Moon Cloud

Assurance - Security - Performance - Compliance

What is Moon Cloud?

Moon Cloud process

The platform for continuous compliance assessment and assurance evaluation of ICT applications and infrastructures.
It enables infrastructure/application owners to have a complete verification of their services during operation. Though generic, it mainly targets security and performance assurance.

Why Moon Cloud?

Security and performance often depend on layers that are neither visible nor accessible. Opacity reduces users’ trust in modern ICT systems. 
Moon Cloud is a non-intrusive platform for compliance assessment and assurance evaluation that brings transparency to the whole ICT application/infrastructure. Like moonlight it lets you see through the cloud without dissipating it like sunlight would do

  • Makes the system transparent (including the ones based on AI/ML) allowing inspection, audit etc.
  • Makes applications compliant to standards providing a better control.
  • Provide a centralized Security Governance
  • Increases trustworthiness attracting customers
  • Keeps performance continuously under control
  • Mitigates butterfly effects allowing faster reaction to disaster.

Continuous Assurance and Compliance Assessment for Everyone

Modern ICT infrastructures

  • Specific controls for public clouds (e.g. AWS, Azure)
  • Support for ad-hoc controls for on-premises infrastructures
  • Compliance rules for relevant standards (e.g., Agid, GDPR)
  • Threat monitoring based on VA/PT controls

AI/ML based Applications

  • AI/ML specific controls monitoring models at runtime
  • Compliance of the ML development process (e.g., CapAI, ALTAI)
  • Assurance monitoring of AI/ML performance

Edge Cloud Continuum

  • Large-scale evaluation of continuum infrastructures composed of heterogeneous devices and domains
  • Lightweight controls for IoT devices
  • Controls for 5G core networks and edge nodes

Assurance vs Security

Security: a way to actively protect assets (data and applications) by internal and external threats and attacks, to provide an environment where customers interact in a secure way.
Security assurance: the way to gain justifiable confidence that infrastructure and/or applications will consistently demonstrate one or more security properties, and operationally behave as expected.

Security includes mechanisms necessary to provide a given security property (e.g., encryption, access control…)
The notion of assurance instead complements the one of security by providing methodologies for collecting and analyzing evidence that can prove or refute security properties (e.g., audit, certification, compliance techniques...).


Based on models and evidences
Based on models and evidences

Template-based customization that can be easily adapted to customers’ needs, evidence-based compliance assurance.

Fully automatic and customizable

Moon Cloud offers a platform allowing full customization of compliance and assurance as a service.

Covers all cloud stack layers
Covers all (cloud stack) layers

The evaluation deeply inspects all the aspects affecting the system. A deep dive in the hidden part of the security and performance iceberg.

Integrates pre-existing solutions

Third-party monitoring and testing tools, existing certification and compliance solutions can be easily integrated within Moon Cloud.

Continuous testing and monitoring

Assurance and compliance are guaranteed via non-invasive continuous monitoring and testing.

Non-tamperable system

Secure collection of monitoring evidence via non tamperable probes.

Assess AI/ML models

The evaluation deeply inspects all the aspects affecting the system including AI/ML models. A deep dive in the hidden part of the iceberg.

Supported compliance standards



csa control matrix



Cap AI

many more coming soon...