Cloud App Development, Cloud Security, Cloud Deployment Models

Caveonix Unveils Caveonix Cloud 5.0: An AI-Powered Platform for Automated Security, Compliance, and Governance in Hybrid Cloud Environments

Caveonix Unveils Caveonix Cloud 5.0: An AI-Powered Platform

Caveonix, the industry’s first unified platform for hybrid multicloud governance, compliance, and security management, today announced its fifth-generation offering, which is designed to provide continuous protection of applications built on containers, cloud-native services, and traditional three-tiered architecture.

The next-gen version provides prioritized actionable insights and ensures real-time protection through its unique DefenseBot™ technology as well as executing policy enforcement for Zero-Trust implementation. This, combined with a shift-left approach for secure DevOps, enables enterprises to manage their security and compliance posture proactively.

The unified platform provides a fully integrated eGRC and Cloud Native Application Protection Platform (CNAPP) with Cloud Security Posture Management (CSPM), and Cloud Workload Protection Platform (CWPP). The platform capabilities are available in various bundles to address the requirements of various stakeholders, from the infrastructure team to security and compliance analysts to the leadership, including CISO, CRO, and CCO.

New platform capabilities include:

  1. AI-powered CNAPP: Our Neural-Insight AI engine continuously secures the entire DevOps cycle from coding to testing to deployment. Using a shift-left model we check security configurations in Infrastructure as Code (IaC) before and during deployment in a CI/CD pipeline and ensure that all potential risks are caught and eliminated at the source. It ensures 360º insights with intelligent, automated risk detection related to the IaC code (Terraform, Cloud Formation Scripts, Azure Resource Management scripts, Kubernetes configuration scripts) as well as factors in data from SAST and DAST code analysis tools and scans of container image library, users can also write custom policy checks with YMAL and REGO language.
  2. Automated eGRC: The platform automates eGRC to standardize processes, model scenarios and better prepare for continuous ATO (cATO). It streamlines internal controls to work collaboratively with external requirements. Workflows can be created to ensure accountability, efficiency, and compliance.
  3. Powerful Anomaly Detection: Identify anomalies in user behavior, application behavior-based network flows between assets and applications containers and network flow anomalies by looking at runtime metrics, which are easily available in the network insights dashboard. Our AI engine identifies the anomalies and automatically quarantines the endpoints. Thus, localizing the infection and preventing the spread to other assets.
    The platform’s unique DefenseBot™ technology allows workload and cloud native service protection with surgical precision. Users can create customized action(s) to every unique service type on the public clouds such as AWS, GCP, and Azure.
  4. Automated Zero-Trust: We automate zero-trust based on insights derived from the operational and runtime data that we collect and analyze. We unify assessment of flows across the hybrid cloud estates for easier and seamless policy enforcement.
  5. Customizable Dashboard: The dashboard is fully customizable based on user and associated role. Each role from security analyst to a compliance analyst or an infrastructure engineer as well as a developer can define their default dashboard and reorganize the widgets on the dashboard to customize per their needs.
  6. Intuitive Insights: Each user dashboard can have insights that are unique to their role. With a rich library of insights, each user can quickly assess the risk and start taking action based on recommended prioritization. The insights dashboard supports different categories such as risk, compliance, CIEM, public exposure, network, policy violations, secure configurations, IAM, and serverless and containers.
  7. Enhanced Attack Path Visibility: The risk insights feature provides risk analytics and quantification. It can identify and assess new critical risk combinations mapped against crown jewel applications from asset to application to organization with a graphical representation of the attack path, thus enabling rapid understanding of the impact and actions that need to be executed for remediation.

“As organizations are developing and delivering applications at a record pace, securing software development lifecycles, and ensuring continuous compliance across hybrid multicloud environments is becoming a tremendous challenge," said Kaus Phaltankar, Co-founder, and CEO of Caveonix. “Keeping this in mind, we designed Caveonix Cloud 5.0, an innovative platform for comprehensive full-stack visibility to all your hybrid cloud assets, helping customers prioritize findings for high efficiency and effectiveness and staying continuously compliant with all local to global regulatory and industry requirements.”

