Credit to Author: Rich Beckett| Date: Thu, 20 May 2021 13:00:45 +0000
When it comes to attacks that target public cloud data, files, and web applications, 66% take advantage of misconfigurations.
Multiple users being able to create and configure cloud-based storage, databases, and server instances – even with your security team’s visibility – can wreak havoc on the confidentiality of your data.
Sophos Cloud Workload Protection now makes it easy to give your cloud assets a seat at the security table. And best of all: there’s no additional budget needed.
It gives you critical insights into your wider cloud environment across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), including security groups, hosts, shared storage, databases, serverless, containers, and more.
Expansion of Sophos Cloud Workload Protection
This release brings an exciting expansion to Sophos Cloud Workload Protection that sees Intercept X Advanced for Server incorporate Cloud Security Posture Management with new Sophos Cloud Optix Standard capabilities at no additional cost.
Cloud Optix Standard identifies and risk-profiles cloud workload security configuration issues, suspicious access events, and unusual network traffic vulnerabilities that impact your security posture. It provides contextual alerts that group affected resources with detailed remediation steps, ensuring that your team can respond faster than ever before.
All Cloud Optix customers in Sophos Central now also benefit from a new seamless integration with Intercept X Advanced for Server that automatically removes servers from the Central Admin console when cloud server instances are terminated in AWS and Azure environments.*
See and secure your complete cloud environment
Automated scans detect any insecure deployments by mapping their configurations to Center for Internet Security (CIS) benchmarks. These are community built, maintained, and supported cloud security best practices targeted at helping your organization prioritize your defenses based on what attackers are doing.
And Cloud Optix doesn’t stop there. You’ll also get at-a-glance risk prioritization of alerts with guided recommendations about how to fix potential issues. This helps maximize your resources by addressing any skills shortages you might have.
Artificial intelligence tracks normal behavior patterns, looking for any suspicious activity such as anomalous traffic patterns or unusual login attempts to cloud accounts. Issues are then flagged and prioritized by risk level if they require manual intervention.
Here’s the full list of what’s available:
- Cloud Asset Inventory – View a detailed inventory of your entire cloud infrastructure (e.g. IAM roles, security groups, shared storage, databases, serverless, containers and more), eliminating the need for time-consuming manual collation across AWS, Azure, and GCP.
- Access and Traffic Anomaly Detection – Unusual login attempts and suspicious traffic patterns are automatically detected, and teams alerted.
- Security Scans – Daily and on-demand scans monitor your cloud environment to ensure ongoing security health. Alerts are automatically prioritized by risk level, while guided response provides detailed information and instructions to resolve issues.
- Security Best Practice – Detect when cloud accounts and the configuration of deployed resources do not align to security best practices with Center for Internet Security (CIS) benchmark policies, helping keep security posture at its best.
- Alert Management Integrations – receive email notifications when manual intervention is required.
Get started with powerful visibility and protection
This exciting new cloud functionality is available to all Intercept X Advanced for Server term license customers at no additional cost. Log into your Sophos Central console, select Cloud Optix, and you can get started right away.
Current customers using Sophos Central that would like to try out this new functionality can start a trial from within the Sophos Central console.
If you don’t have a Sophos Central account, you can register for a trial on Sophos.com.
Intercept X Advanced for Server gives organizations unparalleled visibility and protection across cloud, on-premises, and virtual estates.
Cloud Optix shines a spotlight on complete cloud environments, showing what’s there, what needs securing, and making sure that everything stays safe and secure.
*Requires Intercept X Advanced for Server term license