Skyhawk Security Launches Multicloud Runtime Threat Detection and Response Platform
At this point, multicloud networks are the default. Estimates of multicloud adoption in the enterprise range from 80% to 92%, which means from “most people” to “almost everyone.” And yet organizations continue to struggle with correctly configuring multicloud environments. In a recent study, Aqua Security found that 82% of companies left their cloud storage open to the public. Again, that’s “most people” levels of misconfiguration. Clearly something needs to be done to improve cloud security configuration, and Skyhawk Security has a suggestion.
The Radware spinoff recently launched its Skyhawk Synthesis platform, which combines cloud threat detection and response (CDR), cloud infrastructure entitlement management (CIEM), identity threat detection and response (ITDR), and cloud security posture management (CSPM) into a unified environment. Because Skyhawk considers it a baseline capability, the company is offering its CSPM solution as a “freemium,” including complete posture management and hardening, compliance reports, and governance enforcement for up to 1,000 assets.
The point of using all those approaches is to automate cloud security maintenance as much as possible to conserve the efforts and attention of security staff. Skyhawk Synthesis uses machine learning to identify critical runtime sequences and then monitors the environment to flag when the sequences are activated in a potentially dangerous way. Focusing on the most dangerous events, the company claimed, can reduce the occurrence of false alerts, which have long been lamented as time-wasting burdens on security staff’s attention.
According to Skyhawk, Synthesis Platform uses behavioral analytics and context-based event correlation to pick up on breaches, then presents the alerts in the CDR Runtime Hub interface. The curation allows human analysts to react quickly to real threats instead of jumping at false alarms, the company said.
Chen Burshan, CEO of Skyhawk Security, said in a statement, “This bridges the gap between having an exhaustive list of misconfigurations and vulnerabilities to having awareness that those issues are being used to compromise your infrastructure.”
Read More HERE