What is
Moon Cloud?
The platform for continuous compliance assessment and assurance evaluation of ICT applications and infrastructures.
It enables infrastructure/application owners to have a complete verification of their services during operation. Though generic, it mainly targets cybersecurity and AI/ML assurance.
Why Moon Cloud?
Cybersecurity often depend on layers that are neither visible nor accessible.
Opacity reduces users’ trust in modern ICT systems.
Moon Cloud is a non-intrusive platform for compliance assessment and assurance evaluation that brings transparency to the whole ICT application/infrastructure.
Like moonlight it lets you see through the cloud without dissipating it like sunlight would do
Transparency and Trustworthiness
Makes the system transparent (including the ones based on AI/ML) allowing inspection, audit etc.
Increases trustworthiness attracting customers
Compliance to Standards
Makes applications compliant to Cybersecurity, AI and Data protection standards providing a better control.
Centralized Governance
Faster Reaction to disaster.
Coherent global overview of the non-functional posture of your ICT infrastructure
Assurance vs. Cybersecurity
Cybersecurity: a way to actively protect assets (data and applications) by internal and external threats and attacks, to provide an environment where customers interact in a secure way.
Assurance: the way to gain justifiable confidence that infrastructure and/or applications will consistently demonstrate one or more non-functional properties, and operationally behave as expected.
Security includes mechanisms necessary to provide a given security property (e.g., encryption, access control…)
The notion of assurance instead complements the one of security by providing methodologies for collecting and analyzing evidence that can prove or refute security properties (e.g., audit, certification, compliance techniques…).
How it Works
Moon Cloud inspects and evaluates the compliance of modern ICT systems using distributed probes, which implement deep analyzers called controls.
Moon Cloud provides a platform for the definition and execution of such controls.
Moon Cloud users:
1 – Connect to Dashboard
2 – Describe the system to be evaluate (targets inventory)
3 – Select/design and configure/deploy controls to be executed on the target system
4 – Schedule the execution of controls
5 – Access compliance evaluation results at different levels of detail through the dashboard
6 – Receive notifications in case of issues and the relative recommendations to solve them.
Why Choose Us
A centralized intuitive solution to govern cybersecurity compliance of your ICT infrastructure
Modern ICT Infrastructure
Specific controls for public clouds (e.g., AWS)
Support for ad-hoc controls for on-premises infrastructures
Compliance rules for relevant standards (e.g., Agid, GDPR, NIST, ACN, NIS2)
Threat monitoring based on VA/PT controls
AI/ML Based Applications
AI/ML specific controls monitoring models at runtime
Compliance of the ML development process (e.g., CapAI, ALTAI)
Assurance monitoring of AI/ML performance
Edge Cloud Continuum
Large-scale evaluation of continuum infrastructures composed of heterogeneous devices and domains
Lightweight controls for IoT devices
Controls for 5G core networks and edge nodes
Characteristics
Based on Models and Evidence
Scientifically validated models and collection of concrete evidence to support trust
Fully automatic and customizable
Fully customizable and ad hoc compliance based on business needs
Address Multilayers
Allows deep dive in the hidden layers affecting cybersecurity
Continuous Evaluations
Non invasive continuous monitoring and testing for compliance
Non-Tamperable System
Secure collection of evidence via non-tamperable probes
Assess Systems based on AI/ML
Deep inspect on AI/ML based systems and models.
Supported Standards
Following some of the supported standards… many more coming soon
What are you waiting for?
Ready to Govern Compliance and Cybersecurity of your system?
Our Team
A unique cocktail of technical expertise, creativity, and deep scientific insights.
Ernesto Damiani
CEO
Full Professor, Senior Director of the Khalifa University Center for Cyber Physical Systems
Marco Anisetti
CTO
Full Professor, Service and Cloud Certification expert. Cybersecurity in IoT expert
Claudio Ardagna
R&D
Full Professor, AI and ML Certification and Compliance expert. Big Data and privacy expert
Valerio Bellandi
R&D
Professor, LLM and recommender system expert, systems administration expert
Filippo Gaudenzi
Chief Developer
Ph.D. Full stack developer, cloud services and deployment technology experts
Our work in numbers
Long experience in R&D
Projects funded
+15
REceived Funds
+20M
experience
+25y
controls
+50
Explore Our Blog
Assurance of ML applications
The widespread use of machine learning (ML) for advanced[…]
What is Compliance
Compliance refers to the act of adhering to or[…]
What is Assurance
Assurance is the way to gain justifiable confidence that[…]
Contact us
SpinOff – Università degli Studi di Milano – founded in 2017
