Yandex Security Deck

A cloud-native application protection platform (CNAPP) for monitoring the security of cloud resources and application data. It combines tools for access control, transparency and data security, making it possible to automate key information security processes and protect cloud environments in a centralized manner.

Yandex Security Deck modules are at the Preview stage and offered free of charge.

Go to service Documentation

Platform transparency

The integration of the Access Transparency module and YandexGPT ensures the security and transparency of the Yandex Cloud platform. The service allows you to track the actions of Yandex Cloud employees who have access to your cloud resources.Embedded ML models analyze all operations, identify potentially dangerous ones, and YandexGPT additionally summarizes actions, simplifying monitoring.

Cloud-native integrations

The service is fully integrated into the cloud, providing control without needing data transfers. All operations are carried out within the cloud infrastructure, reduces the risk of leaks. The platform takes the context of the cloud into account for effective security management.

Minimizing the risk of data leaks

The Data Security Posture Management (DSPM) module plays a key role in reducing the risks of data leaks, ensuring their control at all stages of processing. It automatically detects confidential data, and can engage the access diagnostics module to check the rights and privileges granted. This allows you to quickly eliminate risks and protect information in cloud environments.

DSPM finds places to store and process personal data in the cloud infrastructure. The module identifies various types of confidential information, like names, individual insurance account numbers (SNILS), etc. This makes it possible to increase transparency, prevent leaks in a timely manner, and provide access to data only for those components of the cloud infrastructure that are necessary.

We are constantly improving IS processes, mechanisms for creating and operating services to comply with federal and international standards. You can request reports, regulations, and other documents of the Yandex Cloud security system to be confident in your chosen cloud provider.

Cloud Infrastructure Entitlement Management (CIEM) is a tool for analyzing and inventorying granted user roles and access rights to cloud resources. It ensures the principle of least privilege and reduces the surface of attacks on potentially vulnerable parts of the infrastructure.

The Access Transparency module allows you to check the reaons a provider’s employees have access to the infrastructure, e.g., for support engineers to perform additional diagnostics of IT systems or update software. ML models analyze these actions. YandexGPT is built into Access Transparency, and creates summaries of access events to increase transparency. Suspicious sessions are automatically sent for review to the Yandex Cloud security team.