Obtain comprehensive visibility into assets across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud environments
Organizations are embracing public cloud computing due to the increased flexibility as well as the cost reduction benefits that it affords them. However, security teams often struggle to keep track of assets and accurately identify risks in these dynamic environments. The following challenges exist for accurately inventorying assets in public cloud environments:
The ephemeral nature of cloud resources makes it challenging to keep track of assets in constantly changing environments. Our research shows that the average lifespan of a cloud resource is 2 hours and 7 minutes. As such, assets must be automatically detected and identified as soon as they are created or destroyed.
Many organizations have fragmented cloud environments that consist of multiple cloud accounts, multiple regions, and multiple cloud service providers. This leads to siloed visibility into assets. Central visibility of all assets across your entire environment is necessary to effectively address risks.
The ease of creating, modifying, and scaling cloud resources by privileged users without oversight often leads to poor tagging practices. As a result, security teams cannot rely on tags to accurately identify assets and applications. Assets and applications must be automatically identified using AI to correlate configurations with network activity.
The RedLock Cloud 360™ platform applies AI to continuously correlate disparate data sets including resource configurations, user activities, network traffic, host vulnerabilities/activities, and threat intelligence. This context enables the platform to identify the types of resources and applications across your entire environment, providing you with comprehensive visibility.
The RedLock Cloud 360 automatically discovers cloud resources as soon as they are created or terminated. This provides you with visibility into the volume and types of resources (virtual machines, load balancers, security groups, users, etc) across multiple cloud accounts and regions in a single pane of glass. Having an understanding of your environment enables you to implement more granular policies and reduce risk.
The platform profiles applications to provide context about the host so that you can more accurately assess risk. For example, it can discover when a virtual machine is instantiated and identify that it is a database running MongoDB software. In the event that a new MongoDB vulnerability is identified, all instances can be immediately located and patched.
The platform not only identifies assets at any given point in time, but also maintains a complete historical changelog for all assets. This is particularly valuable in public cloud environments since they are constantly changing. In addition, it correlates that information with user activity logs to identify the developer who made the specific changes. This enables you to better understand the root cause of an incident and respond quickly.