The Cloud Optix product team has been hard at work delivering a host of great enhancements to the Cloud Optix service over November and December. Make sure you keep up with the latest updates to Sophos’ latest offering for the public cloud and share with your customers via the Sophos Community.
Pricing and licensing
- New term licenses
Now easier to quote and order, new Central Cloud Optix (COPX) SKUs are now available with tiered pack sizes and built-in multi-year discounts. - MSP Flex and PSA integrations
Sophos MSP Partners can now buy Cloud Optix on a monthly basis, with billing based on aggregate usage across their customer base, and with Sophos Central PSA integrations now available to pull usage data for customer billing. - AWS Marketplace PAYG
Cloud Optix is now available as a pay-as-you-go SaaS subscription on the AWS Marketplace. Get instant product activation, with usage metered per hour, and billed via the customer’s AWS monthly bill, with no contract term commitments. Partner-friendly with AWS’ Consulting Partner Private Offers (CPPO) program.
Cloud Optix management enhancements
- Cloud Optix is now live on Sophos Central
Integrated into Sophos Central, access to Cloud Optix is seamless, with no separate sign up required. Read more on the Sophos Partner Portal. - Sync and Scan on-demand
In addition to configurable scheduled security and compliance benchmark scans, customers can now also initiate a sync at any time for a specific cloud environment. - Shareable short URLs for search results and inventory pages
The ability to create a shareable short URL from any inventory or search results page is now available. Sharing this link with another user on the same account will enable the other user to see the same results. - Extended browser support
The Cloud Optix console now supports a wider range of browsers – adding support for Safari on Mac, Edge, and IE11 web browsers. - Cloud Optix Audit Logs
A new Audit Logs page in ‘Settings’ now allow users to view administrative actions including logins, user additions, policy changes/additions/deletions, and more. This includes a date range selector and search field (e.g. search for a specific policy name to see when changes have been made to that policy, and by whom). - Custom Policies: Rule Search
When creating a new custom policy or customizing an out-of-the-box policy, customers can now search for rules using a free-text search field, making it easy to find available rules for custom policies (e.g. search for “S3” to return all rules that have S3 in the rule summary). - Deep links to AWS console from Alerts (for EC2, RDS, and Security Groups)
Making it easier for customers to find and remediate issues relating to resources in their AWS environments, Cloud Optix Alerts now include deep links directly to the affected resources in the customer’s AWS console.
Infrastructure-as-Code (IaC)
- IaC Scan API
Customers can now integrate Infrastructure-as-Code template scanning into their development processes and CICD pipelines using Cloud Optix’ new REST API. In addition to our existing integrations with GitHub and Bitbucket, the new API makes our innovative proactive template assessment capabilities available to customers using a range of tools and processes.
New Features for cloud provider services
- High-risk AWS CloudTrail events (AI)
Cloud Optix now uses AI to profile activity and highlight events from AWS CloudTrail logs (via the Activity Logs inventory page) that are considered potentially risky: for example, when an IAM entity makes a type of change that it has never made before. - Terraform 0.12 on-boarding for AWS accounts
AWS accounts can now be added to Cloud Optix using the latest version of Terraform (v0.12). - Updated CIS benchmark policy
The AWS CIS benchmark policy has been updated to v1.2, and v1.1 for Azure.
Integration enhancements
- Splunk integration enhancement
Cloud Optix now sends additional information to Splunk via our integration. This includes the environment name for anomaly alert data as well as the full alert json output.
Coming soon!
There’s plenty to get excited about next quarter (spoiler alert!). Here are just a few examples of exciting new features up our sleeve:
- IAM topology visualization (easily view which users and roles have access to services and identify over-privileged users). Now in Preview.
- Support for Amazon Elastic Kubernetes Service (EKS). Now in Preview.
- Security-focused Spend Monitoring and Alerting for AWS, Azure and GCP. Now in Preview.
- Add AWS accounts using CloudFormation, including multi-account on-boarding using StackSets.
- …and much more!