Cloud Infrastructure Management
Lacework | September 25, 2023
Lacework, the data-driven cloud security firm, has been selected by TSB Bank, a prominent British banking institution, to safeguard its cloud infrastructure. TSB Bank's decision to choose Lacework as its cloud security provider demonstrates its commitment to protecting sensitive data and ensuring the highest level of security for its customers. With Lacework's expertise in data-driven security solutions, TSB Bank can confidently rely on their cloud infrastructure being safeguarded against potential threats and vulnerabilities.
TSB's Chief Information Security Officer, Paul Branley, expressed his excitement about the development, stating that the Lacework Polygraph data platform would transform the way their security teams operate. He mentioned that it would enable their developers to concentrate on value-added tasks while also substantially reducing security alerts.
TSB, a longstanding player in the banking sector with over two centuries of heritage, is serving over five million customers through various channels, including digital, phone, and branches across the UK. With a growing digital business, TSB needed a unified cloud security platform to support its multi-cloud landscape. Lacework will facilitate secure and innovative cloud scaling, eliminating vulnerabilities across various cloud configurations and applications.
Andreas Schneider, Field-CISO at Lacework, reportedly mentioned,
Partnering with Lacework, TSB will be able to reduce complexity in their tool landscape, and our anomaly detection will allow them to embed security at any speed and scale."
[Source – Cision PR Newswire]
Lacework's platform will enable TSB to automate audit and compliance processes while seamlessly integrating into DevOps and CI/CD pipelines, ensuring security acts as an enabler of innovation velocity. The adoption of Lacework’s technology by TSB Bank may entail integration challenges, risks related to automation, and uncertainties about real-world effectiveness that could affect TSB's security strategy. TSB Bank's selection of Lacework promises improved cloud security, enhanced developer focus, and support for its multi-cloud landscape, with automation and integration into DevOps pipelines to boost innovation.
About Lacework
Lacework, a leading cloud security company, offers innovative and scalable solutions for robust cloud security. Their flagship product, the Polygraph Data Platform, automates security processes, providing comprehensive risk insights for security and development teams. Lacework's unique ability to analyze data across AWS, Azure, GCP, and Kubernetes environments is a significant advantage for businesses worldwide. Founded in 2015 and headquartered in Mountain View, California, Lacework excels in breach detection, audit and compliance, and container security.
Read More
Cloud Security
Aviatrix | October 13, 2023
Aviatrix, a leading provider of secure cloud networking solutions, unveiled the results of a comprehensive technical assessment conducted by TechTarget's Enterprise Strategy Group, highlighting the efficacy of its revolutionary distributed cloud firewall in fortifying cloud-based cybersecurity. The report underscores the growing need for a simplified and comprehensive security architecture to safeguard applications on public cloud infrastructure as organizations increasingly leverage multiple cloud providers.
According to the evaluation, the Aviatrix Distributed Cloud Firewall significantly reduces the complexity of securing public cloud infrastructure, streamlining crucial aspects such as threat blocking, policy definition, enforcement, and microsegmentation. This is a significant development considering the challenges posed by traditional firewalls that struggle to adapt to the dynamic nature of cloud computing.
Alex Arcilla, Senior Validation Analyst at Enterprise Strategy Group, reportedly remarked,
Many organizations are still working with traditional data center network firewalls that have been virtualized to work in the public cloud, and they're now finding that they're saddled with the same – if not more – challenges than they faced when deploying firewalls on premises.
[Source – Cision PR Newswire]
Aviatrix's innovative Distributed Cloud Firewall, a key offering within its Secure Cloud Networking suite, revolutionizes network security in the cloud by enabling distributed inspection and enforcement. This approach enhances security, scalability, and agility while substantially reducing costs. Notably, the distributed architecture allows for a cost reduction of over 30% while delivering a 14-fold increase in aggregate security throughput compared to conventional, centralized firewall architectures commonly adapted for cloud environments.
It was proven that the Aviatrix Distributed Cloud Firewall can create a zero-trust security posture in multicloud environments by protecting the current perimeter, locking down environments with policy configurations based on cloud resource attributes and tags, and filtering traffic from one service to another. These features ensure comprehensive security measures for east-west service-to-service traffic within cloud environments and internet egress traffic.
