Reduce false positives, find actionable fixes for cloud, and infrastructure and application configurations before and after provisioning with static analysis
CoGuard works with complex infrastructures. We support a wide variety of infrastructures from serverless, cloud, hybrid and fully on-premise.
Automating compliance
CoGuard can be added to the CI/CD pipeline allowing for continual compliance testing and monitoring. Allowing teams to demonstrate the ongoing reporting required by various compliance frameworks.
Remediation with or without automation
Manually fixing configuration switches across containers and applications can be tedious. CoGuard provides auto-remediation tools that can create a pull-request and fit in the code review process.
Reduce CVE false positives
CoGuard is looking for security and vulnerabilities from security frameworks. The focus is on actionable configuration changes not CVE noise.
Fast and extensible
CoGuard is built from the ground up to be extensible. Our predicate logic engine allows us to add new technologies or new rulesets that are independent of the configuration of environments.
Don’t see a specific technology, contact us, CoGuard is easily extensible — this allows teams to extend the policies and configuration rules supported quickly.
Create an account. Check out and explore a test environment with sample repositories of web applications and view their reports on CoGuard's interactive dashboard.
Install the command line tools
To scan your own repository, cloud provider, or Docker image, install the CoGuard CLI via PyPI on your system. You can also enable it in your GitHub Workflows directly.
Run scan
CoGuard will discover configuration files in your code repository. Use the command line tools to scan a repo: coguard folder ./ This command auto-discovers all relevant configuration files. To review the files prior to scanning, add `--dry-run=true` as command line parameter.
View Report
You can view all reports in your dashboard, including history and trends. Remediation steps are provided.
Next steps
The free tier supports common IaC and AMP technology stacks. To scan your full infrastructure and access additional features including auto-remediation, you can book a call with us to learn more and upgrade your account.
Hear from some of our clients who are building infrastructure faster and more securely.
“[CoGuard] has been instrumental for us to fix issues and maintain an overall stability of the system. We were able to do more with the resources available to us.”
Alan Willemsen
ELB Team Lead, Teledyne-FLIR
“CoGuard provides an automated way to identify and map compliance controls to slashing risk for each client. Chainproof can assess the risk of a company’s infrastructure configuration in advance."
Dr. Sebastian Banescu
CEO, Chainproof
"Working with CoGuard, our team was able to improve the reliability of our IT foundation by giving us critical insights into our configuration quality and security in a timely manner."
John Preiditsch
President Six S Partners
The CoGuard report is very insightful and I am happy to learn that we are well protected and know how to address open holes in our cyber defence system. The check from within brought items to the surface that a penetration test failed to recognize.
Dietmar Wennemer
President & CEO, Virtek Vision
“We are asked regularly about our security posture. While we tracked the ELB development well, kept architecture documents up to date and ensured that our SBOM was being accurate and complete, there was the concern about misconfiguration. Not all team members of ours can be expected to be experts in every technology that we use.”