Security policy framework for cloud environments

What is claimed is: 1 . A method comprising steps of: responsive to receiving a trigger, fetching one or more policies from a policy catalog service; compiling the one or more policies into a query, wherein each of the one or more policies are compiled into an associated query; executing the query over customer data, the customer data being located in one or more data sources; and persisting results of the query. 2 . The method of claim 1 , wherein the steps further comprise displaying the results to the customer via a Graphical User Interface (GUI). 3 . The method of claim 1 , wherein the results comprise one or more alerts associated with the customer's cloud environment. 4 . The method of claim 1 , wherein the trigger is received based on any of a schedule or receiving some data about a customer's infrastructure. 5 . The method of claim 1 , wherein the query is executed over customer data located in a plurality of data sources. 6 . The method of claim 1 , wherein the one or more policies are compiled into a plurality of different query languages. 7 . The method of claim 1 , wherein the one or more policies are associated with posture control of the customer's cloud environment, and wherein the customer data comprises posture control data. 8 . The method of claim 7 , wherein the posture control data comprises any of assets, identities, network flow logs, activities, and code repositories in the customer's cloud environment. 9 . The method of claim 7 , wherein the results comprise alerts associated with a combination of a misconfiguration and an activity as a risk in the customer's cloud environment. 10 . The method of claim 7 , wherein the cloud environment is any of a run-time cloud environment and a build-time cloud environment. 11 . A non-transitory computer-readable medium comprising instructions that, when executed, cause one or more processors to perform steps of: responsive to receiving a trigger, fetching one or more policies from a policy catalog service; compiling the one or more policies into a query, wherein each of the one or more policies are compiled into an associated query; executing the query over customer data, the customer data being located in one or more data sources; and persisting results of the query. 12 . The non-transitory computer-readable medium of claim 11 , wherein the steps further comprise displaying the results to the customer via a Graphical User Interface (GUI). 13 . The non-transitory computer-readable medium of claim 11 , wherein the results comprise one or more alerts associated with the customer's cloud environment. 14 . The non-transitory computer-readable medium of claim 11 , wherein the trigger is received based on any of a schedule or receiving some data about a customer's infrastructure. 15 . The non-transitory computer-readable medium of claim 11 , wherein the query is executed over customer data located in a plurality of data sources. 16 . The non-transitory computer-readable medium of claim 11 , wherein the one or more policies are compiled into a plurality of different query languages. 17 . The non-transitory computer-readable medium of claim 11 , wherein the one or more policies are associated with posture control of the customer's cloud environment, and wherein the customer data comprises posture control data. 18 . The non-transitory computer-readable medium of claim 17 , wherein the posture control data comprises any of assets, identities, network flow logs, activities, and code repositories in the customer's cloud environment. 19 . The non-transitory computer-readable medium of claim 17 , wherein the results comprise alerts associated with a combination of a misconfiguration and an activity as a risk in the customer's cloud environment. 20 . The non-transitory computer-readable medium of claim 17 , wherein the cloud environment is any of a run-time cloud environment and a build-time cloud environment.