules can be created based on resource metadata to automatically mark exceptions.

Does Secberus detect drift within Kubernetes?

Yes, Secberus supports policies for what the top CSPs (AWS, Azure and GCP) expose to the API.
We do not support non-managed Kubernetes at this point in time.

The Secberus Cloud Governance Platform uses policy-as-code and a federated risk management approach to help you ensure policy adherence, without
false positives, across your CI/CD pipeline and multi-cloud environments. You can:

Detect and manage misconfigurations in your cloud infrastructure at scale.
Ensure that your policies reflect the needs of your business.
Get critical insight into your cloud posture.

How quickly can I start using Secberus?

In regards to “flipping the switch” you can add cloud accounts, enabled policies, customize users access controls, and automate alert notifications and reporting via workflows in a matter of minutes.

How is Secberus priced?

The Secberus pricing model is based on the percentage of the total cloud spend. Please contact us to obtain a quote.

How do I see a demo?

We’re happy to schedule a product overview, and you can schedule that through our Contact Us form.

We find it most useful to you however, when you have an understanding of what we can help you solve. You can review our most popular use cases here.

I'm an enterprise company. Is Secberus right for me?

It’s quite possible. Let’s find out!

Secberus is best suited for enterprise, multi-cloud organizations who are looking to implement a policy-first security governance practice and have a Cloud Security Architect or similiar security leader role.

I'm an SMB/Mid-Market company. Is Secberus right for me?

It’s possible, but it’s likely you’re a better fit to work with one of our MSP/MSSP partners. We’re happy to give you our honest opinion. Feel free to email Helen, our VP of Sales, at helen@secberus.com.