Over the past year, the Secberus team has been working to make some big changes to the product based on two things: customer feedback and cybersecurity impact. Here are a few of those big changes:

Data Lake Explorer (GA)

The Data Explorer graduates to GA. This feature enables users to explore the cloud “Data Source” configuration data collected by Secberus and run SQL queries on the data. These queries can be saved as collections of “views” or as policies with the new SQL Policy Editor (Beta). Views are a new feature of the Data Lake Explorer, where the results of a query can be used as a table in another query. Users can think of a view as a virtual table that is used to combine data from various other tables that are used together frequently to make it easier to write other queries against. In subsequent releases, we will be rolling out several built-in views for things like IAM that have a vast amount of tables and information which will make answering the policy questions easier to do.

SQL Policy Editor (Beta)

SIMPL was the original homegrown Policy-as-Code language developed by Secberus engineers. In January of 2021 Open Policy Agent, or OPA, moved to the Graduated maturity level of the CNCF and Secberus replaced SIMPL with OPA’s underlying language, Rego, anticipating market adoption. We launched Secberus to the Enterprise market with Rego as the Policy-as-Code language, however, due to the esoteric nature of Rego, and the required expertise and familiarity across cloud configuration meta-data, policies became riddled with errors and users could not quickly create policies. For the past year, Secberus’ engineers and the product design team have been developing an update to the Secberus Data Lakehouse that would use SQL, built a Data Lake Explorer (now GA) that utilizes SQL, and now the SQL Policy Engine (Beta). The SQL Policy Engine allows users to convert queries directly into Policies with a single click. Once created, the user can add remediation steps, criticality scoring, regulatory compliance mapping, and other descriptors, and, users can also orchestrate policy results in the workflow engine. Although the Policy Editor is available to everyone, not all pre-existing policy templates have been converted to SQL for editing, and new data sources (see below) are currently available only in preview.

CMMC v2.0 Framework (GA)

The CMMC Framework is now generally available as an out-of-the-box framework option. It comes pre-mapped to every other Security and Regulatory Compliance framework managed by Secberus, and the policies within the framework can be cloned and edited. There are currently 289 policies associated with this framework for 4 Secberus-managed data sources (GCP, Azure, AWS, Terraform). Users can use the Data Lake Explorer and Policy Editor to write CMMC policies for other data sources. We are working with partners to make more Regulatory Compliance frameworks available as templates so that users don’t have to write them.

New Data Sources (Beta)

Secberus-managed integrations to the data lake, called “Data Sources”, now include the following new integrations: Okta, Oracle Cloud Infrastructure, Alibaba Cloud, Digital Ocean, CloudFlare, Fastly, and CrowdStrike. These new Data Sources are available to customers in the Beta group for the SQL Policy Editor, or by request, until they are made generally available. Beta users can query the data lake and create their own policies for these new data sources (currently, no out-of-the-box policies are available). Okta is expected to be the first new Data Source to graduate from Beta to GA in late November or early December.

Reach out to our team if you would like to see a demo of how Secberus can work for your enterprise or if you are interested in becoming a services delivery partner.