Faq

What are CloudCatcher Differentiator's?

Central Visibility
A single pane view of all your cloud deployments allows you to manage your assets.
Fast Setup and Results
Subscription setup is quick and easy, and allows you to scan and review your security posture in minutes.
Built in Knowledge Base
Designed by security professionals to address security administration challenges with a rich set of built-in security rules and compliance standards.
Flexible Pricing
Pay as you go model with monthly subscriptions and no upfront investment.
Easy to Use
Requires no specialized security or Cloud training. You can create your rules or use our extensive ruleset to start monitoring your deployments.
Compliance
A unified view of compliance across multiple industry standards like PCI, HIPPA, CIS, NIST, 800, etc.

What are CloudCatcher Key Features?

Connect and Organize multiple AWS Accounts and resources into a single, unified dashboard.
Detect and understanding usage of different resources, services, and environments and save cost by retiring rouge resources.
Automated compliance reporting and monitoring for various security frameworks like NIST, SOC2, CIS, PCI, HIPAA, etc.
Evaluate and fix cloud security configurations as well as identify vulnerabilities in your AWS Account.
Enforce security policies to your cloud resources directly from CloudNova.
Review Cloud Security Posture in few minutes.

What is SIEM?

SIEM (Security Information and Event Management) is a value-added module within CloudCatcher that combines various types of log data to detect near real-time emerging security threats and incidents. In addition, CloudCatcher provides threat hunting and threat detection services by using “Mitre Att&Ck” knowledge base of adversary tactics and techniques based of real-world observation used by threat actors across the entire attack lifecycle.

What is CSPM?

CloudCatcher’s CSPM solution helps organizations identify and rectify misconfigurations, security vulnerabilities, and compliance violations in their cloud infrastructure. CloudCatcher employs custom built rules to identify and score the risks in order to track the security posture of the cloud environment.

What is GDPR?

GDPR Compliance is a set of rules designed to give EU citizens more control over their data. These rules/configurations/controls are applied to the AWS assets to meet the GDPR requirement.

What is NIST CSF?

The Cybersecurity Framework (CSF) is a set of cybersecurity best practices and recommendations from the National Institute of Standards and Technology (NIST). The CSF makes it easier to understand cyber risks and improve your defenses. Organizations around the world use it to make better risk-based investment decisions.

What is NIST 800-53?

NIST SP 800-53 is shorthand for the National Institute of Standards and Technology Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organization. The NIST is a non-regulatory agency of the U.S. Commerce Department and was established to encourage and assist innovation and science through the promotion and maintenance of a set of industry standards. NIST SP 800-53 is a set of standards and guidelines to help federal agencies and contractors meet the requirements set by the Federal Information Security Management Act (FISMA).

What is a Cloud Asset?

In the context of Amazon Web Services (AWS), an “asset” typically refers to any resource, service, or component that is part of the AWS cloud environment and can be utilized for building, deploying, and managing applications and services. These assets include a wide range of offerings provided by AWS, such as:

Compute Resources: Instances and services like Amazon EC2 (Elastic Compute Cloud) instances, AWS Lambda functions, and container services.

Storage Solutions: Services like Amazon S3 (Simple Storage Service) for object storage, Amazon EBS (Elastic Block Store) for block storage, and other storage services.

Databases: Various database services including Amazon RDS (Relational Database Service), Amazon DynamoDB (a NoSQL database service), and others.

Networking Components: This includes Amazon VPC (Virtual Private Cloud), load balancers, and other networking tools and services.

Development Tools: Services and tools for software development, such as AWS CodeCommit, AWS CodeBuild, and AWS CodeDeploy.

Security and Identity Services: Services like AWS Identity and Access Management (IAM), Amazon Cognito, and AWS Key Management Service (KMS).

Application Services: Higher-level services like Amazon SNS (Simple Notification Service), Amazon SQS (Simple Queue Service), and others.

Analytics and Machine Learning Services: Tools like Amazon SageMaker, AWS Glue, Amazon Redshift, and more.

Each of these assets is a building block that can be used individually or in combination to create complex, scalable, and efficient cloud-based solutions. They are integral to leveraging the full potential of AWS for various applications and workloads.

What is compliance?

Compliance standards are recommended by regulatory and nonregulatory bodies of the US or foreign governments to be applied by organizations deploying their infrastructure on the Cloud.

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) defines the security and privacy regulations required to protect sensitive patient health information. CloudCatcher is using a set of configuration and controls that are required for compliance to handle protected health information (PHI) and electronic protected health information (ePHI) in AWS cloud environment.

What is SOC2 Type 1&2?

SOC stands for Service Organization Control, and it’s a type of examination geared toward entities that provide services directly related to a user’s control systems. CloudCatcher evaluates an organization’s information systems relevant to the five Trust Services Criteria (security, availability, processing integrity, confidentiality, and privacy) in AWS cloud environment.

