What is SecureCloud?

Tufin SecureCloud is a security monitoring and management solution for public cloud that gives you three key requirements needed for robust network security:

  • Visibility into your public cloud environment that graphically displays elements and connectivity

  • Policy Management and control

  • Continuous Compliance

These capabilities help you identify security risks and address them fast. At the public cloud level, SecureCloud monitors and maps out your Amazon AWS, Microsoft Azure, Google Cloud accounts and highlights deviations from security best practices.

The main areas of functionality in the product can be grasped by looking at the main menu.



At the top of the visibility hierarchy is the SecureCloud Dashboard. It highlights primary areas of concern in your networks such as overly permissive network policies, and risky ports with a drill-down capability that leads you to the issues you need to address.

Multiple Accounts

Tufin SecureCloud gives you a way to view your public cloud beyond individual cloud accounts and instead see a single combined environment consisting of multiple cloud vendors and accounts, segmented according to your selected asset grouping criteria.

SecureCloud monitors your cloud accounts and combines the information gathered with resource metadata to visualize cloud access connectivity. It brings you the security status of your cloud by highlighting segments and assets that violate the policy you have defined. Its global visibility includes topology maps of your segments in the cloud, showing their connections and compliance with your security policy. You can drill right down to see the effective access to each and every asset.


SecureCloud will monitor traffic if you enable this option in your vendor accounts. Presence of traffic appears in the cloud graph panels and can be filtered in related pages.

Sensitive Data

SecureCloud shows assets with sensitive data that are exposed to the internet.

Policy Management

SecureCloud lets you define a Cloud Security Policy that is checked against the effective connectivity set up in your cloud vendor accounts. SecureCloud automation discovers violations and configuration issues in your environment.

Continuous Compliance

Implementing what-if analysis as a preflight hook in your CI/CD pipeline, SecureCloud can analyze the security impact of your proposed cloud infrastructure changes before implementation.

Will SecureCloud Work on Our Infrastructure?

SecureCloud can monitor public cloud vendors Amazon AWS, Microsoft Azure, Google Cloud. You must define appropriate permissions in your public cloud accounts to allow SecureCloud to monitor them (see Account Manager).

What Next?