Yandex Security Deck overview

Yandex Security Deck is a comprehensive CNAPP service whose modules discover vulnerabilities, monitor and protect access to data, and enforce compliance with regulations and industry standards.

The Security Deck modules allow you to achieve a number of security objectives:

• Monitoring and incident response: Yandex Cloud Detection and Response enables monitoring and responding to Yandex Cloud infrastructure incidents. YCDR is built around Yandex Cloud's in-house Security Operations Center (SOC). The module collects data from the cloud infrastructure to detect anomalies. When YCDR detects an anomaly, it creates alerts indicating a potential incident.

• Comprehensive data protection. The Data Security Posture Management (DSPM) module detects sensitive information stored in Yandex Object Storage buckets for timely action to protect it from unauthorized access or leaks.

• Containerized application security management: Kubernetes Security Posture Management (KSPM) ensures the security of containerized applications and images they use. The KSPM module automatically checks cloud infrastructure against corporate and industry standards, identifies all Kubernetes clusters and containers in the specified workspace, and deploys security components in them as defined in the configuration.

• User access management. The Cloud Infrastructure Entitlement Management (CIEM) module allows you to manage user access to diverse corporate resources with full control over who has access to which data, and what actions are allowed with that data.

  One of the fundamental principles of Yandex Identity and Access Management is that of least privilege, where users get only the access permissions they need to perform their job duties.

  CIEM implements this principle and helps to ensure:

  • Data security by managing user access to company resources.
  • Prevention of unauthorized access to sensitive information.
  • Effective management of user and service account access permissions.
  • Shorter time to investigate security incidents.

• Yandex Cloud configuration management: Cloud Security Posture Management (CSPM) checks the Yandex Cloud infrastructure and applications deployed within the specified workspace for compliance with comprehensive security requirements and best practices. This module helps ensure compliance with the selected security policies and protection against common threats and vulnerabilities in the cloud.

• Transparent data handling. The Access Transparency module allows customers to follow what Yandex Cloud engineers do with the organization's resources.

Integration between modules simplifies the process of monitoring the actions of Yandex Cloud engineers and users, allowing you to quickly respond to possible security threats.

Comprehensive use of modules helps reduce the risks associated with unauthorized access, data leaks, and non-compliance with regulatory requirements.