Tag Archive for: Stratus

RedSeal Opens Stratus Early Adopter Program to Security Teams Struggling with Cloud Security

/by

Stratus — a SaaS-based Cloud Security Posture Management (CSPM) solution — addresses dangers of exposure and unintended access issues; Free webinar and demo on December 8

SAN JOSE, Calif., Dec. 01, 2021 (GLOBE NEWSWIRE) — RedSeal today introduced its Stratus Early Adopter Program, which provides select customers and prospects the opportunity to evaluate the company’s new SaaS-based Cloud Security Posture Management (CSPM) solution. The new Stratus SaaS offering is focused on providing visibility to cloud and Kubernetes inventory and determining exposed resources in cloud and hybrid cloud environments.

Implementing security controls for cloud environments now extends beyond the responsibility of traditional network security teams, and today includes application developers and DevOps teams. These controls must also consider workload containerization such as Kubernetes, and native offerings from Cloud Security Providers such as Amazon Web Services. As a result, there is exponential growth and pervasiveness of misconfigurations, which put high value resources at risk of unintended exposure to the Internet.

Current members of the Stratus Early Adopter Program represent enterprises ranging from banking and financial services firms, to federal government agencies and high-tech companies. These users have reported benefiting from Stratus’ ability to easily see both exposure and conductivity in and across all accounts in a single view.

Security challenges in the cloud have become so prevalent that Gartner has defined CSPM as a new category of security products designed to identify misconfiguration issues and risks in the cloud. As a CSPM, RedSeal Stratus helps security teams better manage this increased risk by:

  • Immediately identifying which resources are unintentionally exposed to the Internet due to misconfigurations
  • Visualizing their complete AWS cloud architecture to truly understand connectivity between and within cloud resources
  • Understanding their Amazon Elastic Kubernetes Service (EKS) inventory and identifying overly permissive user and service accounts

“Everyone knows that visibility is critical for CSPM to meet its full potential, but very few vendors are delivering on this promise,” said Bryan Barney, RedSeal CEO. “What makes visibility so powerful is the true calculation of access and exposure, and not simply the reliance on CSP settings. With RedSeal Stratus, we are now providing the most accurate, reliable and actionable approach to calculating access and exposure in the cloud.”

RedSeal Stratus is currently focused on AWS cloud environments. Recognizing the demand for better security posture management across Microsoft Azure and Kubernetes environments, Stratus will evolve to support these platforms early next year, making Stratus a complete, robust CSPM solution. Participants of the Stratus Early Adopter Program are eligible for a free 6-month subscription to RedSeal Stratus, with up to 3,000 EC2 instances.

Stratus Webinar and Demonstration

RedSeal will be hosting a free webinar for customers and prospects interested in joining the Stratus Early Adopter Program. The online event will take place on Tuesday, December 8th at 11:00am PST and will provide an exclusive overview of RedSeal’s new SaaS-based CSPM solution. The webinar will cover how RedSeal Stratus can help security teams better manage increased cloud security risks with:

  • Complete and up-to-date visualization of cloud infrastructure
  • Detailed knowledge of Amazon EKS accounts and policies
  • Out-of-the-box dashboard that identifies resources that exposed to the Internet

Click here to register for the free event.

About RedSeal

RedSeal — a security solutions and professional services company — helps government agencies and Global 2000 companies see and secure their on-premise networks and cloud environments. RedSeal Stratus, the company’s SaaS CSPM solution, gives an integrated view of cloud security posture through visualization of cloud-native and Kubernetes controls, and shows which resources are unintentionally exposed to the Internet. RedSeal’s Classic product brings in all network environments — public and private clouds as well as on-premises. This award-winning security solution verifies that networks align with security best practices, validates network segmentation policies, and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif. Follow RedSeal on Twitter and LinkedIn.

RedSeal and Cloud Security Posture Management

/by

According to Gartner’s Innovation Insight for Cloud Security Posture Management, this year (2021), “50% of enterprises will unknowingly and mistakenly have exposed some applications, network segments, storage, or APIs directly to the public internet”. And by 2023, “…at least 99% of cloud security failures will be the customer’s fault.”

What do these statistics say about the changing face of cybersecurity? Twenty years ago, the most common source of security failures was naïve user behavior, typically clicking on a malicious email attachment or link. In on-premise environments, this is still a common vector of infection, but in the cloud the problem is not naïve users, it is overwhelmed administrators. 99% of cloud security failures will be the customer’s fault, because cloud platforms and applications will simply be misconfigured. Let that sink in. Simple misconfigurations were never the primary source of security failures in the past.

Administrators aren’t stupid; they misconfigure systems because they are overwhelmed. Of course, there is a chronic shortage of security talent, but that has been true for decades. What has changed, with the advent of cloud computing, is the overwhelming complexity of the systems. Cloud security controls and best practices are very different from those used in on-premise environments. Those available in AWS are similar, but different from those in Azure, or Google Cloud. Kubernetes has a unique security model of its own, and all these environments are changing constantly.

To deal with this complexity and constant change, a new family of technology has emerged broadly referred to as Cloud Security Posture Management (CSPM). The goal of these technologies is to help admins understand what resources they have in their cloud environments, what security controls are in place, how it is all really configured, and whether it meets various compliance standards.

For more than a decade, RedSeal has been in the business of helping customers understand their on-premise networks i.e. what devices are on the network, how they are connected, and the security implications of their configuration. We do this by creating a detailed model of their network that can be compared against best practices, compliance standards, and the customer’s intended network design (customers are almost always surprised with how different their network is from what they originally intended). Put simply, customers use us to find and correct network misconfigurations.

With data centers and networks moving to the cloud, our customers are increasingly asking us to help them find and correct cloud misconfigurations as well. They need an accurate model of their cloud environments to understand questions like how many cloud accounts they really have, what resources are in each, what security controls are in place, what is the aggregate effect of all those security controls on resource access, and are any resources inadvertently exposed to the internet. They often have a basic design for their cloud but are unsure if their implementation is consistent with their intentions. The truth is, it never is, and they need a product that can provide them with a reality check.

At RedSeal, our mission is to provide organizations with technology that allows them to understand their network, hybrid, and cloud security posture. Because cloud technology is so complex, and changing so quickly, organizations need powerful technology to understand their implementation. They need to model their environment, so they can easily spot flaws. Our tag line is “See and Secure” because you can’t secure what you don’t understand.

For more information on RedSeal Stratus, our new CSPM solution, click here.

For more information of ways that RedSeal can help avoid unintended internet exposure, check out our Solution Brief.

If you’re concerned about your EKS Security, click here.

RedSeal Launches New Cloud Security Posture Management Solution to Empower Security Teams

/by

RedSeal Stratus identifies unintended exposure to the Internet, creates a connectivity visualization of your cloud architecture, and helps you understand your Kubernetes Inventory

Building on more than a decade of award-winning cybersecurity analytics we are excited to launch RedSeal Stratus, our new Cloud Security Posture Management (CSPM) solution that stops unintended exposure of cloud resources to the Internet.

Cloud misconfigurations, which can leave resources unintentionally exposed to untrusted networks, are the major source of data breaches. To help security teams better manage the increased risk associated with increasing cloud complexity, RedSeal Stratus provides security teams with an out-of-the-box overview of Internet-exposed resources by tags, connectivity visualization between and within their Amazon Web Service (AWS) cloud resources, and inventory of AWS Elastic Kubernetes Service (EKS) resources.

While native Cloud Security Provider tools provide basic capabilities that may be sufficient for smaller cloud-first organizations, larger organizations who are probably hybrid, multi-cloud, and need advanced features should choose a third-party CSPM solution.

Current CSPM solutions simply call CSP APIs to determine if subnets are Internet-facing. For more accurate results, RedSeal Stratus identifies resources exposed to the Internet by calculating access through security control points from end-to-end.

Only RedSeal Stratus can calculate how an instance gets to the Internet, what security points it goes through, and through which ports and protocols. Other security products may show connectivity where there is traffic, using an agent-based approach, but only RedSeal Stratus can show you all connectivity possible including that without traffic–and without an agent. As a result, RedSeal Stratus is unique among native CSP and CSPM offerings by:

  • Immediately identifying exposure to the Internet, with an out-of-the-box dashboard of all resources exposed to the Internet, pre-calculated and grouped by tags
  • Providing complete and up-to-date visualization of your AWS infrastructure, including all accounts, VPCs, gateways and instances
  • Showing details of your Amazon Kubernetes (EKS) inventory to quickly identify services exposed outside your clusters, and to discover overly permissive user and service accounts

RedSeal Stratus is a cloud security solution for the modern day that provides security teams with a unified, interactive view of their AWS environments, including Kubernetes (EKS) inventory, and exposed resources that can lead to costly data breaches.

To learn more, visit www.redseal.net/stratus or Request A Demo.