Platform capabilities

Everything you need to secureyour cloud posture

From first scan to audit-ready compliance report — Nexora covers the full lifecycle of cloud security posture management.

Scanning

Deep Huawei Cloud coverage, one console

Connect your Huawei Cloud environment with read-only credentials. Nexora's background scan engine checks 80+ security controls across 16 resource types, surfacing misconfigurations in near real time. AWS, Azure, and GCP support is on the roadmap.

  • ECS & CCE — Compute instance and container security configuration
  • IAM — User policies, MFA enforcement, key rotation, privilege review
  • OBS — Object storage bucket ACLs, encryption, public access
  • VPC & Security Groups — Network exposure, unrestricted inbound/outbound rules
  • RDS & DCS — Database encryption, backup retention, access controls
  • WAF, ELB & HSS — Web application firewall, load balancer TLS, host security
  • CBR, EVS & DMS Kafka — Backup policies, volume encryption, messaging security
  • Logging & Monitoring — CTS tracker, LTS log retention, alarm coverage

Active Cloud Connections

Huawei Cloud — Production

ap-southeast-1

82

Healthy

Huawei Cloud — Staging

cn-north-4

67

Warning

Compliance Report — ISO 27001

78%

Compliance score

Passed 91
Failed 26
Manual 12
A.6 — Organisation of information security 85%
A.8 — Asset management 92%
A.9 — Access control 71%
A.12 — Operations security 68%
A.16 — Incident management 55%
Compliance

Audit-ready compliance, automatically

Stop manually mapping findings to compliance controls. Nexora does it for you — continuously tracking your posture against ISO 27001 and other frameworks, so you're always audit-ready.

  • ISO 27001:2022 — full annex A mapping
  • NIST 800-53 — comprehensive control coverage
  • SOC 2 Type II mapping
  • Thai BOT IT Circular — built for SEA financial sector
  • Thai PDPA — data protection compliance
  • Historical trend tracking
Findings

Findings that tell you what to fix first

Not all misconfigurations are equal. Nexora scores findings by severity so engineers spend time on what matters, not noise.

Severity scoring

Risk-based prioritisation

Remediation guidance

Step-by-step fix instructions

Suppression

With justification & expiry

Open findings 15 active

OBS bucket ACL allows public read

Huawei Cloud · J.Chen · 2h ago
CRITICAL

Root account MFA not enabled

Huawei Cloud · Unassigned · 1d ago
CRITICAL

Security group allows SSH from 0.0.0.0/0

Huawei Cloud · M.Lim · 3h ago
HIGH

CTS tracker logging disabled

Huawei Cloud · J.Chen · 5h ago
HIGH

ECS instance IMDSv1 enabled

Huawei Cloud · Unassigned · 12h ago
MEDIUM
A

Admin

Full platform access, billing, and org management.

C

Cloud Engineer

View findings, assign remediation, track resolution.

C

Compliance Officer

Compliance dashboards, reports, audit evidence.

P

Partner

Read-only access to client org data for MSSPs.

Access Control

Enterprise SSO and RBAC

Nexora is built for enterprise from day one. Role-based access control with four purpose-built roles, and SSO via WorkOS means you can plug into Okta, Azure AD, or any SAML-compatible provider in minutes.

  • WorkOS SSO — Okta, Azure AD, Google Workspace
  • SAML 2.0 and OIDC support
  • Org-level and environment-scoped permissions
  • Immutable audit log

See it live in your cloud

Get in touch and we'll walk through how Nexora fits your environment.

Contact Us Sign In