CHAaSM Cloud integrates CHAaSM AI with the operating system and microservice applications to deliver a production ready scale-out cloud container stack to meet the most stringent compliance requirements for high governance.
Go from inserting a USB stick in a server, to a fully hardened cloud container host in minutes. CHAaSM Cloud is easily customizable to support the unique requirements of our most security concerned customers.
Hardened Minimal Linux Platform - Integrated with CHAaSM AI for TPM 2.0 boot integrity, FIPS enablement, SELinux enforcement, AutoSecOps, and cryptographic validation.
Principle of Least Privilege and SELinux Confined Domain Isolation - Cloud services run unique deprivileged service accounts and SELinux domains, isolating and protecting services from one another.
"No root" design - Disables the root account to prevent platform tampering.
Daemon-less Rootless Container Stack - No use of heavy running services or elevated privileges to create, manage, and deploy pod images and containers.
Network Isolation - Interface boundaries at every layer by default to segment service network traffic (management, backplane, SDN).
Embedded Metrics, Alerts, and Logging (SIEM/SOAR) - Microservice oriented event monitoring that exposes system health, analytics, and platform security state, while leveraging CHAaSM AI for automated response.
Simplify Integration with Choice!
CNI and Service Mesh - Flexibility to integrate microservice based Container Networking Interface (CNI), Network Policy Manager (SDN), and Service Mesh of your choice with CHAaSM embedded hardening and packaging.
S3 Object Storage - Extensibility to integrate microservice based persistent object storage of your choice with CHAaSM embedded hardening and packaging.
SIEM/SOAR - Freedom to integrate metrics, log data, and automated response to any 3rd party SIEM/SOAR solution.
User Experience (UI/UX) - Integrate any Kubernetes management layer to provide a "have it your way" experience.