Posts

RedSeal and Cloud Security Posture Management

According to Gartner’s Innovation Insight for Cloud Security Posture Management, this year (2021), “50% of enterprises will unknowingly and mistakenly have exposed some applications, network segments, storage, or APIs directly to the public internet”. And by 2023, “…at least 99% of cloud security failures will be the customer’s fault.”

What do these statistics say about the changing face of cybersecurity? Twenty years ago, the most common source of security failures was naïve user behavior, typically clicking on a malicious email attachment or link. In on-premise environments, this is still a common vector of infection, but in the cloud the problem is not naïve users, it is overwhelmed administrators. 99% of cloud security failures will be the customer’s fault, because cloud platforms and applications will simply be misconfigured. Let that sink in. Simple misconfigurations were never the primary source of security failures in the past.

Administrators aren’t stupid; they misconfigure systems because they are overwhelmed. Of course, there is a chronic shortage of security talent, but that has been true for decades. What has changed, with the advent of cloud computing, is the overwhelming complexity of the systems. Cloud security controls and best practices are very different from those used in on-premise environments. Those available in AWS are similar, but different from those in Azure, or Google Cloud. Kubernetes has a unique security model of its own, and all these environments are changing constantly.

To deal with this complexity and constant change, a new family of technology has emerged broadly referred to as Cloud Security Posture Management (CSPM). The goal of these technologies is to help admins understand what resources they have in their cloud environments, what security controls are in place, how it is all really configured, and whether it meets various compliance standards.

For more than a decade, RedSeal has been in the business of helping customers understand their on-premise networks i.e. what devices are on the network, how they are connected, and the security implications of their configuration. We do this by creating a detailed model of their network that can be compared against best practices, compliance standards, and the customer’s intended network design (customers are almost always surprised with how different their network is from what they originally intended). Put simply, customers use us to find and correct network misconfigurations.

With data centers and networks moving to the cloud, our customers are increasingly asking us to help them find and correct cloud misconfigurations as well. They need an accurate model of their cloud environments to understand questions like how many cloud accounts they really have, what resources are in each, what security controls are in place, what is the aggregate effect of all those security controls on resource access, and are any resources inadvertently exposed to the internet. They often have a basic design for their cloud but are unsure if their implementation is consistent with their intentions. The truth is, it never is, and they need a product that can provide them with a reality check.

At RedSeal, our mission is to provide organizations with technology that allows them to understand their network, hybrid, and cloud security posture. Because cloud technology is so complex, and changing so quickly, organizations need powerful technology to understand their implementation. They need to model their environment, so they can easily spot flaws. Our tag line is “See and Secure” because you can’t secure what you don’t understand.

For more information on RedSeal Stratus, our new CSPM solution, click here.

For more information of ways that RedSeal can help avoid unintended internet exposure, check out our Solution Brief.

If you’re concerned about your EKS Security, click here.

RedSeal Launches New Cloud Security Posture Management Solution to Empower Security Teams

RedSeal Stratus identifies unintended exposure to the Internet, creates a connectivity visualization of your cloud architecture, and helps you understand your Kubernetes Inventory

Building on more than a decade of award-winning cybersecurity analytics we are excited to launch RedSeal Stratus, our new Cloud Security Posture Management (CSPM) solution that stops unintended exposure of cloud resources to the Internet.

Cloud misconfigurations, which can leave resources unintentionally exposed to untrusted networks, are the major source of data breaches. To help security teams better manage the increased risk associated with increasing cloud complexity, RedSeal Stratus provides security teams with an out-of-the-box overview of Internet-exposed resources by tags, connectivity visualization between and within their Amazon Web Service (AWS) cloud resources, and inventory of AWS Elastic Kubernetes Service (EKS) resources.

While native Cloud Security Provider tools provide basic capabilities that may be sufficient for smaller cloud-first organizations, larger organizations who are probably hybrid, multi-cloud, and need advanced features should choose a third-party CSPM solution.

Current CSPM solutions simply call CSP APIs to determine if subnets are Internet-facing. For more accurate results, RedSeal Stratus identifies resources exposed to the Internet by calculating access through security control points from end-to-end.

Only RedSeal Stratus can calculate how an instance gets to the Internet, what security points it goes through, and through which ports and protocols. Other security products may show connectivity where there is traffic, using an agent-based approach, but only RedSeal Stratus can show you all connectivity possible including that without traffic–and without an agent. As a result, RedSeal Stratus is unique among native CSP and CSPM offerings by:

RedSeal Stratus is a cloud security solution for the modern day that provides security teams with a unified, interactive view of their AWS environments, including Kubernetes (EKS) inventory, and exposed resources that can lead to costly data breaches.

To learn more, visit www.redseal.net/stratus or Request A Demo.