Rod Stuhlmuller, the Vice President of Solutions Marketing at Aviatrix, emphasized that the introduction of Aviatrix's Distributed Cloud Firewall earlier that year had signaled the beginning of a new era for cloud network security. He further noted that customers were rapidly embracing this solution. Additionally, he highlighted that the technical analysis by Enterprise Strategy Group underscored the value that Aviatrix was providing to enterprises struggling with contemporary cloud security challenges and associated expenses.
However, the Aviatrix Distributed Cloud Firewall, with its intricate functionalities and sophisticated network security configurations, may present a considerable obstacle for users less familiar with such intricate setups. Consequently, the successful deployment of this firewall may require the involvement of specialized experts to ensure its optimal performance. Moreover, the initial financial investment and the intricacies involved in the integration process of the Aviatrix Distributed Cloud Firewall may create barriers for smaller organizations, potentially limiting their access to the advantages it offers.
Notwithstanding these challenges, the Aviatrix Distributed Cloud Firewall effectively addresses the continually changing security requirements of modern cloud environments. It presents a seamless and cost-effective solution for establishing comprehensive cybersecurity measures within a cloud-based infrastructure, thereby enhancing the overall security posture and minimizing potential risks.
About Aviatrix
Aviatrix, a Santa Clara-based software development firm, caters to a global clientele of over 500 companies, providing secure cloud networking solutions that foster innovation and cost control. Its pioneering Aviatrix Certified Engineer (ACE) Program facilitates digital transformation for businesses. Specializing in hybrid cloud networking, VPC peering, and cloud security, Aviatrix is recognized for its expertise in simplifying and streamlining networking architectures across multiple cloud service providers.
Read More
Cloud Security
Business Wire | November 03, 2023
Sysdig, the leader in cloud security powered by runtime insights, today released at SANS CyberFest 2023 the 5/5/5 Benchmark for Cloud Detection and Response, a new framework that outlines how quickly organizations should detect, triage, and respond to attacks in the cloud. Operating securely in the cloud requires a mindset shift in regard to time, and with that, cloud security programs need to hold themselves to a modernized benchmark: five seconds to detect, five minutes to correlate insights and understand what’s happening, and five additional minutes to respond. Recent findings by the Sysdig Threat Research Team published in the 2023 Global Cloud Threat Report note that, after discovering an exploitable target, malicious actors require less than 10 minutes to execute an attack.
Cloud attacks are swift and sophisticated, requiring robust threat detection and response programs that move at the speed of the cloud. On-premises attacks take 16 days on average and antiquated frameworks challenge security teams to respond to a breach within 60 minutes, which is simply insufficient for the cloud. Bad actors are exploiting the automation and scale of the cloud, along with new techniques, to accelerate all stages of an attack and inflict damage within minutes. The 5/5/5 Benchmark guides organizations to detect and respond to cloud attacks faster than adversaries can complete them.
The Challenge
Detect threats within five seconds.Organizations should be able to gather detection signals from their cloud security tools in real time to ensure visibility into ephemeral assets.
Correlate and triage within five minutes.Teams should be able to gather full context for all correlated signals within five minutes of receiving the first relevant alert.
Initiate a response within five minutes.Organizations should be able to initiate a tactical response within five minutes of confirming that an attack is in progress.
What people are saying
People are always looking for security metrics, especially when the industry evolves into new operating models. We have plenty of 'best practices,' but no real way to quantify cloud security agility — until now, said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig. The 5/5/5 Benchmark, built in partnership with our customers, industry analysts, and the Sysdig Threat Research Team, sets a new standard for operating securely in the cloud.
“As organizations move to the cloud, traditional on-premises security standards become outdated and too slow. In the cloud, both innovation and attacks happen quickly – companies need security tools, processes, and standards designed to operate at the speed of cloud-native environments,” said Phil Bues, Research Manager for IDC Cloud Security.
“I don’t want to know 15 minutes after someone breached my system. I need to know instantly so that we can shut it down before the blast radius expands,” said Kuldeep Tomar, Head of Information Security at India’s leading digital skill games company and 5/5/5 Benchmark Advisor. “To move at the necessary speed, you need to not only be alerted to the right things, but also respond appropriately. Having a benchmark gives us a goal to hold ourselves to.”
