Cloud Security
PR Newswire | October 25, 2023
Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates.
Expanded Enterprise Multicloud Support
Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations.
We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration.
Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment.
"My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches."
In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances.
To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks.
Operationalized Risk Management with ServiceNow and Jira Integrations
It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities.
"With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently."
Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview.
About Lacework
Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.
Read More
Cloud App Management
Business Wire | November 01, 2023
Cohesity, a leader in AI-powered data security and management, today announced the launch of Cohesity SmartFiles on the Snowflake Data Cloud. This new integration enables businesses to derive analytical insights from their on-premises and cloud data while maintaining data sovereignty and meeting compliance requirements.
Snowflake recognizes the critical importance of providing customers with advanced data security and management while mining their data for strategic insights, said Kit Beall, Chief Revenue Officer, Cohesity. As a leader in AI-powered enterprise data security and management, we seek partners equally dedicated to the secure storage and management of customer data. That is why we are delighted to partner with Snowflake to continue delivering innovative and secure solutions that our customers can confidently rely on.
By leveraging the Snowflake Data Cloud, Cohesity is joining Snowflake in mobilizing the world’s data to help organizations reap the benefits of their analytics capabilities without having to move their data to the cloud for analysis. With Cohesity SmartFiles, joint customers can store their data locally in SmartFiles and leverage Snowflake’s analytics capabilities with the flexibility to keep data either on-premises or in the cloud. This integration provides customers with broader access and choice while allowing them to adhere to strict internal policies.
Cohesity SmartFiles augments customers’ cloud-native Snowflake Data Cloud to include on-premises repositories and extends secure access to sensitive local data records. Cohesity SmartFiles also provides a secure platform for consolidating application data that is designed to improve storage efficiency and reduce overall cost of ownership for local Snowflake repositories.
“Cohesity’s commitment to helping Snowflake mobilize the world’s data can be seen through the launch of the SmartFiles integration,” said Tarik Dwiek, Head of Technology Alliances, Snowflake. “We look forward to partnering with Cohesity to allow access to SmartFiles in the cloud or on-premises through Snowflake’s single, integrated platform.”
This collaboration with Snowflake and Cohesity enables joint customers to gain more value from their data while optimizing cost, scale, and efficiency for their Snowflake data.
About Cohesity
Cohesity is a leader in AI-powered data security and management. Aided by an extensive ecosystem of partners, Cohesity makes it easier to protect, manage, and get value from data – across the data center, edge, and cloud. Cohesity helps organizations defend against cybersecurity threats with comprehensive data security and management capabilities, including immutable backup snapshots, AI-based threat detection, monitoring for malicious behavior, and rapid recovery at scale. Cohesity solutions can be delivered as a service, self-managed, or provided by a Cohesity-powered partner. Cohesity is headquartered in San Jose, CA, and is trusted by the world’s largest enterprises, including six of the Fortune 10 and 42 of the Fortune 100.
Read More
Cloud Security
Business Wire | October 27, 2023
Lookout, Inc., the data-centric cloud security company, today announced enhancements to its Lookout Cloud Security Platform that are designed to help organizations better discover, assess and protect their data as it moves across any network, from the endpoint to the cloud. These enhancements provide organizations with a unified solution that will expertly secure their data by maximizing visibility and protecting access across all applications.
The Lookout Cloud Security Platform, the Company’s Security Service Edge (SSE) offering, continuously monitors the risk posture of users and their devices to provide dynamic and granular zero-trust access based on the sensitivity level of apps and data, enabling organizations to protect their workers, devices, applications and data from unauthorized access and modern-day internet-based threats. Services in the platform include: Secure Private Access (ZTNA), Secure Internet Access (SWG) and Secure Cloud Access (CASB).
Lookout’s data-centric cloud security innovation helps safeguard customers’ sensitive information as it moves across networks, clouds, applications and devices:
Discover and onboard all private apps with enterprise app discovery:When it comes to protecting sensitive corporate data, ZTNA offers a far more secure approach compared to traditional VPNs.Unlike VPNs that provide access to the entire network for example, ZTNA offers granular access control, which limits users to specific applications. This reduces the overall attack surface and prevents lateral movement of threats, minimizing the risk of compromised accounts or devices compromising the entire infrastructure.Lookout Secure Private Accessdiscovers and helps onboard private applications running on an organization’s network hosted on-prem or in the cloud, and currently being accessed by a VPN. Using this functionality, IT can now see all private applications being accessed by their users and take steps to seamlessly define and enforce access and data protection policies for these apps.
Extend zero trust protection with firewall as a service:The Lookout Cloud Security Platform has an integrated cloud firewall that extends inspection of incoming and outgoing traffic across all ports and protocols, enabling granular visibility and access control into non-web traffic to stop zero-day threats. With this enhancement, customers can apply more granular security and access policies across all of their apps (web, TCP, UDP, ICMP) and both internet and intranet traffic.
Expand data classification and protection capabilities in Google Drive:Google Labels Classification expands data classification capabilities across the Lookout Cloud Security Platform through an integration with Google Drive labels. This integration helps Lookout customers classify sensitive data with Google Drive labels and enforce security policies based on these labels to protect sensitive data stored in Google Drive’s API mode.
Secure traffic and enforce policies on guest networks and IoT devices:Organizations need visibility and control over all endpoints and users within their network in order to reduce the risk of malware infections and data exfiltration through these channels. Lookout has enhanced traffic inspection capabilities, expanding data and threat protection to guest users of company networks and traffic coming from IoT devices. This helps ensure company networks are not compromised from these access points, thereby preventing data exfiltration.
Advanced threat protection from phishing and zero-day threats:Lookout has enhanced its integration with remote browser isolation (RBI) and cloud sandboxing to improve the user experience and provide robust threat protection for organizations, preventing users from accessing malicious sites and content.
“In today’s digital world, data is the lifeblood of every organization,” said Pete Finalle, Research Manager, IDC. “It is vitally important that organizations protect their data and ensure that it is secure, no matter where it resides or how it is accessed. Lookout's new cloud security features offer greater assurance to IT organizations that their data is safe and their users are protected.”
Lookout continues to innovate the Lookout Cloud Security Platform in ways that strengthen the protection of users and data from security threats and enhance the end-user experience, said Aaron Cockerill, Executive Vice President of Product, Lookout. We are the only vendor that unifies cloud and endpoint security into one platform. With this latest release, Lookout continues to build upon our strategic vision to put data security at the intersection of today’s workplace and modern cybersecurity threats.
About Lookout
Lookout, Inc. is the data-centric cloud security company that delivers zero trust security by reducing risk and protecting data wherever it goes, without boundaries or limits. Our unified, cloud-native platform safeguards corporate data across devices, apps, networks and clouds and is as adaptive and simple as the modern digital world. Lookout is trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter.
Read More