New Cloud Optix offering aids security, compliance in public and hybrid environments
Network and endpoint security vendor Sophos this week launched a new, agentless solution for detecting assets and automating compliance and response in cloud infrastructures. The new Sophos Cloud Optix aims to provide a better way to highlight and mitigate threat exposure in public and hybrid environments while simultaneously reducing security team workloads through automation and intelligent alert management.
The Lowdown: Sophos Cloud Optix rolls in cloud behavioral and statistical analysis of configurations and network activity powered by technology Sophos acquired when it bought the AI-focused vendor Avid Security in January.
The Details: Key features in Sophos Cloud Optix include:
>Automatic discovery of an organization’s assets across Amazon AWS, Microsoft Azure, and Google Cloud Platform environments via a single console.
>Automated compliance and change management features that continually update relevant regulations, best practices, and policies in near real time.
>Agentless behavioral monitoring and analytics that detect risky resource configurations and suspicious network behavior with smart alerts and optional automatic risk remediation.
Background: Highlighting the importance of visibility and control of cloud assets, Sophos this week also released the results of a honeypot study it performed across ten AWS data centers worldwide. In the study, more than five million attacks were attempted on the network of honeypots in a 30-day period, demonstrating how hackers are automatically scanning for weak open cloud buckets.
In one case, criminals attacked a cloud server honeypot in Sao Paulo, Brazil, just 52 seconds after it went live. On average, cloud servers in the study were hit with 13 attempted attacks per minute, per honeypot.
The Buzz: “Instead of inundating security teams with a massive number of undifferentiated alerts, Sophos Cloud Optix significantly minimizes alert fatigue by identifying what is truly meaningful and actionable,” said Sophos CISO Ross McKerchar. “In addition, with visibility into cloud assets and workloads, IT security can have a far more accurate picture of their security posture that allows them to prioritize and proactively remediate the issues flagged in Sophos Cloud Optix.”
“Our goal is to provide the most comprehensive and highly effective cyber security services to all of our clients. Whether in technology, manufacturing, or utilities, our customers want to maximize their investments and protect their data in the cloud,” said Rajeev Khanolkar, president and CEO of SecurView, a Sophos partner in Edison, N.J. “The partnership with Sophos and the ability to offer Sophos Cloud Optix is important to us because it allows us to provide continuous compliance coupled with intelligent cloud visibility and immediate threat response. With Cloud Optix, our growing customer base will have the opportunity to solve the toughest challenges in cloud security.”
On the honeypot study, Matthew Boddy, security specialist at Sophos, said the speed and scale of the aggressive attacks researchers captured “shows how relentlessly persistent cybercriminals are and indicates they are using botnets to target an organization’s cloud platforms. In some instances, it may be a human attacker, but regardless, companies need a security strategy to protect what they are putting into the cloud.
“The issue of visibility and security in cloud platforms is a big business challenge, and with increased migration to the cloud, we see this continuing,” Boddy added.