About Sysdig
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.
Read More
Cloud Security
Business Wire | October 27, 2023
Lookout, Inc., the data-centric cloud security company, today announced enhancements to its Lookout Cloud Security Platform that are designed to help organizations better discover, assess and protect their data as it moves across any network, from the endpoint to the cloud. These enhancements provide organizations with a unified solution that will expertly secure their data by maximizing visibility and protecting access across all applications.
The Lookout Cloud Security Platform, the Company’s Security Service Edge (SSE) offering, continuously monitors the risk posture of users and their devices to provide dynamic and granular zero-trust access based on the sensitivity level of apps and data, enabling organizations to protect their workers, devices, applications and data from unauthorized access and modern-day internet-based threats. Services in the platform include: Secure Private Access (ZTNA), Secure Internet Access (SWG) and Secure Cloud Access (CASB).
Lookout’s data-centric cloud security innovation helps safeguard customers’ sensitive information as it moves across networks, clouds, applications and devices:
Discover and onboard all private apps with enterprise app discovery:When it comes to protecting sensitive corporate data, ZTNA offers a far more secure approach compared to traditional VPNs.Unlike VPNs that provide access to the entire network for example, ZTNA offers granular access control, which limits users to specific applications. This reduces the overall attack surface and prevents lateral movement of threats, minimizing the risk of compromised accounts or devices compromising the entire infrastructure.Lookout Secure Private Accessdiscovers and helps onboard private applications running on an organization’s network hosted on-prem or in the cloud, and currently being accessed by a VPN. Using this functionality, IT can now see all private applications being accessed by their users and take steps to seamlessly define and enforce access and data protection policies for these apps.
Extend zero trust protection with firewall as a service:The Lookout Cloud Security Platform has an integrated cloud firewall that extends inspection of incoming and outgoing traffic across all ports and protocols, enabling granular visibility and access control into non-web traffic to stop zero-day threats. With this enhancement, customers can apply more granular security and access policies across all of their apps (web, TCP, UDP, ICMP) and both internet and intranet traffic.
Expand data classification and protection capabilities in Google Drive:Google Labels Classification expands data classification capabilities across the Lookout Cloud Security Platform through an integration with Google Drive labels. This integration helps Lookout customers classify sensitive data with Google Drive labels and enforce security policies based on these labels to protect sensitive data stored in Google Drive’s API mode.
Secure traffic and enforce policies on guest networks and IoT devices:Organizations need visibility and control over all endpoints and users within their network in order to reduce the risk of malware infections and data exfiltration through these channels. Lookout has enhanced traffic inspection capabilities, expanding data and threat protection to guest users of company networks and traffic coming from IoT devices. This helps ensure company networks are not compromised from these access points, thereby preventing data exfiltration.
Advanced threat protection from phishing and zero-day threats:Lookout has enhanced its integration with remote browser isolation (RBI) and cloud sandboxing to improve the user experience and provide robust threat protection for organizations, preventing users from accessing malicious sites and content.
“In today’s digital world, data is the lifeblood of every organization,” said Pete Finalle, Research Manager, IDC. “It is vitally important that organizations protect their data and ensure that it is secure, no matter where it resides or how it is accessed. Lookout's new cloud security features offer greater assurance to IT organizations that their data is safe and their users are protected.”
Lookout continues to innovate the Lookout Cloud Security Platform in ways that strengthen the protection of users and data from security threats and enhance the end-user experience, said Aaron Cockerill, Executive Vice President of Product, Lookout. We are the only vendor that unifies cloud and endpoint security into one platform. With this latest release, Lookout continues to build upon our strategic vision to put data security at the intersection of today’s workplace and modern cybersecurity threats.
About Lookout
Lookout, Inc. is the data-centric cloud security company that delivers zero trust security by reducing risk and protecting data wherever it goes, without boundaries or limits. Our unified, cloud-native platform safeguards corporate data across devices, apps, networks and clouds and is as adaptive and simple as the modern digital world. Lookout is trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter.
Read More