Prancer: Cloud Security Validation—at Scale

Follow Prancer on :

Farshid Mahdavipour, Founder, PrancerFarshid Mahdavipour, Founder
As the pandemic continues to relentlessly change consumer behavior, businesses are obligated to embrace cloud technologies faster, more strategically, and at scale. They are looking for reliable ways to build resources in the cloud environment to align well with the new normal. However, the rapid provisioning and deployment of enterprise resources to the cloud makes it cumbersome for security operators to oversee all the details involved, resulting in several security compromises—both in pre-deployment and post-deployment phases.

To this end, Prancer offers a multi-cloud validation framework that provides security operators with the right tools to ensure cloud compliance and mitigate security challenges during various stages of cloud deployment. As the founder of Prancer, Farshid Mahdavipour, says, “We have designed our solution to allow security operators to enforce compliance throughout the entire cloud lifecycle by helping them validate and verify cloud implementation before and after the deployment.”

Prancer’s pre-deployment and post-deployment validation framework primarily serves as a plug-and-play SaaS solution. It easily integrates into the clients’ current DevSecOps process to enforce compliance on Infrastructure-as-Code (IaC). Clients can use the solution to do static code analysis during the pre-deployment phase of the IaC, allowing them to detect and resolve all possible security threats. Being able to connect to multiple cloud providers such as Microsoft Azure, Amazon AWS, and Google cloud, the Prancer framework enables clients to ensure cloud compliance, security, and validation.

“Our solution has the ability to read out the configuration attributes from any parameter file or automation framework and use it as a blueprint to compare clients’ configuration values.
By reading out the values from their cloud provisioning engine and comparing it to the deployed resources, it validates the implementation and find out any configuration drift,” adds Mahdavipour.

We have designed our solution to allow security operators to enforce compliance throughout the entire cloud lifecycle by helping them validate and verify cloud implementation before and after the deployment

Equipped with pre-built industry compliance tests such as HIPPA, PCI, and SCI, to name a few, Prancer’s cloud validation framework automatically initiates a compliance scan of the clients’ IaC and cloud-deployed resources. According to clients’ varying needs, the company’s robust solution can be easily tailored on-demand—either by adding, removing, or altering policies. In addition, Prancer provides a suite of powerful tools and best practices to help clients keep their IaC pipeline secure while ensuring continuous security monitoring through the available cloud scanners.

With such a powerful value proposition, Prancer has revolutionized the cloud security, compliance, and validation landscape. The company’s powerful solution augments and automates the entire cloud adoption process by eliminating the need for any human intervention to validate and verify cloud resources. Going forward, Prancer envisions enhancing its solution’s capabilities further by updating new policies and adding more compliance tests, allowing it to align with the new regulations. The innovation labs at Prancer are working toward collaborating with a few enterprises, including Oracle, IBM, and more. In terms of geographical expansion, the company is planning to pivot more toward the U.S. markets while looking to extend its footprints to other markets as well.

“Cloud is no more a need, but a necessity. As such, we strive to make the cloud technology more secure and versatile for allowing businesses to add more value to their operations,” concludes Mahdavipour.
Share this Article:


San Diego, CA

Farshid Mahdavipour, Founder

Prancer is an end-to-end cloud security platform that empowers developers and promotes shift-left and Security as Code strategies. It integrates into client’s current DevOps process to apply the required guardrails in place. It helps shift security to the left and ensures security guardrails are applied through the lifecycle of the cloud.