The platform for continuous compliance assessment and assurance evaluation of ICT applications and infrastructures.
It enables infrastructure/application owners to have a complete verification of their services during operation. Though generic, it mainly targets security and performance assurance.
Security and performance often depend on layers that are neither visible nor accessible. Opacity reduces users’ trust in modern ICT systems.
Moon Cloud is a non-intrusive platform for compliance assessment and assurance evaluation that brings transparency to the whole ICT application/infrastructure. Like moonlight it lets you see through the cloud without dissipating it like sunlight would do
- Makes the system transparent (including the ones based on AI/ML) allowing inspection, audit etc.
- Makes applications compliant to standards providing a better control.
- Provide a centralized Security Governance
- Increases trustworthiness attracting customers
- Keeps performance continuously under control
- Mitigates butterfly effects allowing faster reaction to disaster.
Modern ICT infrastructures
- Specific controls for public clouds (e.g. AWS, Azure)
- Support for ad-hoc controls for on-premises infrastructures
- Compliance rules for relevant standards (e.g., Agid, GDPR)
- Threat monitoring based on VA/PT controls
AI/ML based Applications
- AI/ML specific controls monitoring models at runtime
- Compliance of the ML development process (e.g., CapAI, ALTAI)
- Assurance monitoring of AI/ML performance
Edge Cloud Continuum
- Large-scale evaluation of continuum infrastructures composed of heterogeneous devices and domains
- Lightweight controls for IoT devices
- Controls for 5G core networks and edge nodes
Security: a way to actively protect assets (data and applications) by internal and external threats and attacks, to provide an environment where customers interact in a secure way.
Security assurance: the way to gain justifiable confidence that infrastructure and/or applications will consistently demonstrate one or more security properties, and operationally behave as expected.
Security includes mechanisms necessary to provide a given security property (e.g., encryption, access control…)
The notion of assurance instead complements the one of security by providing methodologies for collecting and analyzing evidence that can prove or refute security properties (e.g., audit, certification, compliance techniques...).
Template-based customization that can be easily adapted to customers’ needs, evidence-based compliance assurance.
Moon Cloud offers a platform allowing full customization of compliance and assurance as a service.
The evaluation deeply inspects all the aspects affecting the system. A deep dive in the hidden part of the security and performance iceberg.
Third-party monitoring and testing tools, existing certification and compliance solutions can be easily integrated within Moon Cloud.
Assurance and compliance are guaranteed via non-invasive continuous monitoring and testing.
Secure collection of monitoring evidence via non tamperable probes.
The evaluation deeply inspects all the aspects affecting the system including AI/ML models. A deep dive in the hidden part of the iceberg.