“Now organizations can continue to focus on ideas and accelerate innovation to achieve their business goals, while the Caveonix platform, with Neural-Insight™ AI-engine, automates the assessment and protection of the business applications at scale.”

Today, Caveonix has been deployed by several Fortune 500 companies nationally and globally. It has the single largest global enterprise deployment, with over 1 million cloud assets in a hybrid cloud environment.

Recently, Gartner recognized Caveonix as a Representative Vendor in the Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP).

To learn more about Caveonix Cloud 5.0, visit us at RSA booth 5384 at the Moscone North Expo Hall or get in touch with our sales team at

About Caveonix

Founded in 2017, Caveonix is the provider of Caveonix Cloud, the industry’s leading platform for unified security, compliance, and governance across hybrid multi-cloud environments. The platform’s interconnected modules enable enterprises to adopt a holistic approach to risk management across the full stack of applications, platforms, and infrastructure. The platform also employs AI and Robotic Process Automation to continuously assess and automatically remediate security and compliance issues at the scale and speed required to outpace today’s threats.

Headquartered in Falls Church, Virginia, Caveonix’s customers range from SMBs to Fortune 500s across a wide range of industries, and our partners are among the world’s leading integrators, managed service providers, and channel resellers.


Other News
AWS Management

CoreSite Accelerates AWS Direct Connect Hosted Connections on the Open Cloud Exchange

Business Wire | October 17, 2023

CoreSite, a leading hybrid IT solutions provider and subsidiary of American Tower Corporation (NYSE: AMT) (“American Tower”), announced it will launch valuable enhancements to its CoreSite Open Cloud Exchange(OCX), the company’s leading software-defined networking platform, to deliver faster AWS Direct Connect Hosted Connections of up to 50 gigabits per second (Gbps). The new OCX capabilities will further enable businesses to support the next wave of high-bandwidth, low-latency hybrid applications such as artificial intelligence (AI), machine learning (ML) and digital media production. AWS Direct Connect is a networking service that provides an alternative to using the internet to connect to Amazon Web Services (AWS). Using AWS Direct Connect, data that would have previously been transported over the internet is delivered through a private network connection between a customer’s facilities and AWS. Leveraging the 25G and 50G Hosted Connections, businesses will be able to ensure smooth and reliable data transfers at massive scale for real-time analysis, rapid data processing or broadcast media processing. Businesses deploying complex, data-intense workloads will also benefit from the simplified process offered through the OCX to rapidly scale network capacity between the enterprise edge and cloud providers. The OCX capabilities will allow clients to effortlessly scale their network to meet current and future business needs while reducing their operating expenses. As businesses look to AI and other data-intense applications to gain competitive edge, they need a platform capable of supporting high-density power, high-performance compute and low-latency cloud interconnection, said Juan Font, President and CEO of CoreSite, SVP of U.S. Tower. We are delighted to be working with AWS to deliver faster virtual connections to our customers to enable them to compete in today’s always-on digital economy. About CoreSite CoreSite, an American Tower company (NYSE: AMT), provides hybrid IT solutions that empower enterprises, cloud, network, and IT service providers to monetize and future-proof their digital business. Our highly interconnected data center campuses offer a native digital supply chain featuring direct cloud onramps to enable our customers to build customized hybrid IT infrastructure and accelerate digital transformation. For more than 20 years, CoreSite’s team of technical experts has partnered with customers to optimize operations, elevate customer experience, dynamically scale, and leverage data to gain competitive edge. For more information, visit and follow us on LinkedIn and Twitter.

