prancer is a cloud validation framework using for cloud compliance
What is prancer?
To move to the cloud, companies are using various methods to provision and deploy resources. That includes custom built scripts, manual provisioning from web-based interfaces, using of available provisioning engines and use of custom automation frameworks. Since the deployed resources in the cloud could grow exponentially over the time, Security Operators (SecOps) team should be equipped with the right tools for the cloud compliance.
Prancer is a multi-cloud validation framework which can be used by any company Security Operators to validate and verify the cloud implementation before and after the deployment.
This pre-deployment and post-deployment validation framework can connect to multiple cloud providers including Microsoft Azure, Amazon AWS and Google cloud to validate the resources you have deployed in the cloud. (other cloud providers are in development: Oracle, VMWare, Cloud Foundation, …)
Prancer cloud validation framework can be integrated to your current build and release pipeline for validation purposes in your Infrastructure as Code (IaC) pipeline.
Prancer engine has high capability to read out the configuration attributes from any parameter file or automation framework and use it as a blueprint to compare to the configuration values you have in your cloud implementation. It can read out the values from your cloud provisioning engine and compare it to the deployed resources to validate the implementation and find out any delta.
Prancer cloud validation framework is equipped with industry compliance tests (HIPPA, PCI, SCI, …) to automatically compliance scan your infrastructure as code (IaC) and cloud deployed resources to make sure you are in compliant.
You could use prancer cloud validation framework for the following governance scenarios:
- Cloud Compliance test
- Infrastructure as Code (Iac) Compliance test
- Cloud to cloud configuration comparison
- Cloud to provisioning engine (or text files) attributes comparison
- Documenting your cloud resources
- Keep track of changes for the deployed resources in your cloud implementation