Connect with us

Cloud

SentinelOne Transforms Cloud Security for AWS Customers

Published

on

Brian Lanigan, Senior Vice President, Global Ecosystem, SentinelOne

Cloud security balances an organization’s drive to transform digitally and the need to secure a dynamic and fluid environment in an ever-evolving threat landscape. Ephemeral cloud environments such as serverless containers may be short-lived, but they present a real and growing security risk, and attackers can wreak havoc if they are unprotected. SentinelOne, a global leader in AI-powered security, today announced the launch of Singularity Cloud Workload Security for Serverless Containers.

This new offering provides real-time, AI-powered protection to secure containerized workloads running on AWS Fargate for Amazon ECS and Amazon EKS. “As a long-time and strategic Amazon Partner Network member, we are committed to delivering market-leading innovations through simple integrations that enable customers to improve their security outcomes and change the game,” said Brian Lanigan, Senior Vice President, Global Ecosystem, SentinelOne.

Ephemeral containerised workloads running on AWS Fargate allow rapid scale and deployment to refresh environments, offering business and technical agility. However, their short-lived nature does not automatically mean they are secure. While these resources may only live for minutes, attackers can compromise within seconds and look for opportunities to move to higher-value, longer-living resources ahead of the ephemeral resource being deleted. Adversaries can also gain an initial foothold elsewhere in a cloud environment and pivot to serverless container resources to conduct attacks, such as crypto-mining.

Ely Kahn, Vice President, Product Management, Cloud Security, SentinelOne

Ely Kahn, Vice President, Product Management, Cloud Security, SentinelOne

“Enterprises of all sizes are increasingly moving toward serverless infrastructure services to accelerate innovation at scale, and these resources must be protected,” said Ely Kahn, Vice President, Product Management, Cloud Security, SentinelOne. “With AWS Fargate, developers can focus on building applications without managing servers and get ideas into production more quickly, and with SentinelOne, they can be sure they do so securely.”

Singularity Cloud Workload Security for Serverless Containers is AI-powered runtime protection that leverages five autonomous detection engines to detect runtime threats like ransomware, zero-days, and file-less exploits in real-time and streamline machine-speed response actions. AWS customers can now protect their containerized workloads however they are launched, from Amazon EC2 to AWS Fargate.

Cloud Workload Security is part of SentinelOne’s cloud security portfolio, which includes Singularity Cloud Native Security and Singularity Cloud Data Security. The solution sits on top of the Singularity Platform and Singularity Data Lake, delivering the most comprehensive CNAPP in the market. SentinelOne’s Singularity Platform protects the entire enterprise across every endpoint, identity, and workload on every cloud. The unified, intelligent platform ingests data from any source and applies advanced AI and machine learning to normalize, consolidate, and contextualize insights in a single, powerful data lake. Through simple integration, relevant AWS logs, including AWS CloudTrail and AWS Security Hub, can also be ingested.

The Singularity Platform is supercharged with the power of Purple AI, an advanced generative AI security analyst that provides autonomous SecOps tools designed to radically accelerate security teams’ threat hunting and investigations, reduce Mean Time to Response, and deliver complete end-to-end AI-powered enterprise security to stay ahead of attacks. “Detecting attacks is only one part of the security equation,” Kahn said. “By combining SentinelOne’s agent and agentless capabilities with the power of Purple AI, security teams can now more automatically hunt for, triage, and investigate these attacks using the power of Purple AI’s natural language translation, summarization, and guided hunting capabilities.”

Singularity Cloud Workload Security support for Fargate EKS is generally available now, and support for Fargate ECS is available to early adopters.

Cloud

SolarWinds Survey: Only 18% of IT Professionals Satisfied with Cloud Infrastructure

Published

on

According to new data from SolarWinds, less than one in five (18%) IT professionals believe their present cloud infrastructure satisfies their business needs, indicating a large disconnect between expectations and reality when it comes to cloud adoption. The research, based on a survey of 272 global IT professionals, shows that despite the cloud’s promises of scalability and cost savings, the reality is mixed for many IT teams: only a quarter of those surveyed (25%) feel their organisation’s approach to the cloud is carefully considered and successful, while 23% admit their hybrid cloud strategy has created an overly complex IT environment. Despite this, less than a quarter (22%) of respondents have invested in external IT services to help with their cloud migration strategy.

