Moon Cloud

Assurance - Security - Performance - Compliance

What is Moon Cloud?

Moon Cloud process

The platform for continuous compliance assessment and assurance evaluation of cloud, IoT, and traditional IT applications/infrastructures.
It enables infrastructure/application owners to have a complete verification of their services during operation. Though generic, it mainly targets security and performance assurance.

Why Moon Cloud?

Security and performance often depend on layers that are neither visible nor accessible. Opacity reduces users’ trust in Cloud, IT, and IoT systems. 
Moon Cloud is a non-intrusive platform for compliance assessment and assurance evaluation that brings transparency to the whole ICT infrastucture. Like moonlight it lets you see through the cloud without dissipating it like sunlight would do

  • Makes the system transparent allowing inspection, audit etc.
  • Makes applications compliant to standards providing a better control.
  • Provide a centralized Security Governance
  • Increases trustworthiness attracting customers
  • Keeps performance continuously under control
  • Mitigates butterfly effects allowing faster reaction to disaster.

Continuous Assurance and Compliance Assessment for Everyone

Private and Public Cloud

  • Online Dashboard to design and configure Moon Cloud controls targeting several public clouds (e.g. AWS, Azure)
  • Dedicated controls on premises for private cloud as OpenStack
  • Compliance rules for cloud infrastructure usage

Traditional IT infrastructure

  • Compliance assessment of traditional on-premises IT infrastructures as datacenters or enterprise solutions
  • Support for ad-hoc controls for custom policies
  • Asynchronous collection of evidence for assurance and compliance

Internet of Things

  • Large-scale evaluation of complex infrastructures composed of heterogeneous devices
  • Lightweight agents for battery-constrained devices
  • IoT data collection analysis and reports

Assurance vs Security

Cloud security: a way to actively protect assets (data and applications) by internal and external threats and attacks, to provide an environment where customers interact in a secure way.
Cloud security assurance: the way to gain justifiable confidence that infrastructure and/or applications will consistently demonstrate one or more security properties, and operationally behave as expected.

Security includes mechanisms necessary to provide a given security property (e.g., encryption, access control…)
The notion of assurance instead complements the one of security by providing methodologies for collecting and analyzing evidence that can prove or refute security properties (e.g., audit, certification, compliance techniques...).


Based on models and evidences
Based on models and evidences

Template-based customization that can be easily adapted to customers’ needs, evidence-based compliance assurance.

Fully automatic and customizable

Moon Cloud offers a platform allowing full customization of compliance and assurance as a service.

Covers all cloud stack layers
Covers all (cloud stack) layers

The evaluation deeply inspects all the aspects affecting the system. A deep dive in the hidden part of the security and performance iceberg.

Integrates pre-existing solutions

Third-party monitoring and testing tools, existing certification and compliance solutions can be easily integrated within Moon Cloud.

Continuous testing and monitoring

Assurance and compliance are guaranteed via non-invasive continuous monitoring and testing.

Non-tamperable system

Secure collection of monitoring evidence via non tamperable probes.

Supported compliance standards



csa control matrix

many more coming soon...