Cloud Security
Business Wire | October 27, 2023
Lookout, Inc., the data-centric cloud security company, today announced enhancements to its Lookout Cloud Security Platform that are designed to help organizations better discover, assess and protect their data as it moves across any network, from the endpoint to the cloud. These enhancements provide organizations with a unified solution that will expertly secure their data by maximizing visibility and protecting access across all applications.
The Lookout Cloud Security Platform, the Company’s Security Service Edge (SSE) offering, continuously monitors the risk posture of users and their devices to provide dynamic and granular zero-trust access based on the sensitivity level of apps and data, enabling organizations to protect their workers, devices, applications and data from unauthorized access and modern-day internet-based threats. Services in the platform include: Secure Private Access (ZTNA), Secure Internet Access (SWG) and Secure Cloud Access (CASB).
Lookout’s data-centric cloud security innovation helps safeguard customers’ sensitive information as it moves across networks, clouds, applications and devices:
Discover and onboard all private apps with enterprise app discovery:When it comes to protecting sensitive corporate data, ZTNA offers a far more secure approach compared to traditional VPNs.Unlike VPNs that provide access to the entire network for example, ZTNA offers granular access control, which limits users to specific applications. This reduces the overall attack surface and prevents lateral movement of threats, minimizing the risk of compromised accounts or devices compromising the entire infrastructure.Lookout Secure Private Accessdiscovers and helps onboard private applications running on an organization’s network hosted on-prem or in the cloud, and currently being accessed by a VPN. Using this functionality, IT can now see all private applications being accessed by their users and take steps to seamlessly define and enforce access and data protection policies for these apps.
Extend zero trust protection with firewall as a service:The Lookout Cloud Security Platform has an integrated cloud firewall that extends inspection of incoming and outgoing traffic across all ports and protocols, enabling granular visibility and access control into non-web traffic to stop zero-day threats. With this enhancement, customers can apply more granular security and access policies across all of their apps (web, TCP, UDP, ICMP) and both internet and intranet traffic.
Expand data classification and protection capabilities in Google Drive:Google Labels Classification expands data classification capabilities across the Lookout Cloud Security Platform through an integration with Google Drive labels. This integration helps Lookout customers classify sensitive data with Google Drive labels and enforce security policies based on these labels to protect sensitive data stored in Google Drive’s API mode.
Secure traffic and enforce policies on guest networks and IoT devices:Organizations need visibility and control over all endpoints and users within their network in order to reduce the risk of malware infections and data exfiltration through these channels. Lookout has enhanced traffic inspection capabilities, expanding data and threat protection to guest users of company networks and traffic coming from IoT devices. This helps ensure company networks are not compromised from these access points, thereby preventing data exfiltration.
Advanced threat protection from phishing and zero-day threats:Lookout has enhanced its integration with remote browser isolation (RBI) and cloud sandboxing to improve the user experience and provide robust threat protection for organizations, preventing users from accessing malicious sites and content.
“In today’s digital world, data is the lifeblood of every organization,” said Pete Finalle, Research Manager, IDC. “It is vitally important that organizations protect their data and ensure that it is secure, no matter where it resides or how it is accessed. Lookout's new cloud security features offer greater assurance to IT organizations that their data is safe and their users are protected.”
Lookout continues to innovate the Lookout Cloud Security Platform in ways that strengthen the protection of users and data from security threats and enhance the end-user experience, said Aaron Cockerill, Executive Vice President of Product, Lookout. We are the only vendor that unifies cloud and endpoint security into one platform. With this latest release, Lookout continues to build upon our strategic vision to put data security at the intersection of today’s workplace and modern cybersecurity threats.
About Lookout
Lookout, Inc. is the data-centric cloud security company that delivers zero trust security by reducing risk and protecting data wherever it goes, without boundaries or limits. Our unified, cloud-native platform safeguards corporate data across devices, apps, networks and clouds and is as adaptive and simple as the modern digital world. Lookout is trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter.
Read More
Cloud Security
Business Wire | November 03, 2023
Sysdig, the leader in cloud security powered by runtime insights, today released at SANS CyberFest 2023 the 5/5/5 Benchmark for Cloud Detection and Response, a new framework that outlines how quickly organizations should detect, triage, and respond to attacks in the cloud. Operating securely in the cloud requires a mindset shift in regard to time, and with that, cloud security programs need to hold themselves to a modernized benchmark: five seconds to detect, five minutes to correlate insights and understand what’s happening, and five additional minutes to respond. Recent findings by the Sysdig Threat Research Team published in the 2023 Global Cloud Threat Report note that, after discovering an exploitable target, malicious actors require less than 10 minutes to execute an attack.
Cloud attacks are swift and sophisticated, requiring robust threat detection and response programs that move at the speed of the cloud. On-premises attacks take 16 days on average and antiquated frameworks challenge security teams to respond to a breach within 60 minutes, which is simply insufficient for the cloud. Bad actors are exploiting the automation and scale of the cloud, along with new techniques, to accelerate all stages of an attack and inflict damage within minutes. The 5/5/5 Benchmark guides organizations to detect and respond to cloud attacks faster than adversaries can complete them.
The Challenge
Detect threats within five seconds.Organizations should be able to gather detection signals from their cloud security tools in real time to ensure visibility into ephemeral assets.
Correlate and triage within five minutes.Teams should be able to gather full context for all correlated signals within five minutes of receiving the first relevant alert.
Initiate a response within five minutes.Organizations should be able to initiate a tactical response within five minutes of confirming that an attack is in progress.
What people are saying
People are always looking for security metrics, especially when the industry evolves into new operating models. We have plenty of 'best practices,' but no real way to quantify cloud security agility — until now, said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig. The 5/5/5 Benchmark, built in partnership with our customers, industry analysts, and the Sysdig Threat Research Team, sets a new standard for operating securely in the cloud.
“As organizations move to the cloud, traditional on-premises security standards become outdated and too slow. In the cloud, both innovation and attacks happen quickly – companies need security tools, processes, and standards designed to operate at the speed of cloud-native environments,” said Phil Bues, Research Manager for IDC Cloud Security.
“I don’t want to know 15 minutes after someone breached my system. I need to know instantly so that we can shut it down before the blast radius expands,” said Kuldeep Tomar, Head of Information Security at India’s leading digital skill games company and 5/5/5 Benchmark Advisor. “To move at the necessary speed, you need to not only be alerted to the right things, but also respond appropriately. Having a benchmark gives us a goal to hold ourselves to.”
About Sysdig
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.
Read More
Cloud Security
PR Newswire | October 25, 2023
Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates.
Expanded Enterprise Multicloud Support
Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations.
We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration.
Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment.
"My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches."
In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances.
To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks.
Operationalized Risk Management with ServiceNow and Jira Integrations
It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities.
"With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently."
Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview.
About Lacework
Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.
Read More