What is ISO 27001?

ISO 27001 Compliance is a comprehensive international framework that guides organizations to manage, monitor, review, implement, and maintain information security. It enables organizations to ensure the confidentiality, availability, and integrity of their information security management system (ISMS). CloudCatcher ensures that organizations can uphold the highest standards of information security, by seamlessly integrating ISO 27001 principles into their cloud security solution.

What is PCI DSS?

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure the secure handling, storage, processing, and transmission of payment card data. It applies to organizations that handle credit card transactions to prevent data breaches and protect sensitive cardholder information. CloudCatcher’s security features and capabilities are tailored to meet the stringent requirements of PCI DSS, providing organizations with the tools they need to ensure secure processing and protection of payment card data. With CloudCatcher, businesses can confidently navigate the complexities of PCI DSS and safeguard their customers’ sensitive information.

What is CCPA?

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. This landmark law secures new privacy rights for California consumers. CloudCatcher Compliance feature is tailored to help organizations achieve and maintain compliance. By aligning with CCPA’s provisions, CloudCatcher enables businesses to uphold consumer privacy rights, establish trust, and navigate the complexities of privacy regulations effectively.

How do I request a demo?

Easy! Make sure to fill in all the details here and a CloudNova rep will get back to you shortly.

Chris W

19:56 27 Mar 25

Managing default VPCs and security groups across our global infrastructure gave us inconsistencies and security risks. CloudCatcher helped us with their Security Posture and Asset Insight modules. It gave us visibility we were missing. It identified misconfigured defaults, flagged inconsistencies, and gave us recommendations that helped us get everything under control fast.We’ve significantly improved our cloud security posture, achieved consistency across regions, and made the whole process way easier to manage.On top of this, the built-in compliance checks and architecture assessments are a huge plus. This platform doesn’t just highlight problems but helps fix them, optimize costs, and actively secure your cloud. Highly recommended!

Sean N

17:07 25 Mar 25

CloudCatcher is a great tool for AWS well architected reviews with built in automated checks. It also a very easy to use and deploy Cloud Ops platform for monitoring security, cost and compliance of our AWS deployments. Our management team loves the high-level summary dashboards, and our engineering team can drill down to specific issues and implement the recommended remediations. We were able to keep our deployments in line with AWS Well Architected framework, reduce our monthly AWS spend and improve our security posture.

Hazel

16:41 25 Mar 25

CloudCatcher is the cloud solution people need. There is no need to use multiple tools to manage your spending on the cloud, the security threats or unknown misconfigurations, or needing to check if the environment is complying to industry standards. CloudCatcher has been effective in keeping us secure in every space of our environment. We'll be continuing to use their product!

Jason

16:34 25 Mar 25

Cloudnova's Cloudcatcher has really pleased me. It's not just another CSPM tool; it combines real-time event monitoring, cost optimization, infrastructure-as-code scanning, and cloud security posture management in one location.The onboarding process went smoothly, and we were up and running fast without having to deal with complicated setup or deployment issues. We didn't have to install anything on our workloads because it's an agentless tool, which made adoption more simpler and less invasive.Finding configuration errors early on before they affect production has been made much easier by IaC scanning. Its CSPM capabilities are strong; it regularly assesses our cloud infrastructures in comparison to AWS Well-Architected and CIS criteria. The conclusions are obvious and, in fact, useful.The integration of everything is what most impresses. I can check on cost anomalies, security incidents, and compliance posture all from a single dashboard, eliminating the need to switch between platforms. It greatly simplifies the management of cloud settings with multiple accounts.Any team that is concerned about operational effectiveness and cloud security should definitely consider it.

Lerasa

16:30 25 Mar 25

I CloudCatcher on the AWS marketplace since I was really surprised at how helpful it was unlike other softwares. I did the free trial and our org found out our spending was almost $4000 a month on AWS cloud. CloudCatcher helped us save about $750 per month which we could've saved before if we know. Our spending was very high and it was really helpful since they give savings recommendations. You can also view all your instances, , event trends and data on the platform. Their CIS assessments on our workloads was also very helpful as well.

Raro

16:09 25 Mar 25

Our company has used many products but we haven't come across a platform like CloudCatcher where everything is all in one place. We had a publicly accessible RDS instance that was a significant security risk and we couldn't figure out where the risk was and how bad the risk was for our cloud environment. One of CloudCatcher's solutions/dashboards, security posture management, immediately found the issue and gave us clear, actionable steps to secure the instance and restrict public access. Because of their solutions, we’ve significantly reduced the risk of data breaches and we've ensured sensitive information will remain protected. Highly recommend this tool for anyone who needs a platform that has multiple dashboards in one place, not just your security posture, but budget, spend, cost optimizations, event insights, and compliance scans. They even offer an IaaC scan upload, so this product provides everything you need which I haven't seen before.

See Cloudcatcher in Action