Dash CloudInspect

Cloud Security and Compliance Auditing Library for Amazon Web Services
hipaa compliance
nist hipaa compliance
soc 2 type 2
iso 27001

Cloud Security & Compliance Library

Security and compliance tooling to audit and monitor cloud compliance and security configuration

aws hipaa audit library

Programmatically Validate Cloud Security

Dash libraries allow organizations to configure security profiles and confirm the security configuration of AWS resources with a single line of code.

Dash provides data on passing and failing scans and AWS resources that fall out of compliance with baseline settings. Enforce cloud security configuration and validate safeguards for:

  • Users and Roles Permissions
  • Encryption
  • Audit Logging
  • Networking Configuration
  • Backup & Disaster Recovery

Set A Security Baseline Around Your Compliance Needs

Dash provides cloud security and compliance scanning for AWS cloud resources. Security teams can use Dash security auditing libraries to enforce high security standard. Dash security inspection connects into your organization’s set security controls and has security baseline inspection built around: 

  • AWS Best Security Practices
  • HIPAA/HITECH
  • SOC
  • NIST CSF
  • HITRUST

Detect Cloud Security Issues During Configuration and Application Builds

Dash scanning can be connected into your team’s configuration and build process. Teams can run Dash scans as a security and compliance validation step when provisioning new AWS infrastructure with tools such as Terraform. 

For Popular Programming Languages

Use CloudInspect wrapper libraries to dynamically run AWS cloud security scans, enforce baseline security settings and write custom security workflows. 

cli library
node js
python
ruby
CLI
Javascript/Node.JS
Python
Ruby
CLI

//Set AWS Credentials and Permissions
export AWS_ACCESS_KEY_ID=”ASXXXXXXX”
export AWS_SECRET_ACCESS_KEY=”XXXXXXXXX”
export AWS_SESSION_TOKEN=”XXXXXXXXX”

cd dash

./dash  //Run Dash Security Baseline

./dash -M json > dash-output.json //Run Baseline Scans and Output to JSON

./dash -b hipaa  //Run HIPAA Compliance Baseline Scans

./dash -s ec2  //Run Specific Cloud Service Scans

Node.JS

npm install dash-xyz  // Install Dash Package

import { Dash } from “dash-xyz”

// 1. Create a new client with valid authentication
const dashClient = new DashClient({
organization_token: “”,
license_token: “”
});

// 2. Run Dash Security Baseline
dashClient.runSecurityBaseline();

// 3. Run HIPAA Compliance Baseline Scans
dashClient.runHIPAABaseline();

// 4. Run Specific Cloud Service Scans
dashClient.runEC2Scans();

Learn How Dash CloudInspect Can Be Integrated Into Your SecOps Workflow

Enhanced Cloud Security Workflow

With Dash CloudInspect enables Security Team members and DevOps staff can proactively build cloud security and compliance into their DevOps workflow

aws security audit library

Easily Inspect Cloud Resource Security

  • Run an AWS cloud security audit with a single line of code or CLI command.
  • Run individual scans, or scans based on a customized security baseline.
  • Run compliance specific checks for regulations and frameworks including HIPAA, SOC, NIST, and HITRUST.
continuous integration security and compliance

CI/CD Integration

  • Run Dash baseline security checks during your organization’s build processes.
  • Pass/Fail a build process based on security or compliance checks.
  • Ensure AWS security best practices and compliance with regulations and security frameworks such as HIPAA, SOC, and NIST.​
aws security terraform

Connect Into Existing Workflow

  • Connect Dash scans and findings to workflow tools like JIRA, Trello, or other services.
  • Easy integrate Dash scans into existing dashboards or build custom applications using Dash wrapper libraries.
  • Output Dash scan information as JSON, CSV, and other digestible datatypes.

Streamline Your Cloud Security Program

Streamline Your Cloud Security Program

AWS Focused Compliance

Dash provides security baselines around established compliance standards including HIPAA, SOC, NIST, and ISO. Organizations can use Dash scans to maintain compliance through mapped security programs. Below are a sample of connected security controls.

HIPAA Security Controls

164.312(a)(2)(iv) Encryption and Decryption

Ensure that all cloud data volumes, cloud databases, and transmitted data is encrypted.

164.308(a)(4)(i) Information Access Management

Ensure that your company uses proper user roles and policies in AWS. Avoid HIPAA violations stemmed from access issues.

164.308(a)(7)(i) Protection from Malicious Software

Ensure that cloud network and security groups do not expose ports or access that may compromise PHI.

SOC Security Controls

CC5.1 Logical Access

Ensure that software, infrastructure, and architecture is implemented to enforce authentication, restrict user access and prevent unauthorized access

CC5.4 Access Modification / Removal

Ensure that access to data, software, and IT resources is authorized and is modified or removed based on roles, responsibilities, or the system design.

CC5.7 Transmission Security

Ensure that transmission, movement, and removal of information is
restricted and protected during transmission.

Security Configuration Monitoring for AWS

Set Security Controls and Compliance Configuration For AWS Cloud Services Including:

AWS Healthcare Competency Partner
  • Amazon EC2
  • Amazon Lambda
  • Amazon S3
  • Amazon RDS
  • Amazon Redshift
  • Amazon CloudWatch
  • Amazon Cloudtrail
  • Amazon DynamoDB
  • Amazon IAM
  • Amazon ECS

Request Early Access

Dash CloudInspect is currently in early preview. Dash provides teams with security libraries for scanning, monitoring, and enforcement for cloud security baselines. Teams can streamline regulatory compliance and resolve compliance issues with ease. 

HIPAA/HITECH
SOC 2
NIST CSF
ISO 27001/2

©2019 Dash Solutions Inc. All Rights Reserved.