In March of 2020, Cloud Storage Security (CSS) was founded in order to answer a complicated and often-asked question: "How can I ensure the security of the data I store in the cloud?" Three years later, CSS has scanned billions of files totaling petabytes of data, found over 30,000 pieces of malware, and brought peace of mind to hundreds of customers across the world through its malware detection, sensitive data discovery, and storage assessment offerings.
Figure 1 - Timeline of CSS solution improvements and notable accomplishments
Constant Growth and Development
CSS began as a small team of Software Developers and Engineers who worked diligently to create an effective and easy-to-use product that would scan objects in Amazon Simple Storage Service (Amazon S3) for malware, viruses, trojans and worms. In June of 2020, Antivirus for Amazon S3 (AVS3) launched, providing Amazon S3 users with an off-the-shelf solution to scan objects for malicious code using ClamAV. That same month, CSS became an AWS Marketplace Seller, with its commercial pay-as-you-go AVS3 listing.
In September of 2020, CSS earned the AWS Qualified Software Offering designation with AWS approving CSS’ first AWS Foundational Technical Review (FTR). FTR is notable because it applies AWS Well-Architected best practices that help organizations identify and remediate risks in their software or solutions.
To this day, a notable portion of customers who subscribed in 2020 maintain subscriptions in 2023. One of the many companies that find substantial value in AVS3 is ADEC Innovations, whose service aggregates publicly-sourced environmental data into PDF deliverables for their customers. ADEC chose AVS3 in 2020 due to its ease of use and low cost of ownership, and continues to utilize the solution today to ensure their reports are free of malware.
In January of 2021, CSS’ BYOL and GovCloud 30 DAY AWS Marketplace listing launched, enabling CSS deployment inside of AWS GovCloud (US). Support for AWS GovCloud allows AVS3 to be utilized by government agencies and organizations across the United States with specific regulatory and compliance requirements.
In April, CSS integrated Sophos’ advanced virus detection engine into AVS3. This inclusion allowed CSS to provide users with multiple scanning engines, increasing the throughput, accuracy, and versatility of AVS3.
In August, CSS became an AWS Public Sector Partner, which recognizes experience supporting government, space, education, and nonprofit organizations around the world.
In October of 2021, AVS3 enabled users to investigate malicious code through SophosLabs Intelix Static Analysis, which compares the infection a to a list of other malicious code, and Dynamic Analysis, which detonates the file inside a sandbox.
In March, CSS integrated with AWS Security Hub, which allows for consolidated reporting of security findings from CSS and other applications within AWS Security Hub. This is in addition to the robust reporting functionality built into the CSS console.
In June 2022, CSS launched Data Classification for Amazon S3 (DCS3), which leverages the power of Sophos to identify sensitive data across all S3 buckets. Geared towards maintaining data security and regulatory compliance, DCS3 is the result of yet another massive development effort over many months.
CSS earned AWS Security Competency (May) status as well as an AWS Authority to Operate designation (September). Membership in these partner programs demonstrates deep technical expertise in security for AWS as well as support for workloads subject to regulations such as FedRAMP and GDPR.
In December of 2022, CSS released Storage Assessment, which allows organizations to view detailed information about the state of their data within Amazon S3 storage. Charts contain information such as file and bucket distribution, encryption status and total number of objects.
Throughout the year, CSS consistently worked to improve its offering. Enhancements include support for Amazon WorkDocs (July) as well as integrations with Amazon EventBridge (November), AWS Control Tower (December) and AWS CloudTrail Lake (December).
"The most critical moment for us was finishing the product and making our first deal.”, Founder and Board of Directors chair Aaron Newman reflected upon looking back at the earlier days of CSS. “Our latest big deal was 5x bigger than the one before it. This is my fifth company, and it's on track to keep growing and gaining customers with no end in sight."
As CSS' CTO Ed Casmer puts it, "The amount of data in the cloud will continue to grow, and will not stop. We're constantly working on new ways to ensure the safety of storage in the cloud and make our product easier to use while we do it."
CSS’ roadmap includes integrating additional scanning engines as well as support for additional storage services such as Amazon Elastic Block Store (Amazon EBS) and Amazon Elastic File System (EFS). To this day, CSS, as reflected in their core values, strives to innovate in all aspects of their work and consistently produce the best malware detection, data classification, and storage assessment solutions on the market.
Antivirus for Amazon S3 and Data Classification for Amazon S3 are available in AWS Marketplace; Storage Assessment is available with every subscription. Get started with a free trial today and scan 500 GB on us.