Posts

GuardiCore Integrates with AWS Security Hub

Today at re:Invent, Amazon revealed the AWS Security Hub, a security service that provides AWS cloud customers with a comprehensive view of their security state within AWS. GuardiCore has worked with AWS over the past weeks to provide support and integration to this service. While AWS provides some built-in security capabilities, customers require additional capabilities that can only be provided by third-party companies like GuardiCore.

Both GuardiCore Centra and Infection Monkey now integrate with the AWS Security Hub. This integration provides a lot of value to customers. Early feedback is extremely positive and AWS customers would find it interesting to test both integrations:

GuardiCore Centra Integration with AWS Security Hub

GuardiCore Centra, our flagship product, secures any cloud-private or public. Security Incidents will be forwarded to the AWS Security Hub and can be managed through the console or consumed by other security products.

Infection Monkey Integration with AWS Security Hub

The Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that assesses the resiliency of private and public cloud environments to post-breach attacks and lateral movement. Its integration with the AWS Security Hub allows anyone to verify and test the resilience of their AWS environment and correlate this information with the native security solutions and benchmark score.

Working on the integration was fun. Since both Centra and Infection Monkey have integration points and can run on AWS, adding reporting interfaces to the Security Hub was a straightforward task.

We believe that the AWS Security Hub represents a good approach, allowing for more shared security insights from more vendors in order to improve the overall security posture of your environment. It detects security findings and alerts generated by other AWS security services, other security solutions (like GuardiCore Centra and Infection Monkey) and aggregates those findings and alerts within each supported AWS region.

During the beta period the service provided integration with Amazon GuardDuty, Amazon Inspector, and Amazon Macie and added new capabilities by running CIS benchmark check for AWS workloads. We are looking forward to your feedback. Tell us- what do you think about the integration?

What is Micro-Segmentation?

Micro-segmentation is the emerging IT security best practice of applying workload and process-level security controls to data center and cloud assets that have an explicit business purpose for communicating with each other. It offers more flexibility and granularity than established security techniques like network segmentation and application segmentation, making it more effective at detecting and blocking lateral movement in data center, cloud, and hybrid-cloud environments.

Read more

Micro-Segmentation Methods

The emergence of virtualized data centers, public cloud infrastructure, and more dynamic DevOps approaches makes the need for granular network- and application-level security controls more important than ever. Micro-segmentation is the most effective method of protecting sensitive data within these rapidly changing hybrid cloud environments.

Micro-segmentation enables visibility, alerting, and policy enforcement from the network level all the way down to the individual process level. However, the power and flexibility of micro-segmentation can also make it challenging to identify the optimal micro-segmentation methods for a specific organization. Both over-segmentation and under-segmentation can present challenges as IT security teams try to strike a balance between improving security and avoiding disruption of business processes. However, when an optimal mix of micro-segmentation methods is implemented, it provides proactive security and compliance controls and accelerates breach detection.

Read more

Harness the Benefits of Micro-Segmentation

Enterprise IT environments – and the security attacks they are subjected to – are becoming more sophisticated and diverse. While data centers continue to play a central role, a growing number of workloads are shifting to cloud and hybrid cloud deployment models. Meanwhile, emerging deployment approaches like containers bring both new advantages and new security challenges.

As a result of these shifts, the days of a well-defined perimeter are over, putting greater pressure on IT security teams to detect and prevent lateral movement among heterogeneous data center and cloud assets. Micro-segmentation with Layer 7 granularity addresses this growing challenge, bringing several essential benefits to today’s fast-evolving enterprise environments.

Read more

Time to Transform Data Centre Security?

Digital transformation is by its very definition redefining how data centres are designed and services managed and deployed. In fact, much like the long-maligned ‘perimeter’ security model many once datacentre-centric workloads are evaporating and re-forming as more agile and elastic cloud-based operational models.

Read more

Security Features of the Hybrid Cloud (OpenStack and AWS)

Everyone knows about the many benefits of the cloud: it is infinitely scalable, developer-friendly, and easy to use. However, we often avoid addressing the reality that the cloud is not perfect. The truth is that, despite the cloud’s many merits, it presents a significant challenge from a security standpoint. Security concerns might make you hesitate to deploy your workloads in any cloud, be it public or private – and understandably so.

Read more

Integrating Security and DevOps to Protect Cloud Workloads

CSO Online recently reported on a study conducted by the Cloud Security Alliance that listed the top twelve threats to cloud computing. The threats range from data breaches, to advanced persistent threats (APTs), to abuse and nefarious uses of cloud services. For example, the report discusses how malicious actors exploit poorly secured or misconfigured cloud services to abuse compute resources for nefarious purposes, such as DDOS attacks or attempts to exfiltrate data as part of a breach.

Read more