Read More

Cloud Security

Lacework Announces Enterprise Multicloud Platform Updates

PR Newswire | October 25, 2023

Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates. Expanded Enterprise Multicloud Support Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations. We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration. Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment. "My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches." In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances. To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks. Operationalized Risk Management with ServiceNow and Jira Integrations It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities. "With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently." Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview. About Lacework Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at

Read More

Cloud App Management

Couchbase Shines: Ranks 9th in Battery Ventures’ Top Cloud Firms 2023

Couchbase | October 09, 2023

Couchbase, Inc. has earned a spot on Battery Ventures' 2023 list of the highest-rated cloud computing companies to work for. Battery Ventures, a technology-focused investment firm, compiled this ranking using feedback from Glassdoor. Couchbase secured the ninth position among the top 25 B2B cloud computing companies, boasting an impressive overall company ranking of 4.45 compared to Glassdoor's broader average of 3.7. The recognition is based on employee-reported satisfaction levels at work, highlighting Couchbase's commitment to fostering a values-driven organization. Fidelma Butler, Chief People Officer at Couchbase, emphasized the company's mission to simplify modern application development and expressed gratitude for the dedicated team that contributes to Couchbase's positive workplace environment. Couchbase has also received other recent workplace awards, including the UK's Best Workplaces in Tech 2022 and Fortune's Best Workplaces in the Bay Area 2022. The company remains dedicated to building an engaged, diverse, and inclusive global team. Neeraj Agrawal, a cloud-computing investor and Battery general partner, commended the companies on the list for maintaining strong corporate cultures during challenging times in the tech industry and shifting workplace norms post-COVID. Brandon Gleklen, a Battery principal, stressed the importance of company culture in attracting top talent and staying competitive. To make the 2023 list, a cloud company had to receive a minimum of 30 company reviews on Glassdoor between July 1, 2022, and June 30, 2023. For public companies, the criteria included being listed on a U.S.-based stock exchange and having a total enterprise value of at least $500 million as of the end of Q2, 2023. About Couchbase Couchbase, founded in 2009 and headquartered in Santa Clara, California, is a software development company specializing in NoSQL, document-oriented, key-value, mobile databases, SQL, cloud databases, and DBaaS. It aims to simplify application development and deployment through its cloud database platform, Capella. Over 30% of Fortune 100 companies trust Couchbase to power their modern applications, delivering exceptional customer experiences.

Read More

Cloud App Management

Google Cloud Teams Up with StackPath to Expand Edge-Forward Cloud

StackPath | September 20, 2023

StackPath Edge Compute is now accessible via the Google Cloud Marketplace, allowing Google Cloud customers to expand their environment to the internet's edge. StackPath, a leading edge computing platform, has made its Edge Compute Virtual Machines and Containers available on the marketplace, with purchases counting towards users' committed Google Cloud expenditure. StackPath offers cloud computing instances at edge points of presence within 38 major global markets, ensuring proximity to data sources and destinations. This proximity enhances application distribution options. Tom Reyes, Chief Product Officer for StackPath, emphasized the synergy between edge and cloud computing, highlighting the cost and performance benefits of utilizing Google Cloud for latency-neutral workloads and StackPath for latency-sensitive tasks. Dai Vu, Managing Director at Google Cloud, reportedly stated, As a part of their digital transformation strategies, many enterprises are seeking solutions that help them optimize their workflows. With its solutions now available on Google Cloud Marketplace, StackPath is enabling companies of all types and sizes to achieve the speed, security, and efficiency they require. [Source: PR Newswire] Additionally, StackPath recently added support for Virtual Kubelet in StackPath Edge Compute, facilitating seamless integration of StackPath Edge Compute Containers into multi-cloud Kubernetes (K8s) clusters. K8s, born on Google Cloud, remain popular among Google Cloud users. Key features of StackPath Edge Compute include deploying VMs with certified Linux distributions, image capture for autoscaling and rollbacks, deploying compliant container images, and rapid provisioning in StackPath Edge locations. About StackPath StackPath is an edge cloud platform offering cloud services in close proximity to end users compared to core cloud providers. Its edge compute solutions, including virtual machines and containers, along with edge applications such as CDN and WAF, are strategically positioned in densely populated areas. These services are connected through a secure private network fabric and managed through a single system. Clients, ranging from Fortune 50 enterprises to startups, rely on StackPath to optimize the performance, security, and efficiency of their latency-sensitive workloads and applications. Headquartered in Dallas, TX, StackPath was founded in 2015 and specializes in SECaaS, CDN, WAF, and various other cloud-related services.

Read More