Posts

RedSeal Expands Hybrid Network Modeling Capabilities to Include Google Cloud Platform

Organizations can see access and prioritize vulnerabilities across network environments

SAN JOSE, Calif. — Nov. 5, 2019 — Today RedSeal added support for Google Cloud Platform to expand customers’ continuous network understanding across their entire infrastructure and cyber terrain.

With the addition of Google Cloud Platform, RedSeal consolidates network data from the most prevalent public and private cloud offerings including Amazon Web Services, Microsoft Azure, VMware NSX, Cisco ACI, as well as physical networks.

RedSeal is the only solution that automates fundamental cybersecurity activities, including evaluating devices to see if they’re securely configured, making sure there are no unintended access paths to critical data, monitoring network changes, and keeping a network compliant with relevant policies and regulations. Considered a force multiplier for existing security products, RedSeal increases confidence that there are no unintended openings in a network.

“Security teams, CISOs and CIOs struggle to understand their complex and dynamic network environments,” said Kurt Van Etten, chief product officer at RedSeal. “RedSeal gives them the visibility and understanding they need.”

RedSeal’s cyber risk modeling platform brings complex hybrid multi-cloud, software-defined networks and on-premise environments into one, unified model. With the unprecedented visibility RedSeal provides, teams can:

  • Quickly visualize network risk, including all possible access across and within their entire network – whether intended or not. When a workload in the cloud is compromised, teams can determine if physical or SDN assets are also at risk.
  • Discover unknown or unmanaged assets.
  • Ensure the right controls are in place and the network remains in compliance with policies and regulations.
  • Accelerate investigation of incidents and vulnerabilities and prioritize them based on risk to each network.
  • Minimize impact of an attack, and keep valuable assets and operations running in the face of cyberattacks.

RedSeal also delivers the Digital Resilience Score, a metric indicating a networks’ ability to respond to and rebound from incidents. The score measures how networks are actually set up, taking into account unmapped areas, how accessible vulnerabilities are – and where a compromised system could reach.

This network understanding is the foundation of network resilience, improving network and security operations, vulnerability management, incident response, risk and compliance, and M&A functions.

Debunk 10 common public cloud myths

Search Cloud Computing | June 21, 2019

RedSeal Named 2018 Cloud Security Excellence Award Winner

TMC | October 1, 2018

TMC’s Cloud Computing Magazine has named RedSeal as a winner of their 2018 Cloud Computing Security Excellence Awards. The awards honor solutions in two categories: those that most effectively leverage cloud platforms to deliver network security, and those providing security for cloud applications.

Cloud Computing magazine is the industry’s definitive source for all things cloud – from public, community, hybrid and private cloud to security and business continuity, and everything in between.

RedSeal Receives 2017 Cloud Computing Security Excellence Award

SUNNYVALE, CALIFORNIA RedSeal, the leader in network modeling and cyber risk scoring, announced today that TMC, a global, integrated media company, has named RedSeal’s network modeling and risk scoring platform as a 2017 Cloud Computing Security Excellence Award winner.

The Cloud Computing Security Excellence Award, presented by Cloud Computing magazine, recognizes companies in two distinct categories that have most effectively leveraged cloud computing in their efforts to bring new, differentiated offerings to market.

Cloud-Delivered Security

With the ever-increasing number of hacks and intrusions, ensuring security of our applications, services, data, and devices has never been more critical.  Exemplary security solutions leveraging the cloud as the delivery model have been recognized.

Cloud Security

For years, one of the chief causes of delay or even rejection of cloud migration has been security. Select products and services keeping cloud infrastructure and applications secure have also been presented with Cloud Security Excellence Awards.

The network modeling and risk scoring platform has been recognized in the cloud security category.

“It’s truly an honor to be recognized as a leader in cloud computing security by TMC,” said Ray Rothrock, CEO and chairman of RedSeal. “We are continuously expanding our product to address the significant challenges organizations face in managing security across their hybrid datacenters. RedSeal models cloud-based networks alone or as part of a complete network – in combination with virtual and on-premise networks. The information we provide is a foundation for enterprises to become more resilient to cyber events, which means they can quickly navigate through cyber incidents and rapidly rebound, minimizing impact on business performance.”

RedSeal’s security analytics platform builds an accurate, up-to-date model of an organization’s entire, as-built network to visualize access paths, prioritize what to fix, and target existing cybersecurity resources to protect your most valuable assets. With RedSeal’s Digital Resilience Score, decision makers can see the security status and benchmark progress toward digital resilience.

“Recognizing leaders in the advancement of cloud computing, TMC and Cloud Computing magazine are proud to announce RedSeal’s network modeling and risk scoring platform as a recipient of the Cloud Computing Security Excellence Award,” said Rich Tehrani, CEO, TMC. “RedSeal is being honored for their achievement in bringing innovation and excellence to the market, while leveraging the latest technology trends.”

About RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events and network interruptions in an increasingly digital world. RedSeal helps customers understand their network from the inside, out – and provides rich context, situational awareness and a Digital Resilience Score to help enterprises measure and ultimately build greater resilience into their infrastructure. Government agencies and Global 2000 companies around the world rely on RedSeal to help them improve their overall security posture, accelerate incident response and increase the productivity of their security and network teams. Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers globally through a direct and channel partner network.

About TMC
Global buyers rely on TMC’s content-driven marketplaces to make purchase decisions and navigate markets. This presents branding, thought leadership and lead generation opportunities for vendors/sellers.

 

RedSeal Further Expands Its Hybrid Datacenter Modeling Capability with Seamless Integration with Cisco ACI

Security teams will gain holistic view of their entire network and boost productivity

SUNNYVALE, Calif. –  Today RedSeal increased its capabilities for modeling complex networks by adding a new integration with Cisco Application Centric Infrastructure (ACI). The integration between RedSeal’s network modeling and risk-scoring platform and Cisco ACI expands customers’ ability to create one, unified model of their hybrid datacenters —including devices that are on-premise, virtualized, and/or in a public cloud — and to conduct queries across all of these environments.

The digital infrastructure of today’s modern enterprise includes a complex array of on-premise, cloud and virtualized networks, which are constantly changing, making a complete and detailed understanding of the current state of a network a time-consuming and complex task. RedSeal’s ability to model complete hybrid datacenters – including software-defined networks (SDNs) in VMWare NSX and now Cisco ACI, as well as previously announced enhanced modeling of Amazon Web Services Virtual Private Clouds (VPCs) – gives customers a comprehensive view of their entire as-built network.

The Cisco ACI integration builds on RedSeal’s ability to provide critical visibility into access controls for these hybrid datacenter environments, as well as alert users to violations of customized policies they have established for their organizations. This capability also helps security teams be more productive by allowing them to quickly and accurately model devices and associated policies within the Cisco ACI fabric.

“Enterprise security teams are struggling, as they’re understaffed and under pressure. When it comes to understanding network access across and within all of their network fabrics, they’re in the dark,” said Kurt Van Etten, product VP at RedSeal. “They need a holistic view of their network that’s deeply integrated with their current security solutions. The integration of Cisco’s ACI fabric with the RedSeal platform provides this visibility, giving enterprise security teams much needed context for prioritizing vulnerabilities, accelerating incident response, managing compliance, and improving the overall resilience of their infrastructure.”

________________

About RedSeal
RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events and network interruptions in an increasingly digital world. RedSeal helps customers understand their network from the inside, out – and provides rich context, situational awareness and a Digital Resilience Score to help enterprises measure and ultimately build greater resilience into their infrastructure.  Government agencies and Global 2000 companies around the world rely on RedSeal to help them improve their overall security posture, accelerate incident response and increase the productivity of their security and network teams.  Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers globally through a direct and channel partner network.

Download our solution brief RedSeal and Cisco ACI.

RedSeal Extends Digital Resilience Platform Across Network Environments, Improves Security and Network Teams’ Productivity with New Integrations

Expedites Analysis with Seamless Integration into Network Security Products from Splunk, Rapid7 and ForeScout

 SUNNYVALE, Calif. –  Today RedSeal (www.redseal.net) announced enhancements and new integrations for its market leading network modeling and risk scoring platform. The enhancements will give RedSeal users a single, comprehensive understanding of network security across their datacenter, cloud and software-defined networks.

The enhancements also help security teams be more productive despite ever-increasing demands by delivering actionable intelligence from RedSeal’s network modeling platform directly into Splunk’s Enterprise Security SIEM, Rapid7’s Nexpose vulnerability management software, and ForeScout’s CounterACT.

“Enterprises today have complex network infrastructures with many point product security solutions,” said Ray Rothrock, chairman and CEO of RedSeal. “To improve their resilience in the face of inevitable attacks, they need a holistic view of their network that’s deeply integrated with their current security solutions.”

Platform Enhancements

The digital infrastructures for nearly all Global 2000 companies include on-premise, cloud and virtualized networks. The resulting networks are large, complex, and constantly changing, making a complete and detailed understanding of the current state of a network very difficult. To address this, RedSeal can now model complete networks – including software-defined networks (SDNs) in VMWare NSX and enhanced modeling of Amazon Web Services Virtual Private Clouds (VPCs).

RedSeal provides critical visibility into access controls for these SDN environments, and alerts users to violations of customized policies they’ve established for their organizations.

Expanded Integrations with Splunk, Rapid7 and ForeScout

To streamline security teams’ efforts, and further improve network security, RedSeal now integrates into the user interfaces of Splunk’s Enterprise Security SIEM, Rapid7’s Nexpose vulnerability management software, and ForeScout’s CounterACT.

This improves the efficacy of each of these products, giving their users unprecedented network context within the tools, and in the format, they’re already using. Specifically:

  • Integration with Splunk’s Enterprise Security SIEM accelerates incident response efforts. RedSeal provides the SIEM with critical network context and identifies access paths to and from Indicators of Compromise (IOC) leading to other critical assets.
  • Integration with Rapid7’s Nexpose vulnerability management software identifies gaps in vulnerability scan coverage.
  • Integration with ForeScout’s CounterACT prioritizes hosts in terms of actual risk so appropriate action can be taken.

“Customers tell us that RedSeal’s unique information adds value to a number of their security functions,” said Rothrock. “Now they can get this information without having to open and learn another product. These apps give our customers even more productivity and efficiency, accelerating their ability to identify and respond to problems.”

To learn more, visit RedSeal Integration Apps.

About RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events and network interruptions in an increasingly digital world. RedSeal helps customers understand their network from the inside, out – and provides actionable intelligence, situational awareness and a Digital Resilience Score to help enterprises measure and ultimately build greater resilience into their infrastructure. Government agencies and Global 2000 companies around the world rely on RedSeal to help them improve their overall security posture, accelerate incident response and increase the productivity of their security and network teams. Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers globally through a direct and channel partner network.

RedSeal Cloud Security

On the Way to SDN and the Cloud: Building Resilient Networks

Willis H. Ware, a research scientist at the Rand Corporation working for the United States Air Force in 1967, predicted that ARPAnet would be a disaster if security wasn’t built into the project.

He was overruled.

In January 2013, the Final Report of the Defense Science Board Task Force on Resilient Military Systems and the Advanced Cyber Threat was issued and confirmed what Willis knew back in 1967.

The report’s findings made for sober reading:

  • The United States cannot be confident that our critical information technology systems will work under attack. This is also true for our allies, rivals, public and private networks.
  • The DoD and its contractor base are high priority targets that have already sustained staggering losses of system design information.
  • The DoD should expect cyber attacks to be part of all conflicts in the future, and should not expect enemies to play by our version of the rules.
  • There is evidence of attacks that exploit known vulnerabilities in the domestic power grid and critical infrastructure systems.
  • The impact of a destructive cyber attack on the civilian population would be even greater:
    • In a short time, food and medicine distribution systems would be ineffective.
    • Law enforcement and emergency personnel capabilities could be barely functional in the short term and dysfunctional over sustained periods.
    • Expect physical damage to control systems.
    • Months to years could be required to rebuild and reestablish basic infrastructure operation.

So… the current situation is really bad.

Does cloud computing and the rise of software defined networks (SDNs) make things better? Government and enterprises are receiving huge benefits by moving into the cloud.  You can quickly and efficiently create an SDN, but cloud computing and software defined anything is still software. And software will have errors. How do you test or QA it? Is your central control node secure? How much do you know, really?

If this word “software” doesn’t scare you, then you’re not thinking about it hard enough.

In the Defense Science Board Task Force’s report, the seventh recommendation is to build a cyber resilient force and a set of standards and requirements that incorporate cyber resiliency into the cyber critical survivable mission systems.

What is their definition of resilience?
Resilience: Because the Defense Department’s capabilities cannot necessarily guarantee that every cyber attack will be denied successfully, the Defense Department must invest in resilient and redundant systems so that it may continue its operations in the face of disruptive or destructive cyber attacks on DoD networks.”– Ash Carter, Secretary of Defense, April 2015

The report highlights a need to continuously model and test DoD’s systems to determine how resilient they are. This requires a measurement or a metric for resilience.

Managing and measuring cyber resilience Up until now measuring cyber resilience has been an impossible challenge. Now, RedSeal’s cybersecurity analytics platform has been deployed successfully by federal agencies and departments. With RedSeal you can:

Understand your cyber terrain
You have to understand your cyber terrain in order to secure it, defend it, and respond to incidents appropriately and swiftly.  Operating without understanding your network is like stumbling around your unlit house at night looking for the burglar that just broke in.

Model and measure
With a network sand table, defenders can now see where their high value assets (HVAs) are and answer important questions:

  • How can they be accessed?
  • How exposed are they?
  • Are defenses deployed in the appropriate places?
  • Exactly where are the sensor-reported incidents?

Verify compliance, establish and manage standard policies
RedSeal lets you know if your network is constructed as you think it is –to allow only authorized access to your data. RedSeal reads in information from devices on your network, including those parts hosted in the cloud. Then, it calculates the access actually allowed from any point on your network to any other and updates as changes are made, so you can verify and maintain compliance with regulations and policies.

 Understand the security impact of network changes
RedSeal enables you to simulate attacks before they happen.  You can understand your defensive posture by finding the weak points and measuring ease of compromise.

Understand access in hybrid networks
Cloud providers have cloud solutions to manage your cloud-based network. But most organizations don’t have a pure cloud network; their networks are hybrid. You have some infrastructure that you manage, some in the cloud, and some virtualized. We show organizations how all parts of their networks connect to everything else.

Cloud providers don’t know what your legacy environment looks like. You need to be able to draw together your physical and cloud infrastructure in more than just a picture.  At RedSeal, we believe you have to understand end to end behaviors of your networks. To do this, we do very deep access calculations based on the configuration files of all your network devices – virtual or not.  RedSeal determines how your infrastructure actually works, so you can continually validate that you built what you thought you were building.

You can ask all kinds of questions of your RedSeal network model. You can determine if the back end of your cloud infrastructure is accessible from the internet – and how. You can see paths that reach from the real world to the virtual world. We’ve invested a lot of time and effort at RedSeal, so you can see your cloud infrastructure and how it connects to your physical or virtual infrastructure.

RedSeal provides security metrics  
RedSeal gives you an overview of your network, measuring:

  1. The completeness of your inventory of assets and systems. It identifies devices you may not know about.
  2. All the connections between devices.
  3. How well your network devices are configured for security.
  4. The actual risk to your data, based on how accessible known vulnerabilities are.

RedSeal’s smartphone app provides a measurement and trend summary for executives or “on the go” security management.

Why is the RedSeal Digital Resilience Score important?

  • Gives you a measure of security effectiveness so you know where to allocate resources and funding.
  • Helps you understand your security posture: are you better today than you were yesterday?
  • Allows seniors staff to empirically understand network risk.
  • Grades different networks across various departments or agencies
  • Verifies networks are designed and operating for security as intended

For more on this subject, listen to the free webinar, On the Way to SDN and the Cloud: Building Resilient Networks.