Status key: ● Available – production ready · ● Preview – early access · ● Controlled – requires agreement · ● Experimental – alpha/beta · ● Roadmap – planned
Core platform capabilities
| Capability | Status | Notes |
|---|---|---|
| Cloud metadata collection | ● Available | AWS, Azure, GCP supported. Kubernetes for controlled deployments. Oracle experimental. Alibaba roadmap. |
| Attack path analysis | ● Available | Exposure chains, privilege escalation, lateral movement, and crown-jewel reachability analysis. |
| Identity risk assessment | ● Available | CIEM-style analysis covering over-privileged roles, credential exposure, and escalation paths. |
| Data exposure analysis | ● Available | Metadata-based sensitivity classification, replication scope, and access path analysis. |
| Control evidence mapping | ● Available | Links cloud findings to security control validation and compliance framework requirements. |
| Executive reporting | ● Available | Board-ready reports showing risk, remediation priorities, and progress. |
| Technical reporting | ● Available | Detailed findings with asset names, configurations, and remediation steps. |
| Risk scoring | ● Available | Quantitative risk models with business-context weighting. |
| Remediation prioritization | ● Available | Rank actions by impact-per-effort, crown-jewel reduction, and attack path elimination. |
| Remediation recommendation | ● Available | Step-by-step remediation guidance with evidence-based reasoning. |
| Remediation tracking | ● Available | Track remediation progress and measure risk reduction. |
| Remediation execution | ● Controlled | Optional; requires explicit approval, scoped permissions, and operational controls. |
| Data inspection | ● Controlled | Requires explicit enablement and data-handling agreements. |
| AI-assisted analysis | ● Preview | Optional summaries using approved model providers and customer-defined data controls. |
| Third-party API integrations | ● Preview | SIEM, SOAR, ticketing, and remediation workflow integrations in development. |
| Custom connectors | ● Experimental | Custom cloud provider or data source connectors available in controlled environments. |
| Federated identity analysis | ● Preview | Third-party identity provider trust path analysis for SSO and federated access. |
| Compliance framework mapping | ● Available | Evidence linking to CIS, NIST, PCI DSS, SOC 2, ISO 27001, and custom frameworks. |
| Audit logging and retention | ● Available | Authentication, admin, scan, export, and connector events logged and retained 365+ days. |
| Multi-account / multi-cloud dashboards | ● Available | Cross-cloud risk aggregation, trend analysis, and comparative reporting. |
Deployment and integration capabilities
| Capability | Status | Notes |
|---|---|---|
| SaaS deployment | ● Available | Multi-tenant SaaS platform with standard uptime SLA for annual customers. |
| Private cloud deployment | ● Preview | Dedicated private cloud instances available for enterprise customers. |
| Customer-managed deployment | ● Roadmap | Self-hosted or customer-managed deployment models planned. |
| REST API | ● Available | Full API coverage for findings, dashboards, remediation, and reporting. |
| CLI tooling | ● Preview | Command-line tools for scanning, reporting, and integration automation. |
| SIEM integration | ● Preview | Splunk, ELK, and generic webhook integrations for alert enrichment. |
| SOAR integration | ● Preview | Playbook triggers and event-driven workflow integration. |
| Ticketing integration | ● Preview | Jira, ServiceNow, and generic webhook support for issue tracking. |
| Identity provider integration | ● Available | OIDC, OAuth, SAML, and MFA support for access control. |
| Admin audit logging export | ● Available | Export audit logs in standard formats for compliance analysis. |
What this means for you
Cloudryption is production-ready for core cloud analysis, risk modeling, and decision support. Advanced capabilities like remediation execution, deep data inspection, and custom integrations are available under controlled agreements.
If you require a capability that is marked as "Preview," "Controlled," "Experimental," or "Roadmap," contact us to discuss timeline, availability, and requirements.