How can we help?
Table of Contents
< All Topics
Print

Getting Started with Paladin Cloud

PostedJuly 10, 2023
UpdatedAugust 7, 2023

Overview

Paladin Cloud is a free open source cloud security platform focused on enabling you to find blindspots in your cloud security. It enables you to identify and visualize your cyber assets and security controls, while monitoring your multi and hybrid cloud environments for vulnerabilities, misconfigurations and security risks.

The platform functions as a policy management plane across multi-cloud and enterprise systems to protect your applications and data. It contains best practices, and security policies, and monitors your cloud assets continuously. Security violations are prioritized based on severity levels, allowing you to focus on critical events.

The platform’s resource discovery function creates an asset inventory, and security policies are evaluated against each asset. An effective visualization system helps developers see violations and fix them on a risk-adjusted basis. The auto-fix framework automatically allows predefined actions to be taken in response to policy violations.

There are 4 major components in Paladin Cloud:

Paladin Cloud Rule Engine                  : CloudWatch Rules, Lambda, AWS Batch

Paladin Cloud Web Application (UI & APIs)  : AWS ECS, Fargate

Paladin Cloud Inventory Collector          : Cloudwatch Rules, AWS Batch

Paladin Cloud Data Management              : AWS ElasticSearch, RDS, S3

Installation

For detailed installation instructions, follow our Standard Installation Guide.
Our Quick Install Guide covers the steps needed without step-by-step instructions for advanced AWS users or those looking for a refresher.

Technology Stack

  • Front End – Angular
  • Backend End APIs, Jobs, Rules – Java
  • Installer – Python and Terraform

Deployment Stack

  • AWS ECS & ECR – For hosting UI and APIs
  • AWS Batch – For rules and resource collection jobs
  • AWS CloudWatch Rules – For rule trigger, scheduler
  • AWS Elastic Search – Primary data store used by the web application
  • AWS RDS – For admin CRUD functionalities
  • AWS S3 – For storing inventory files and persistent storage of historical data
  • AWS Lambda – policy execution

Paladin Cloud installer launches all the above services automatically and configures them.

License

Paladin Cloud is a derivative of T-Mobile’s PacBot project. Paladin Cloud is open-sourced under the terms of section 7 of the Apache 2.0 license and is released AS-IS WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND.