Cloud threat detection vendor Skyhawk Security has released a platform designed to combat alert fatigue that provides cloud detection and response (CDR) across multi-cloud environments, the company said in a statement Tuesday. According to the company, synthesis platform is released on a “freemium” basis. The base version is available for free, but additional features can be purchased.
Skyhawk says the platform uses machine learning (ML) to find correlated sequences of high-priority runtime events to identify the path of least resistance that can be exploited to compromise cloud infrastructure. It claims to improve its product focused on identifying numerous static cloud security misconfigurations.
Discover potential cloud security risks
“Managing a cloud posture is a big challenge, but cloud security and SOC teams are overwhelmed trying to analyze and respond to the thousands of alerts brought in by current cloud security solutions,” says Skyhawk. CEO Chen Burshan said in a statement. “Our approach is unique because we discover potential risks and monitor the full runtime of dynamic threats within our cloud infrastructure to identify and stop real-world attacks. ”
citing recent University of Oxford study This suggests that 99% of alerts are false positives, and the company says the product suffers from “alert fatigue” and inefficiency that can result from investigating non-threatening events and alerts. He said he thought it would help him deal with it. The platform is designed to identify runtime threats as they occur, combining inventory awareness and least resistance paths with behavioral analytics to increase awareness of real-world alerts. Synthesis displays the results in the CDR Runtime Hub.
Skyhawk said: “His recent Uber breach, for example, illustrates the enormous cost of his security in the mismanaged cloud, resulting in the exposure of the personal information of 77,000 employees.”
CSPM is a “baseline function”
In addition to CDR, the platform includes Cloud Infrastructure Entitlement Management (CIEM), Identity Threat Detection and Response (ITDR), and Advanced Cloud Security Posture Management (CSPM). The company considers his CSPM a “baseline feature”, so the basic version of Synthesis is available for free.
Chen told the CSO that the platform has undergone a soft launch and is now “used by dozens of customers to secure their clouds,” with full public access starting on Tuesday.
The free CSPM version gives users access to visibility, posture management and enforcement, compliance and governance reports across AWS, Azure, and GCP clouds, and allows them to manage up to 1,000 assets. It also includes Slack channel support and guided installation. Enterprise subscribers get these features plus threat detection, attack simulation, threat response, cloud infrastructure entitlement management, least privilege recommendations, unused privilege alerts, integration with Slack and Jira is available. The free version’s cloud locations are limited to the US, UK, EU, Israel, Japan, and Australia, while the full version allows unlimited geographic access.
Improve your security posture
“Even if the cloud architecture is 100% compliant and 100% correctly configured, these environments can still be compromised,” the company said. “Skyhawk Security not only improves our security posture, but also allows our SOC teams to focus on the events that pose the real threat to our organization.”
Our freemium CSPM solution includes posture management and enforcement, compliance reporting, and governance enforcement for up to 1,000 assets.
Copyright © 2023 IDG Communications, Inc.
