Latest Kloudle Release: Self-service, custom reports, new misconfiguration detections, and much more!

Pragti Chauhan
Feature image


New features have been released in Kloudle to allow our users to manage their Cloud Accounts and Teams better. Kloudle now integrates with 5 cloud platforms - AWS, Google Cloud, GitHub, Cloudflare, and Mongo Cloud. We are adding more and more visibility and misconfiguration detections for these platforms to make sure that our SREs have a trusted companion to take care of their cloud security needs.

New Features Added

1. Self Service:

SRE Managers can now remove cloud accounts they don’t want visibility for

SREs can use embedded guides and videos to easily onboard cloud accounts

2. Simplified summary view: SREs can see a simple summary of cloud accounts, assets and misconfigurations. Hover on the summary to copy it and paste it in email, slack or a presentation

3. Custom Reports: SRE Managers can set up reports to be sent to account owners of cloud accounts (only in Enterprise Version)

4. Account nicknames added: Account IDs can be confusing when you have too many accounts to keep track of, so we added Account names to the cloud account list, all reports and slack alerts

5. Assigning Owners: Owner section has also been added to the cloud account list, all reports and slack alerts so that it is easy to identify which team member is responsible for which cloud account

6. Improved Slack Alerts: Slack Alerts have improved. You get more context and better readability now.

Visibility and Misconfigurations

Big updates in misconfigurations. Covering Cloudflare, Mongo Cloud, AWS and Google Cloud we are adding more and more misconfigurations so that you can have effective visibility.

Misconfig updates

5 new misconfigs in Cloudflare

  1. Multi factor authentication (2FA) is disabled for user
  2. Minimum TLS version is not ‘1.2’
  3. Auto redirect HTTP to HTTPS disabled
  4. Web Application Firewall disabled
  5. DDoS setting disabled under Firewall

1 new misconfig in Mongo Cloud

  1. Project exposed to the world

5 new misconfigs in AWS

  1. CloudTrail Trail does not have Multi-region enabled
  2. CloudTrail does not have server side encryption enabled
  3. CloudTrail does not have File validation enabled
  4. CloudTrail logs are not integrated with CloudWatch Logs
  5. SQS Queue is missing server side encryption

7 new misconfigs in Google Cloud

  1. Log metric filter and alerts not present for project ownership assignments / changes
  2. oslogin was found to be disabled for the Project
  3. A bucket was identified with Public Access turned on
  4. API keys created for a project
  5. API keys are not restricted to be used by only specified Hosts and Apps
  6. API keys not restricted to only APIs that application needs access
  7. API keys not rotated in 90 days

Bug Fixes

Coming Soon

We at Kloudle are striving to continue enhancing your experience with us by adding more relevant features to help you manage your cloud security needs better. Rest assured, we have many exciting things on the roadmap for you, so keep an eye on the latest updates right here. In the meanwhile, follow us on Twitter and LinkedIn to continue this journey with us!

← Back to Blog