Today we announced our intent to acquire RedLock, a cloud threat defense company whose technology will add comprehensive asset discovery and automated threat detection and remediation to our public cloud security offering. As a result, SecOps and DevOps teams will get the strength of leading compliance capabilities and cloud analytics from one source: Palo Alto Networks.
Pain points in the public cloud
Talk to enough organizations migrating to public cloud and you start to hear some familiar stories:
We are solving many of these common challenges today, and expect that by early next year we will deliver a combined offering that will include the deep cloud security and compliance monitoring capabilities from Evident and RedLock’s security analytics and advanced threat detection capabilities.
RedLock captures detailed events from multiple public cloud platforms to identify and remediate threats. This enables RedLock to correlate resource configurations, network traffic, and third-party feeds to identify threats and vulnerabilities as well as identify compromised accounts and insider threats by analyzing user behavior. Remediation is then automated by integrating with existing incident response workflows.
What does that look like in the real world? Say, for example, that a developer accidentally leaks cloud access keys on a well-known forum such as Github, and that as a result of this, a hacker attempts to login to the cloud environment using those keys. RedLock’s fast analytics detect that the key is being used in an unusual location to perform an unusual activity – and immediately alerts the SOC team, with a full history of all activities associated with that key.
As another example, say a user creates a security group within an organization, but accidentally leaves it open. RedLock will discover it, see that it is associated with a VM running MongoDB, and determine that the database is receiving Internet traffic from a known malicious IP address. What happens next is the database is automatically moved to a private security group – remediating the risk.
Combining Palo Alto Networks, Evident and RedLock means we can provide the most robust security offering for the public cloud, including the following:
We’re excited to add RedLock’s technology to our cloud security offering and also welcome to Palo Alto Networks a very talented team with a deep bench of cloud expertise. We expect to begin integration immediately after the acquisition’s close.
Hear what RedLock co-founder Varun Badhwar and Palo Alto Networks Chief Product Officer Lee Klarich have to say in this video:
For more information, visit our announcement webpage.