Xcloud September Release Note

table of contents

We are extremely excited here at Colortokens to announce our latest Xcloud update. We continue to improve our platform to ensure that you can secure your cloud as efficiently as possible.

In this article, you will find a list of some of our most useful features and enhancements that are now available for you to use.


We are thrilled to announce our partnership with the Center for Internet Security (CIS). In this release Xcloud is certified by CIS for the following security benchmarks:

  • CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 1
  • CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 2
  • CIS Google Cloud Platform Foundation Benchmark v1.3.0, Level 1
  • CIS Google Cloud Platform Foundation Benchmark v1.3.0, Level 2
  • CIS Microsoft Azure Foundations Benchmark v1.4.0, Level 1
  • CIS Microsoft Azure Foundations Benchmark v1.4.0, Level 2

See https://www.cisecurity.org/partner/colortokens for our full listing of CIS-validated benchmarks.

Filtering for Resources and Compliance: Filters allow users and teams to quickly analyze large volumes of data without having to use complex queries or special syntax. When you filter your Resource or Compliance data only matching rows will be displayed.

CVE Global Search: Locate vulnerabilities anywhere in your multi-cloud environment by CVE-ID or keyword.

Role Based Access Control: Now admins can restrict access to sensitive resources by user, role, and access level to resources (cloud, account, subscription, project, etc.). Here is how it works:

1. A user is granted a role that controls what actions that user can perform.


2. A user is authorized to access a specific set of resources. (All of AWS, One GCP Project)


3. When a user attempts to perform an action on a resource (download a report, add a cloud account), their assigned role is checked, along with their authorized resources to ensure that they are allowed to take the desired action, and allowed access to the requested resource. Only if both are permitted are they allowed to complete the requested task.

All capabilities such as Filtering, or Reporting respect assigned Roles and Resources. Users with no authorization for a set of resources, called Compartments in Xcloud, will not see these resources within Xcloud and can not access any data about them.

This supports use cases where different teams or individuals are responsible for the security of different cloud or accounts. For example, one user can be granted access via RBAC to manage all AWS resources, but not see Azure resources while a second user can be granted read-only access to all cloud resources.

Data Export: We’ve added the capability to export data to spreadsheets on our Resource and Compliance screens. Use filters to narrow down your data on screen and then use export to get a spreadsheet of exactly what you see online for offline use and analysis. All data exports honor the user’s role and access to resources (RBAC).


Downloadable Resource Reports: We’ve added the ability to download an interactive HTML report that contains all the details on the security findings Xcloud discovered for the resource.