Prancer Enterprise announces the release of the Cloud Security Automation as Code (Susa) framework to the general public. This Open Source framework helps organizations to deploy secure Infrastructure as Code (IaC) templates to the cloud. Prancer Cloud Security Automation as Code (Susa) offering is a cloud provisioning engine with built-in Static Code Analysis (SCA) for Infrastructure as Code (IaC) based on Prancer’s popular security platform.
Susa, the Security Automation as Code framework, is introduced to check security requirements during provisioning cloud infrastructure. The Security Automation as Code engine can deploy the resources to the cloud. IaC code can be tested upon the built-in or user-defined Security Policy containing Security Checklists, Security Templates, and Security Procedures. This secure Cloud Provisioning engine is an Open Source solution for automated Cloud Template provisioning and deployments. Susa provides a Command Line Interface (CLI) based on bash scripting technology, enabling users to automate repetitive tasks in DevOps scenarios. Susa framework helps organizations to provide consistency across multiple clouds, projects, and environments deployed via IaC tools such as HashiCorp Terraform.
Prancer Cloud Security Automation as Code (Susa) offering is a cloud provisioning engine with multi-cloud capabilities. Susa can provision secure resources to Microsoft Azure, Amazon AWS, and Google Cloud Platform. This multi-cloud capability gives Susa unique features to implement DevSecOps guardrails through organizations’ multi-cloud strategies.
Susa’s open-source framework is based on the best practices obtained from various engagements with top cloud companies using cloud enterprise features. The engine is architected around the concepts of cloud provisioning, security scans, and auditing capabilities. Susa allows DevOps engineers to audit their IaC code for potential security hardening before starting the provisioning process.
Prancer Cloud Security Automation as Code (Susa) offering can be used by organizations looking for a step-up start in implementing the DevSecOps process without prior experience with Security Automation as Code concepts. Organizations can utilize existing Amazon AWS, Microsoft Azure, or Google Cloud Platform account(s) to initiate the secure provisioning of IaC templates and automated security scanning against code.
Prancer offers more than 1000 compliance policies for Infrastructure as Code (IaC) security in different clouds. Prancer Security engine is pre-integrated to Prancer Cloud Security Automation as Code (Susa) to make sure secure code hits the cloud. Security Audit is an essential step in Security Automation as Code (Susa) to ensure Security Requirements are met. Susa best practices recommend Security Scans should be run automatically upon the unattended cloud provisioning process.
Susa engine is pre-integrated with the popular Prancer’s Cloud Security Scanner for Infrastructure as Code (IaC). This integration ensures IaC stacks, templates and blueprints are free of known vulnerabilities identified by the security scanner.