Looks interesting, and I'll be diving into it a bit deeper, but I just wanted to mention that this quote:
"even non-experts can guarantee the security of their cloud environments"
Even though I understand that this is part of a marketing blurb, not a literal guarantee, it was an immediate yellow-flag for me. No tool can possibly guarantee the security of my cloud environment, so please don't imply/say your tool can. It reminds me of shady VPN companies guaranteeing my security by providing me with "military-grade encryption".
To be abundantly clear, I am not saying that this product is shady or anything -- I have not had the time to evaluate it in the depth needed -- but statements like that make the rest of the pitch an uphill battle. For me, at least.
we provide yaml predefined rules based on CIS benchmark. We will try to upgrade public rules offer to upgrade the security of your cloud environment.
maybe this is too much marketing to explain we can check all settings we want in all cloud providers.
All the parameters of cloud providers are json like so you can check it different operators and mix them.
again we'll be available on slack to discuss further.
I have the same concerns on this language but I’m wondering if there might be a slight language barrier issue if English isn’t their first language. They may have meant to use a word like “certify” which I could see translating to “guarantee”. (Pure conjecture based on the fact it sounds like they’re France-based)
"even non-experts can guarantee the security of their cloud environments"
Even though I understand that this is part of a marketing blurb, not a literal guarantee, it was an immediate yellow-flag for me. No tool can possibly guarantee the security of my cloud environment, so please don't imply/say your tool can. It reminds me of shady VPN companies guaranteeing my security by providing me with "military-grade encryption".
To be abundantly clear, I am not saying that this product is shady or anything -- I have not had the time to evaluate it in the depth needed -- but statements like that make the rest of the pitch an uphill battle. For me, at least.