In response to these cloud challenges, more than one in ten (16%) respondents have already repatriated workloads back to on-premises. Meanwhile, a further 12% acknowledge that poorly planned cloud transitions have already resulted in long-term financial impacts on their organisations. This goes to show that rushed cloud migrations can lead to costly fixes or reversals.

The data also indicates a lack of trust in cloud security, with nearly half (46%) of IT pros still storing their most sensitive data on-premises due to persistent security worries. However, the findings do highlight a continued focus on cloud strategies to reduce costs. Nearly a third (29%) of respondents say they are prioritising cloud migration to cut operational costs.

Commenting on the findings, Sascha Giese, Global Tech Evangelist at SolarWinds, said, “The truth is, managing complex hybrid-cloud ecosystems isn’t easy. While the cloud promises scalability and cost savings, the gap between expectation and execution is becoming increasingly evident. In this landscape, many businesses find themselves grappling with overly complex infrastructures that struggle to meet evolving needs.”

In a hybrid cloud world with increasingly complex networks, systems, devices, and applications, managing microservices and containers adds to the challenge. Without proper planning and comprehensive visibility, organisations risk finding themselves in a dire situation. Tool sprawl, information silos, and alert fatigue can all lead to an unpleasant cloud experience, making it harder to identify the root causes of complex issues.

“To overcome these challenges, IT leaders must adopt a more strategic and informed approach to cloud migration, focusing on tools that are reliable, secure, and accelerate modernisation. One key advantage businesses can leverage to successfully manage their hybrid cloud infrastructures is comprehensive observability. That means gaining real-time visibility into every layer of the IT estate and acting proactively with the assistance of machine learning algorithms and AI-driven analytics. Cloud infrastructure can be a powerful growth enabler, but with a mess of mismatched tools and poor visibility, it will be a bumpy ride,” added Giese.

Continue Reading

Cloud

Fortinet Boosts Cloud Security by Introducing Lacework FortiCNAPP

Published

on

Fortinet has announced the general availability of Lacework FortiCNAPP, a unified, AI-driven platform to secure everything from code to cloud from a single vendor. “Lacework FortiCNAPP is based on Lacework’s proven cloud-native application protection platform with tight integration with the Fortinet Security Fabric,” said John Maddison, Chief Marketing Officer at Fortinet. “We’re pleased to expand our cloud-native security offerings and provide the industry’s most comprehensive, full-stack cloud security platform that empowers teams to seamlessly eliminate risk across their multi-cloud environments.”

The introduction of Lacework FortiCNAPP offers additional benefits that extend beyond Lacework’s leading offering. These include automated remediation and blocking of active runtime threats and enhanced visibility into FortiGuard Outbreak Alerts, which provide key information about new and emerging threats and the risk they pose within an organization’s environment.

As customers continue to adopt cloud infrastructure and services, they are quickly realizing that traditional security tools simply lack the native capabilities required to address the scale, velocity, and dynamic nature of the cloud. Security teams are fundamentally challenged by the lack of time to address cloud security at scale due to limited cloud security knowledge, a proliferation of cloud security products that do little to help customers resolve issues, and an overwhelming number of security and compliance alerts.

With Lacework FortiCNAPP, Fortinet simplifies and strengthens cloud security with a unified platform from a single vendor that brings together multiple tools to significantly cut down the time to detect, prioritize, investigate, and respond to cloud-native threats. Lacework FortiCNAPP introduces a unique AI approach that never stops learning, maximizing cloud security with minimal time and effort for development, operations, and security teams by automatically connecting risk insights with runtime threat data, and ensuring that the most critical issues are prioritized and addressed.

