The EPAM Syndicate Rule Engine is a solution that allows checking and assessing virtual infrastructures in AWS, Microsoft Azure, GCP clouds and Kubernetes clusters against legal, industry, corporate and customer requirements, standards, and best practices rulesets. By default, the solution provides hundreds of security, compliance, utilization, and cost effectiveness rules, which match world known standards like GDPR, PCI DSS, CIS Benchmark, and more.

This allows an enterprise to be sure that the environments used for production or development purposes are compliant with the various rules. Meanwhile, it minimizes the challenges like finding proper tools, performing checks in different directions, analyzing findings and quickly reacting, proper remediation planning, ensuring continuous compliance, and maintaining the cost effectiveness and optimization of infrastructure

For existing businesses, it helps inventory and assessment for their legacy infrastructure and planned updates and for new businesses, can help make sure their processes and infrastructure match standards and are effective and safe.

The core of the EPAM Syndicate Rule Engine is a mechanism that scans a specified account to find resources that are not compliant with the applied rule set. These scans include:

On-demand scan: A one-time or an irregular scan initiated by an operator or a 3rd party system at the moment considered proper by them. This can be used to perform initial infrastructure assessment or check the readiness to pass a specific type of audit.

Scheduled scan: A regular scan performed according to a specific schedule. This can be used to ensure continuous compliance checks, for example, before or after regular product updates.

The result of a scan is a list of vulnerabilities and metadata of the scan that can be processed and analyzed by the customer to define remediation plans and priorities.