CSO Online recently reported on a study conducted by the Cloud Security Alliance that listed the top twelve threats to cloud computing. The threats range from data breaches, to advanced persistent threats (APTs), to abuse and nefarious uses of cloud services. For example, the report discusses how malicious actors exploit poorly secured or misconfigured cloud services to abuse compute resources for nefarious purposes, such as DDOS attacks or attempts to exfiltrate data as part of a breach.
Micro-segmentation provides the ability to isolate communication flows within applications and workloads and allows for more granular workload security than traditional tools. Beyond using micro-segmentation to allow or block connections and alert on those activities, the ability to compare, within a single platform, policy violations to historical observations can dramatically accelerate threat detection, investigation, and response.
The movement of data and workloads to the cloud has been more like a headlong rush. In the quest for a competitive edge, businesses are clearly eager to take advantage of the agility and elasticity the cloud affords them – so much so that security is often an afterthought. But hey, isn’t the cloud provider taking care of that?
Some companies are surprised to hear the answer is no, at least not entirely.
In traditional data center environments, security teams usually leverage their standard security tools and agents to capture network-level logs. Capturing these logs gives teams visibility into network architecture and traffic flow. However, when we migrate applications to AWS, these standard practices change. The same toolsets might not be as efficient as they were in the traditional environment. While security fundamentals are the same, the approach changes. Security teams need to explore new options and adopt new tools to ensure adequate security coverage.
Containers and orchestration systems use numerous technical abstractions to support auto-scaling and distributed applications that obfuscate visibility into application communication flows. Security teams lose visibility into application communication flows, rendering traditional tools useless and exposing the application to risk.
GuardiCore is featured in SC Magazine Industry Innovators 2017 – Virtualization and Cloud-Based Security. Last year SC Magazine said GuardiCore “… was founded with the vision that security for the data center needs to not only be able to keep up with the rate of constant change, but also be able to close the gap between traditional security technology and a sophisticated threat actor’s ingenuity.” This year GuardiCore is taking this notion to the next level by moving to the next generation of cloud application technology: micro-segmentation. This technique provides better detection because it provides better visibility.
This is part 2 of a 2-part series examining how security requirements have changed for an evolving IT infrastructure.
In part I of this blog series, we discussed the changes in the way businesses and IT teams are executing and how security practitioners are being presented with a unique opportunity to align their tools and strategies with the direction the business is going. In this post, we’ll review some of the strategies and tools that can be used to help secure your hybrid cloud environment and keep pace with the DevOps model.
Latest Release Adds Flexible Policy Management and Native Enforcement to Streamline Micro-Segmentation Implementations
San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in cloud and data center security, today announced the next innovations in its Centra Security Platform to simplify micro-segmentation deployments. GuardiCore Centra is enabling customers to move from zero micro-segmentation to native policy enforcement in three easy steps.
Provides Enterprise Customers with a Simple, Flexible Approach to Securing Hybrid Cloud Environments as Part of its Broader Cloud Service Through AWS Marketplace
San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced the availability of its award-winning data center and cloud security solution on AWS Marketplace. The addition of GuardiCore’s Centra Security Platform to AWS Marketplace provides customers with additional security through a flexible model offering Security as a Service (SECaaS) available on a “pay per hour” basis as part of an integrated Amazon Web Services (AWS) bill.