Fortinet enables customers to address all their cloud security needs by delivering key features such as:

  1. A unified platform: Fragmented tools create complex, expensive, and limited protection. As a platform, Lacework FortiCNAPP provides full visibility from code to cloud and correlates build and runtime risk and threat data to prioritize what matters most.
  2. AI-based anomaly detection: Given that cloud threats evolve as quickly as the cloud itself, creating rules for every potential attack scenario is nearly impossible. Lacework FortiCNAPP’s AI-based anomaly detection allows security analysts to detect previously undefined attack patterns that traditional rules-based systems cannot accomplish.
  3. Integrated code security: Code security integrated with cloud security empowers teams to address issues at the earliest and most cost-effective stage in the application life cycle. By offering code security as an integral capability within the platform, customers can save time and money by fixing security issues, and reducing the risk of vulnerable applications and infrastructure while maintaining developer productivity and innovation velocity.
  4. Composite alerts: Lacework FortiCNAPP is unique in detecting early signs of active attacks by automatically correlating various signals into a single, high-confidence composite alert. The platform uses behavioural analytics, anomaly detection, in-house threat intelligence, and insights from cloud service provider activity logs and threat services to identify active attacks, including compromised credentials, ransomware, and crypto-jacking.
  5. Integrations with the Fortinet Security Fabric: Integrations with Fortinet solutions such as FortiSOAR enable customers to streamline their response to active runtime threats, such as compromised hosts and compromised access keys, through automated remediation playbooks. Additionally, its integration with FortiGuard Outbreak Alerts helps teams understand how Lacework FortiCNAPP delivers enhanced visibility and deeper insights into the latest threats and where the solution can disrupt potential attacks.
  6. Cloud Infrastructure Entitlement Management (CIEM): Lacework FortiCNAPP provides CIEM with complete visibility into cloud identities and their permissions. It automatically discovers identities, assesses net-effective permissions, and highlights excessive ones by comparing granted versus used permissions. Each identity is assigned a risk score based on more than 30 factors, helping prioritise high-risk identities. Lacework FortiCNAPP also offers automated remediation guidance for right-sizing permissions, ensuring least-privileged access.
Continue Reading

Cloud

Cisco Boosts Cloud Security Offerings in the UAE

Published

on

Ahead of GITEX Global 2024, Cisco has announced plans to establish a Point of Presence (PoP) for cloud-delivered security in the United Arab Emirates (UAE). This initiative aims to help customers protect their users, infrastructure, and investments against threat actors. The announcement is part of Cisco’s continued effort to empower organizations locally and regionally with flexible security services and data loss protection for devices, remote users and distributed locations. Cisco targets service availability by the end of 2024 for the Secure Service Edge (SSE) PoP.

“Today’s announcement reaffirms Cisco’s commitment to rapidly extend its global reach for customers and provide advanced cloud security protection and services to the UAE and the surrounding region,” said Abdelilah Nejjari, Managing Director for Cisco in the Gulf and Levant region. “Our goal is to help companies in the UAE accelerate the deployment of cybersecurity capabilities by adopting a platform approach. This will enable the seamless integration of various solutions within their stack, allowing them to maximize their potential.”

The new PoP will play an important role in delivering agile, highly resilient, high-capacity secure access closer to users in the UAE. It will support Cisco’s cloud services including its Secure Service Edge (SSE) solution, Cisco Secure Access. This cloud-delivered platform helps organizations solve a variety of security challenges.

Users can now safely and seamlessly access the resources and apps they need, regardless of protocol, port or level of customization. As a result, customers can move away from the complex web of point products that weren’t designed to support today’s highly distributed environment. With Cisco Secure Access, decisions about how users connect to the Internet, Software-as-a-Service (SaaS) and private applications are automated, removing complexity and helping to increase productivity.

“This initiative marks a new milestone in Cisco’s commitment to helping strengthen the region’s cybersecurity efforts,” Fady Younes, Managing Director of Cybersecurity, Middle East, Africa and Romania, commented. “In February, we announced a local data centre for our Duo multifactor authentication (MFA) offering and I am pleased to say that this is already up and running, in line with our original schedule. As a next step, with the new PoP for the converged cloud security SSE solution, grounded in zero trust, to provide our customers with seamless, transparent, and secure access from anything to anywhere.”

In the UAE, organizations will experience the benefits of Cisco’s SSE PoP with the scalability of the public cloud. The PoP will be carrier-neutral and available on any Internet Service Provider (ISP) in UAE. The findings of the Cisco Cybersecurity Readiness Index underscore the importance of security resilience. The study revealed that in the UAE, only 2% of organizations are at the Mature stage of readiness, 33% are at the Progressive stage, 54% are Formative and 11% are Beginners. It also found that 73% of companies expect a cybersecurity incident to disrupt their business in the next 12-24 months.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.