RedLock is now a part of Palo Alto Networks - READ MORE

RedLock & Barracuda Solution

Securing Public Cloud Environments Based on the NIST Cybersecurity Framework with RedLock and Barracuda

Learn More

Building a Cloud Threat Defense Strategy Based on NIST

NIST Cybersecurity Framework (CSF)

The National Institute of Standards and Technology Cybersecurity Framework provides guidance on standards, best practices, and recommendations for addressing today’s security and compliance challenges. The RedLock and Barracuda combined solution offers an industry leading solution that addresses today’s public cloud security and compliance challenges aligned to the core pillars of the NIST Cybersecurity Framework (NIST CSF), including:

IDENTIFY: RedLock continuously discovers assets and profiles applications to provide comprehensive visibility across cloud environments.

PROTECT: Barracuda’s industry-leading CloudGen WAF and CloudGen Firewall implement safeguards that ensures the protection of cloud resources and web applications.

DETECT: The solution detects a variety of risks including resource misconfigurations, malicious user activities, suspicious network traffic, host vulnerabilities or compromises, and web application security threats.

RESPOND: RedLock helps prioritize the highest risks, enables rapid investigation, and integrates with enterprise incident response tools.

Security & Compliance is a Shared Responsibility

The security of public cloud infrastructure is a shared responsibility between the cloud service provider and the organization. Specifically, organizations are responsible for monitoring resource configurations, user activities, network traffic, host vulnerabilities, and web applications. However, the dynamic nature of the cloud makes this challenging.

Resource Configurations

While the cloud enables agility by allowing users to create, modify, and destroy resources on-demand, this often occurs without any security oversight. RedLock provides hundreds of out-of-the-box policies for common security and compliance standards such as CIS, PCI, NIST, and HIPAA to monitor public cloud environments. You can rest assured that any misconfigurations of cloud resources such as publicly exposed cloud storage services will be immediately detected and remediated.

resource configuration monitoring

User Activities

In cloud environments, multiple users have privileged access which enables productivity but creates greater risk of exposure. It is imperative to monitor users across your entire AWS environment for anomalous activities. Unfortunately, the distributed nature of the cloud consisting of multiple accounts and regions makes this difficult. The RedLock Cloud 360 platform enables you to detect issues such as account compromises and insider threats in your public cloud environment. For example, a potential access key compromise will be flagged if a user is determined to be using access keys from an unknown location to perform activities that have not been observed in the past.

user monitoring

Network Traffic

The absence of a physical network boundary to the internet increases the attack surface in the cloud by orders of magnitude. Monitoring network traffic is necessary for detecting suspicious activity. The Barracuda CloudGen Firewall serves as a single point of entry for ingress and egress traffic. It provides network visibility across your environment and blocks suspicious activities. The RedLock Cloud 360 platform enables you to detect network intrusions. The platform correlates network traffic with data from your public cloud environment and third-party threat intelligence sources to identify threats. For example, an alert will be triggered if an unpatched resource accepts a connection from a suspicious IP address.

network intrusion detection

Host Vulnerabilities

As is the case in on-premise environments, unpatched hosts in cloud computing environments are also vulnerable to attack. However, public cloud environments are constantly changing and IP addresses are elastic, which makes traditional approaches to vulnerability management unreliable. The RedLock Cloud 360 platform provides the context that is necessary to be able to identify host vulnerabilities. It correlates security data from your public cloud environment with vulnerability data from third-party tools. This enables you to monitor for vulnerabilities and prioritize remediation for hosts with high-risk scores. For instance, you can monitor your environment to determine if any hosts are impacted by the Spectre and Meltdown vulnerabilities.

Host Vulnerability Detection

Web Application Attacks

The automated provisioning and tear down of applications in public cloud environments is driving the need for automated application security in order to keep pace. The Barracuda CloudGen WAF secures your applications, defends against bots and DDoS attacks, and accelerates application delivery. It also offers built-in security-automation features and leverages configuration automation which enables security to be integrated directly into the code building process. In addition, you can leverage the Barracuda Vulnerability Manager service on-demand to scan web applications for security risks.

Barracuda and RedLock - Protect against Web Application

Want to learn more?

Applications of the RedLock & Barracuda Solution

The combined solution offers organizations the ability to implement a broad Cloud Threat Defense strategy across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud environments. Learn about sample scenarios that RedLock and Barracuda can uniquely address.

RedLock & Barracuda Demo

Get a demo of Cloud Threat Defense in action with RedLock & Barracuda.

Addressing the Threat Vectors Targeting Public Cloud

Learn how to defend against the five threat vectors targeting your public cloud environment.

Get Started Today

Learn more about the problems that RedLock can help you solve or contact us for a free risk assessment of your public cloud infrastructure.

Learn More Get a Free Assessment