Hyperglance Launches Cloud Automation, Remediation & Actions

Hyperglance’s automation/action feature set builds on top of our inventory and rules engine to give you the ability to manage and automate your AWS environment directly from Hyperglance.

Using our built-in rule set (which includes CIS, NIST, PCI-DSS and AWS Well architected) or by creating your own rules, you can automatically save money and ensure the security of your entire AWS deployment.

hyperglance cloud automation icon

How It Works

Hyperglance connects to a large range of AWS APIs to collect an extensive inventory.

Using that inventory, Hyperglance then creates a dependency model. A rules engine sits on top of this inventory and dependency model.

The rules engine runs on a periodic basis of your choice and can create a set of results when run. This set of results is stored in an S3 bucket which a lambda (which we provide) uses to run functions that act on the resources in the result set.

We ship a Lambda with a set of animations/actions that you can adjust, add to, or create your own.

The Lambda code is open source to ensure auditability. We include terraform code for deployment of the lambda and cross-account role creation.

  1. A pre-built or custom rule triggers in Hyperglance
  2. Hyperglance sends the search/rule result to S3
  3. Lambda reads the SNS data from S3
  4. A Lambda function executes, issuing commands to your AWS resources, and resolving your problem
hyperglance aws automation

NOTE: You only need to deploy one lambda, using cross-account roles you can act on all of your accounts.

All of this functionality runs inside your AWS account with complete isolation from outside your organisation. None of your data is exposed to any other organisation, including Hyperglance. 

This functionality works with both Commercial and GovCloud.

You can schedule the automation or run actions on demand. Notifications can be set up to send slack messages, emails, SNS notifications or any combination of the three. 

An easy to read logging system is included so you can always see what was actioned and when. SAML support is built-in so you can also see who did what. All logs are stored in the S3 bucket so auditing is accounted for.

Even if you are not ready for full automation, Hyperglance provides the mechanism to be alerted to issues, then allows you to investigate and manually kick off the remediation action directly in Hyperglance.

Automation Use Cases

Use Case 1: Reduce Cost

The cloud was once touted as a low-cost way to run your applications. No more. While the agility use case can’t be disputed, it’s very easy for your costs to run away from you in the cloud.

Hyperglance provides an intuitive way to explore your billing data, track down extraneous costs and automate the saving of costs.

hyperglance cost explorer aws

Hyperglance's cost explorer allows you to easily see high-cost items

Hyperglance includes built-in rules to highlight orphaned and underutilized resources

Configure Hyperglance rules to automatically stop, terminate or delete resources on a set schedule/period

Here are a few examples of rules you can use to save costs in your AWS accounts:

  1. Terminate EC2 instances running over 12 hours in your development environment
  2. Delete orphaned snapshots over 30 days old
  3. Schedule times for workspaces and instances to be stopped overnight and on weekends

Use Case 2: Secure Your Environment

Hyperglance ships with hundreds of rules covering many different frameworks. (PCI-DSS, NIST, CIS and AWS Well-Architected, to name a few).

Any of these rules can utilize our remediation actions to enforce your security policy. 

Hyperglance includes hundreds of rules that will help you secure your environment

Use the Security & Compliance dashboard to give you an overview of your security posture

Use Hyperglance to provide automated incident response and enforce security compliance across multiple AWS accounts, 24/7

Here are a few examples of rules you can use to secure your AWS accounts:

  1. Delete Internet Gateways in accounts where resources must go through a NAT Gateway or Load Balancer
  2. Quarantine instances that have been exposed to the internet
  3. Strip out insecure rules in Security Groups

Use Case 3: Enforce Compliance

Audits are not fun.

Keeping on top of compliance is a constant battle.

Hyperglance comes with hundreds of rules that will allow you to enforce compliance with standards such as NIST (800-53, 800-171), PCI-DSS, HIPAA, CIS and FedRAMP. It also comes with rules that keep you compliant with AWS Well-Architected.

Hyperglance includes many rules to ensure you stay compliant

Use the Hyperglance Security & Compliance Dashboard to review and improve your compliance

Use Case 4: Consolidate Your Scripts

Use ours and add your own.

Keeping a grip on all the various scripts that are used in your company is difficult.

Using git and terraform, you can consolidate all your scripts into one place.

Our code is open source and lives in your account so you can adjust as you see fit.

github logo

Use Case 5: Belt & Braces on top of your Infrastructure as Code environments

Keeping your Infrastructure as Code is best practice in our industry.

If you’ve managed to get that far down the road I applaud you.

The trouble is, sometimes things slip through and you need something to keep an eye out for rogue operators and to be able to highlight shadow IT.

Hyperglance can both highlight and automatically shut down shadow IT contributors and resources that have been provisioned incorrectly.

Hyperglance & Cloud Automation

The Hyperglance automation feature gives you an easy way to automate and act on the data Hyperglance provides. Hyperglance’s automation allows you to quickly and easily reduce costs, identify and remediate security issues, enforce and maintain strict compliance with organisation and industry standards. Solve problems one time with easy-to-build automations that can remediate any future misconfigurations. As with all Hyperglance updates, there is no extra cost for this feature and you can run them as many times as you like, as often as you like. You won’t have any billing surprises like with other systems.