Cloud Security
Business Wire | October 27, 2023
Lookout, Inc., the data-centric cloud security company, today announced enhancements to its Lookout Cloud Security Platform that are designed to help organizations better discover, assess and protect their data as it moves across any network, from the endpoint to the cloud. These enhancements provide organizations with a unified solution that will expertly secure their data by maximizing visibility and protecting access across all applications.
The Lookout Cloud Security Platform, the Company’s Security Service Edge (SSE) offering, continuously monitors the risk posture of users and their devices to provide dynamic and granular zero-trust access based on the sensitivity level of apps and data, enabling organizations to protect their workers, devices, applications and data from unauthorized access and modern-day internet-based threats. Services in the platform include: Secure Private Access (ZTNA), Secure Internet Access (SWG) and Secure Cloud Access (CASB).
Lookout’s data-centric cloud security innovation helps safeguard customers’ sensitive information as it moves across networks, clouds, applications and devices:
Discover and onboard all private apps with enterprise app discovery:When it comes to protecting sensitive corporate data, ZTNA offers a far more secure approach compared to traditional VPNs.Unlike VPNs that provide access to the entire network for example, ZTNA offers granular access control, which limits users to specific applications. This reduces the overall attack surface and prevents lateral movement of threats, minimizing the risk of compromised accounts or devices compromising the entire infrastructure.Lookout Secure Private Accessdiscovers and helps onboard private applications running on an organization’s network hosted on-prem or in the cloud, and currently being accessed by a VPN. Using this functionality, IT can now see all private applications being accessed by their users and take steps to seamlessly define and enforce access and data protection policies for these apps.
Extend zero trust protection with firewall as a service:The Lookout Cloud Security Platform has an integrated cloud firewall that extends inspection of incoming and outgoing traffic across all ports and protocols, enabling granular visibility and access control into non-web traffic to stop zero-day threats. With this enhancement, customers can apply more granular security and access policies across all of their apps (web, TCP, UDP, ICMP) and both internet and intranet traffic.
Expand data classification and protection capabilities in Google Drive:Google Labels Classification expands data classification capabilities across the Lookout Cloud Security Platform through an integration with Google Drive labels. This integration helps Lookout customers classify sensitive data with Google Drive labels and enforce security policies based on these labels to protect sensitive data stored in Google Drive’s API mode.
Secure traffic and enforce policies on guest networks and IoT devices:Organizations need visibility and control over all endpoints and users within their network in order to reduce the risk of malware infections and data exfiltration through these channels. Lookout has enhanced traffic inspection capabilities, expanding data and threat protection to guest users of company networks and traffic coming from IoT devices. This helps ensure company networks are not compromised from these access points, thereby preventing data exfiltration.
Advanced threat protection from phishing and zero-day threats:Lookout has enhanced its integration with remote browser isolation (RBI) and cloud sandboxing to improve the user experience and provide robust threat protection for organizations, preventing users from accessing malicious sites and content.
“In today’s digital world, data is the lifeblood of every organization,” said Pete Finalle, Research Manager, IDC. “It is vitally important that organizations protect their data and ensure that it is secure, no matter where it resides or how it is accessed. Lookout's new cloud security features offer greater assurance to IT organizations that their data is safe and their users are protected.”
Lookout continues to innovate the Lookout Cloud Security Platform in ways that strengthen the protection of users and data from security threats and enhance the end-user experience, said Aaron Cockerill, Executive Vice President of Product, Lookout. We are the only vendor that unifies cloud and endpoint security into one platform. With this latest release, Lookout continues to build upon our strategic vision to put data security at the intersection of today’s workplace and modern cybersecurity threats.
About Lookout
Lookout, Inc. is the data-centric cloud security company that delivers zero trust security by reducing risk and protecting data wherever it goes, without boundaries or limits. Our unified, cloud-native platform safeguards corporate data across devices, apps, networks and clouds and is as adaptive and simple as the modern digital world. Lookout is trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter.
Read More
Cloud Security
Avanade | November 06, 2023
Avanade launches an AI-based platform, "Avanade Cloud Impact", to unlock up to 50% of cloud spend.
The platform generates insights on IT estate risks and opportunities by analyzing cloud consumption patterns.
Avanade offers a free cost optimization workshop to clients interested in adopting an AI-first approach.
Avanade, a leading Microsoft solutions provider, launches a new platform, ‘Avanade Cloud Impact’, designed to help businesses establish an AI-ready digital core and unlock funding for innovation. The platform uses AI and machine learning to analyze industry, business, and technical data sources, providing tailored modernization insights for companies on their cloud journey. It has already saved Avanade clients up to 50% of their cloud spend.
The platform works by analyzing cloud consumption patterns and comparing them with various data sources to generate insights on a wide range of risks and opportunities across an IT estate. These insights can include modernization recommendations and cost-benefit analyses. Avanade Cloud Impact can deliver information about data egress cost spikes, application redesign options, and achieve up to 50% cloud cost savings while quantifying sustainability benefits, all without the need to make any code changes.
Andrew Stahel, Regional Applications and Infrastructure Solution Area Lead, Avanade Australia, emphasized the importance of AI in today's business environment and the need for businesses to rethink what the cloud can do for them. He expressed excitement about the potential of the Avanade Cloud Impact platform to help Australian businesses harness the true potential of AI by strengthening their digital core.
Merrie Williamson, CVP, Azure Infrastructure, Digital and App Innovation, Microsoft, also expressed enthusiasm about the new platform and its ability to provide deep insights and recommendations that accelerate value for Azure customers.
While Avanade's new platform, ‘Avanade Cloud Impact’, promises to unlock up to 50% of a business's cloud spend and provide tailored modernization insights, it does come with potential drawbacks. The platform's effectiveness is heavily dependent on the quality and accuracy of the data it analyzes, and incorrect or incomplete data could lead to misleading insights. Additionally, there may be a learning curve associated with understanding and effectively utilizing the insights generated by the platform. Furthermore, the platform might not be suitable for all types of businesses, particularly those with unique or complex cloud consumption patterns.
However, the benefits of the platform are significant. It can lead to substantial cost savings and help businesses make informed decisions on their cloud journey. The use of AI and machine learning allows the platform to handle large amounts of data and provide comprehensive insights. Plus, Avanade offers a free introductory cost optimization workshop, providing additional support for businesses adopting an AI-first approach.
Read More
Cloud Security
PR Newswire | October 25, 2023
Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates.
Expanded Enterprise Multicloud Support
Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations.
We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration.
Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment.
"My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches."
In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances.
To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks.
Operationalized Risk Management with ServiceNow and Jira Integrations
It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities.
"With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently."
Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview.
About Lacework
Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.
Read More