Skyhawk Security, a cloud threat detection company, has released a platform designed to address alert stress that provides cloud detection and response (CDR) across multi-cloud environments, the company said Tuesday in a statement. The company says that synthesis platform It is released on a “freemium” basis – the basic version is available for free, but additional features can be purchased.
Skyhawk claims the platform improves on products that focus on identifying multiple persistent cloud security misconfigurations by using machine learning (ML) to find a coherent sequence of high-priority run-time events and identify paths of least resistance that are exploited to compromise cloud infrastructure.
Discover latent cloud security risks
“Managing a cloud situation is a huge challenge. However, cloud security teams and SOC teams are overwhelmed trying to analyze and respond to thousands of alerts with existing cloud security solutions,” Skyhawk CEO Chen Borshan said in a statement. “Our approach is unique because we define We stop real attacks by detecting latent threats and then monitoring the full uptime of dynamic threats in the cloud infrastructure.”
Quoting a hadeeth Oxford University study indicating 99% of alerts are false positives, the company said it believes the product helps address “alert fatigue” and reduce the efficiency that can result from investigating events and alerts that aren’t a threat. The platform is designed to identify runtime threats as they occur, combining inventory awareness and paths of least resistance with behavioral analytics to raise awareness of real-time alerts. The code then displays the results in the CDR runtime axis.
“Moreover, the expanding cloud infrastructure attack surface has opened the door to significant misconfiguration and visibility concerns,” Skyhawk said. “For example, the recent Uber breaches show the prohibitive cost of poorly managed cloud security, which led to the leak of the personal information of 77,000 employees.”
CSPM “Basic Ability”
In addition to CDR, the platform includes Cloud Infrastructure Entitlement Management (CIEM), Identity Threat Detection and Response (ITDR), and Cloud Advanced Security Mode Management (CSPM). The basic version of Synthesis is provided at no cost because the company considers CSPM to be a “core capability”.
Chen told the CSO that the platform has undergone a soft launch and is currently “used by dozens of customers for cloud security,” while full public access begins on Tuesday.
Under the free CSPM version, users will have access to visibility across the AWS cloud, Azure and GCP, posture and resilience management, compliance and governance reporting, and will be able to manage up to 1,000 assets. Slack channel support and guided installation are also included. Enterprise subscribers will receive these features as well as threat detection, attack simulation, threat response, cloud infrastructure entitlement management, lower-privilege recommendations, unused permission alerts, and integration with Slack and Jira. Cloud locations in the free version are limited to the US, UK, EU, Israel, Japan and Australia, while the full version has unlimited geographic access.
Improves the security situation
“Even when the cloud architecture is 100% compatible and 100% properly configured, these environments can still be compromised,” the company said. “Skyhawk Security not only improves security, but allows SOC teams to focus on events that pose a real threat to their organization.”
The freemium CSPM solution includes position management, resilience, compliance reporting, and governance enforcement for up to 1,000 assets.
Copyright © 2023 IDG Communications, Inc. All Rights Reserved.