Open menu

Frequently Asked Questions

Answers to your most commonly asked questions

How does Cloud Conformity access my AWS account?

Cloud Conformity uses a custom access policy to view your AWS account metadata - there is no read or write access to your data.

What data does Cloud Conformity capture and how is it stored?

Cloud Conformity only accesses the metadata associated with your AWS infrastructure. For example, we recognise that your AWS account has twelve S3 buckets and twenty EC2 instances, however, we cannot see the data/applications associated with these resources.

We retain metadata for active accounts for a 12-month period after which it is automatically deleted. If you choose to deactivate an account, all your data is automatically deleted at the time of deactivation.

Does anyone at Cloud Conformity look at this data?

No, Cloud Conformity staff don’t have access to view your dashboard or account information. Authorised members of our technical team have limited access to view metadata associated with your accounts, for example, the number of compliance checks performed. However, our staff cannot see the specific violations associated with your AWS account.

Will using Cloud Conformity increase my monthly AWS bill?

Cloud Conformity accesses your account via the AWS API and therefore does not increase your AWS bill. Your monthly AWS bill will not increase regardless of how many of your AWS accounts are linked to Cloud Conformity.

Can I cancel my subscription at any time?

If at any time you're unhappy with the service, you can cancel your subscription by visiting: Administration > Subscription > Cancel

Here’s what to expect when you cancel your subscription:

  • You will immediately lose access to the Cloud Conformity services for the account that you unsubscribed from
  • All database entries, S3 Objects, and all information related to the account are deleted with the exception of logs, which are kept for 6 months for forensic analysis and are available on demand

Cancellations and Refunds:

  • If Cloud Conformity directly invoices you, cancellations and refunds are governed by the Cloud Conformity Enterprise SaaS agreement signed by your organization.
  • If you use credit card for payments, you are getting billed in advance for the whole monthly subscription term. For example, you’ll be billed on 20th Feb for subscription term between 20th Feb - 19th March. Refunds for cancellations that are not done 5 business days before the end of the subscription term will be handled on a case-by-case basis.
  • If you have subscribed with us via AWS Marketplace, cancellations and refunds are governed by AWS refund policy.
Payment method Cancellations and refunds
Cloud Conformity Invoice Governed by Cloud Conformity Enterprise SaaS agreement signed by your organization
Credit Cards Advanced billing, must cancel 5 business days before your next term
Via AWS Marketplace Governed by AWS refund policy

What is Cloud Conformity?

In a nutshell: Prevention, Detection, Correction. The most complete solution to avoid critical threats and vulnerabilities in your AWS environments. Awarded both AWS Cloud Management Tools Competency and Security Partner Competency, Cloud Conformity’s real-time security, compliance and optimization platform delivers continuous assurance that your infrastructure is secure and compliant as your cloud footprint grows. Our combination of real-time insights and accessible, simple, remediation steps enables organisations to embrace DevOps without the fear of introducing security vulnerabilities, reliability risks or performance and cost inefficiencies.

Why do I need Cloud Conformity?

As organizations are moving more complex and larger workloads into the cloud to take advantage of its agility, flexibility and lower costs, the need for broader and deeper security of your infrastructure has never been greater. Traditional security methods such as firewalls and agent-based protection aren’t ideal in the cloud, a simple change on one EC2 instance could go unnoticed and have a potentially catastrophic impact on your business.

Cloud Conformity gives you back full visibility and control of your infrastructure, whilst ensuring you are committing to the AWS Shared Responsibility Model by securing all the applications in your cloud environments.

How quick is Cloud Conformity to set up?

Cloud Conformity has been designed so you can be up and running with your own Cloud Conformity account within 5 minutes. Once you have connected and configured one AWS account, replicating the rules and communication preferences across other accounts can be done in a matter of minutes. We’d be more than happy to give a quick demo on this!

How does Cloud Conformity help with compliance and standards?

Cloud Conformity has its roots in the AWS Well-Architected Framework and uses this to measure compliance levels against your account. The Cloud Conformity rules can also be filtered by various industry standards (GDPR, HIPAA, CIS, & PCI), so you’re able to see and action very quickly the improvements needed to ensure you’re meeting those standards on your AWS infrastructure.

How is Cloud Conformity different to AWS Trusted Advisor?

AWS Trusted Advisor is a great starting point to identify best practice violations and cost-saving techniques for your AWS accounts. However, it is limited to only 54 rules and doesn’t provide easy to follow resolution steps to rectify the issues. For your complex workloads on AWS, you will need a comprehensive continuous assurance tool that covers more AWS services. Cloud Conformity has over 400 advanced rules, each providing the rationale and clear remediation steps for the violations. Cloud Conformity also seamlessly integrates with your existing workflow to ensure vulnerabilities are remediated as they occur, by the appropriate individual or team.

How is best practice determined?

The AWS Well-Architected Framework defines best practices you should follow to ensure your AWS infrastructure is secure, reliable, highly available and cost-effective. Cloud Conformity automates the auditing of your AWS infrastructure against the Well-Architected Framework.

Can I add a custom rule?

If you’re keen to add your own rules, custom rules can be created via AWS Config with the results ingested and displayed in Cloud Conformity. Other custom rule sets can be ingested by Cloud Conformity via the Cloud Conformity API.

If you need additional support creating a new rule, please have a chat with us via the chat bubble at the bottom right of the page (there is always someone online!). We’re constantly adding new rules to our platform, so we might already be working on the rule you’re after.

What communication tools do you integrate with?

Cloud Conformity currently integrates with the following communication channels and workflow systems:

  • JIRA

  • ServiceNow

  • Zendesk

  • SMS

  • Amazon SNS

  • PagerDuty

  • Email

  • Slack

How many rules do you have?

Cloud Conformity currently runs over 450 automated best practice rules and we are constantly adding new rules every week, so you can expect to see this number grow!

Can I use Cloud Conformity for Azure or Google Cloud?

Cloud Conformity is a specialized AWS continuous assurance and governance tool, however, we are working on support for other cloud environments. If you have a hybrid cloud environment, please get in touch or follow us on Twitter for the latest updates.