How RedSeal Cloud Security Works
The RedSeal Cloud solution extends beyond how RedSeal ingests configuration information from on-premises network devices like routers and firewalls to establish a network topology. The solution accesses your public and private clouds via standard APIs and builds a connectivity model. The solution imports service, host, and vulnerability data from these cloud providers, vulnerability scanners, endpoint protection tools, and other sources to maintain an accurate view of your infrastructure.
This comprehensive connectivity model is created without using agents, span ports or taps, and without being in line with production traffic or consuming Netflow data. With this cloud topology information, RedSeal then uses its patented algorithms to calculate how data can move through it, including the net effective reachability to the key resources and/or any potential lateral movement. RedSeal shows you how and if data can move from any resource to another across your multiple clouds.
Next, RedSeal overlays the instance, host, and endpoint information, along with identified vulnerabilities, on this extensive connectivity model. It’s much more than a map as it is a visual, responsive, interactive model you can use to instantly and continuously understand your cloud security posture. The result is a faster time-to-resolution and an optimized security posture that adheres to compliance mandates.
RedSeal discovers, models, and assesses your entire infrastructure – on-premises, in private and public clouds.
Across your security team, RedSeal provides tangible benefits to support your overall security strategy. Risk and Compliance Managers can see if their clouds were properly configured and get alerts if anything changes. They can check for unauthorized, rogue AWS, Azure, GCP, or OCI workloads and services.
Using your existing vulnerability scanners, Vulnerability Managers can identify gaps in coverage of your clouds and implement scanners and tools to expose threats and vulnerabilities. They can also improve their prioritization, since RedSeal calculates risk scores that consider vulnerability severity and asset value, as well as how accessible the vulnerability is from an untrusted network, such as the internet or a partner network.
To empower your Incident Responders with expedited identification and response times, RedSeal connects with your existing SIEMs and ticketing tools to quickly locate compromised devices and determine which assets bad actors could reach from there. RedSeal’s unique situational awareness provides the specific information they need to rapidly implement containment and mitigation options.
Lastly, Cloud Security VPs and Directors can use RedSeal’s Digital Resilience Score to communicate with their executives regarding the overall security posture of your clouds. This key metric highlights the status of your cloud fortifications based on contextual awareness and goes far beyond traditional vulnerability scores.