Unified cloud security posture management across AWS, Azure, and GCP with normalized metrics and CIS benchmark comparison
Unified cloud security posture management (CSPM) across AWS, Azure, and GCP to aggregate findings, normalize security metrics, compare against CIS benchmarks, and provide a consolidated view of multi-cloud security.
| Category | AWS | Azure | GCP |
|---|---|---|---|
| Identity | IAM | Azure AD | Cloud IAM |
| Compute | EC2, Lambda | VMs, Functions | Compute, Functions |
| Storage | S3, EBS | Storage Accounts | Cloud Storage |
| Network | VPC, SGs | VNet, NSGs | VPC, Firewall |
| Database | RDS, DynamoDB | SQL, Cosmos | Cloud SQL, Spanner |
| Encryption | KMS | Key Vault | Cloud KMS |
| Logging | CloudTrail | Activity Log | Audit Logs |
{
"type": "object",
"properties": {
"cloudProviders": {
"type": "array",
"items": {
"type": "string",
"enum": ["AWS", "Azure", "GCP"]
},
"description": "Cloud providers to include"
},
"awsAccounts": {
"type": "array",
"items": { "type": "string" }
},
"azureSubscriptions": {
"type": "array",
"items": { "type": "string" }
},
"gcpProjects": {
"type": "array",
"items": { "type": "string" }
},
"complianceFrameworks": {
"type": "array",
"items": {
"type": "string",
"enum": ["CIS", "SOC2", "PCI-DSS", "HIPAA", "ISO27001", "NIST", "FedRAMP"]
}
},
"reportingPeriod": {
"type": "object",
"properties": {
"startDate": { "type": "string", "format": "date" },
"endDate": { "type": "string", "format": "date" }
}
},
"severityThreshold": {
"type": "string",
"enum": ["critical", "high", "medium", "low"]
},
"includeRemediationStatus": {
"type": "boolean"
}
},
"required": ["cloudProviders"]
}
{
"type": "object",
"properties": {
"reportId": {
"type": "string"
},
"reportTimestamp": {
"type": "string",
"format": "date-time"
},
"cloudsCovered": {
"type": "array"
},
"overallPosture": {
"type": "object",
"properties": {
"aggregateScore": { "type": "number" },
"riskLevel": { "type": "string" },
"trend": { "type": "string", "enum": ["improving", "stable", "degrading"] }
}
},
"postureByCloud": {
"type": "object",
"properties": {
"AWS": {
"type": "object",
"properties": {
"score": { "type": "number" },
"findings": { "type": "integer" },
"criticalFindings": { "type": "integer" }
}
},
"Azure": { "type": "object" },
"GCP": { "type": "object" }
}
},
"findingsByCategory": {
"type": "object",
"properties": {
"identity": { "type": "integer" },
"compute": { "type": "integer" },
"storage": { "type": "integer" },
"network": { "type": "integer" },
"encryption": { "type": "integer" },
"logging": { "type": "integer" }
}
},
"complianceStatus": {
"type": "object"
},
"topFindings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"cloud": { "type": "string" },
"category": { "type": "string" },
"severity": { "type": "string" },
"count": { "type": "integer" },
"description": { "type": "string" }
}
}
},
"remediationProgress": {
"type": "object",
"properties": {
"totalFindings": { "type": "integer" },
"remediated": { "type": "integer" },
"inProgress": { "type": "integer" },
"pending": { "type": "integer" },
"mttr": { "type": "string" }
}
},
"recommendations": {
"type": "array",
"items": { "type": "string" }
}
}
}