It’s Time to Bring Together Cloud Compliance and Security Analytics

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Today we announced our intent to acquire RedLock, a cloud threat defense company whose technology will add comprehensive asset discovery and automated threat detection and remediation to our public cloud security offering. As a result, SecOps and DevOps teams will get the strength of leading compliance capabilities and cloud analytics from one source: Palo Alto Networks.

Pain points in the public cloud

Talk to enough organizations migrating to public cloud and you start to hear some familiar stories:

  • “We don’t have visibility across the whole multi-cloud environment, and even if we do, it’s not centralized.”
  • “It’s a complex process to manage compliance, especially in multi-cloud environments. How do I keep up with NIST, GDPR and all of the others?”
  • “We can’t detect and respond to threats fast enough in our multi-cloud environment.”

We are solving many of these common challenges today, and expect that by early next year we will deliver a combined offering that will include the deep cloud security and compliance monitoring capabilities from Evident and RedLock’s security analytics and advanced threat detection capabilities.

What RedLock adds

RedLock captures detailed events from multiple public cloud platforms to identify and remediate threats. This enables RedLock to correlate resource configurations, network traffic, and third-party feeds to identify threats and vulnerabilities as well as identify compromised accounts and insider threats by analyzing user behavior. Remediation is then automated by integrating with existing incident response workflows.

What does that look like in the real world? Say, for example, that a developer accidentally leaks cloud access keys on a well-known forum such as Github, and that as a result of this, a hacker attempts to login to the cloud environment using those keys. RedLock’s fast analytics detect that the key is being used in an unusual location to perform an unusual activity – and immediately alerts the SOC team, with a full history of all activities associated with that key.

As another example, say a user creates a security group within an organization, but accidentally leaves it open. RedLock will discover it, see that it is associated with a VM running MongoDB, and determine that the database is receiving Internet traffic from a known malicious IP address. What happens next is the database is automatically moved to a private security group – remediating the risk.

Combining Palo Alto Networks, Evident and RedLock means we can provide the most robust security offering for the public cloud, including the following:

  • Continuous discovery and inventory of public cloud resources, we provide centralized visibility to assets across multiple cloud providers — including Amazon Web Services, Microsoft Azure and Google Cloud Platform – multiple accounts and multiple regions.
  • Compliance reporting for industry standards such as NIST, PCI, HIPAA, GDPR and CIS is one click – and customized.
  • Ability to prioritize vulnerabilities, detect cloud threats and investigate incidents in minutes or less, and provide automated remediation of security risks and policy violations across entire public cloud deployments.

We’re excited to add RedLock’s technology to our cloud security offering and also welcome to Palo Alto Networks a very talented team with a deep bench of cloud expertise. We expect to begin integration immediately after the acquisition’s close.

For more information, visit our announcement page.

Hear what RedLock co-founder Varun Badhwar and Palo Alto Networks Chief Product Officer Lee Klarich have to say in this video:



The post It’s Time to Bring Together Cloud Compliance and Security Analytics appeared first on Palo Alto Networks Blog.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Palo Alto Networks
Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. With our deep cybersecurity expertise, commitment to innovation, and game-changing Next-Generation Security Platform, customers can confidently pursue a digital-first strategy and embark on new technology initiatives, such as cloud and mobility. This kind of thinking and know-how helps customer organizations grow their business and empower employees all while maintaining complete visibility and the control needed to protect their critical control systems and most valued data assets. Our platform was built from the ground up for breach prevention, with threat information shared across security functions system-wide, and designed to operate in increasingly mobile, modern networks. By combining network, cloud and endpoint security with advanced threat intelligence in a natively integrated security platform, we safely enable all applications and deliver highly automated, preventive protection against cyberthreats at all stages in the attack lifecycle without compromising performance. Customers benefit from superior security to what legacy or point products provide and realize a better total cost of ownership.
Promoted Content
Unit 42 Report - Ransomware: Unlocking the Lucrative Criminal Business Model
Ransomware, specifically cryptographic ransomware, has quickly become one of the greatest cyber threats facing organizations around the world. This criminal business model has proven to be highly effective in generating revenue for cyber criminals in addition to causing significant operational impact to affected organizations. It is largely victim agnostic, spanning across the globe and affecting all major industry verticals. Small organizations, large enterprises, individual home users – everyone is a potential target. Ransomware has existed in various forms for decades, but in the last several years criminals have perfected the key components of these attacks. This has led to an explosion of new malware families and has drawn new actors into participating in these lucrative schemes.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?