RedLock is now a part of Palo Alto Networks - READ MORE

Host Security

Detect host vulnerabilities and compromises across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud environments

Effective Host Security Requires Context

Hosts in public cloud environments are just as vulnerable to attack as those in on-premise environments, and the impact can be devastating. It is imperative for organizations to keep up with host vulnerability management as well as monitor hosts for signs of compromise. However, there are several challenges in achieving this:

Dynamic Environment

Standalone vulnerability management tools perform periodic scans of an environment to identify hosts with missing patches based on IP addresses. However, public cloud environments are constantly changing and IP addresses are elastic, which makes the results unreliable. Data from existing vulnerability management tools must be combined with real-time context on your environment to be effective.

Lack of Context

Host activity data by itself does not provide the full context required to assess the severity of a threat since cloud environments are constantly changing. It must correlate with other data from the cloud environment and threat intelligence sources to assess true risk.

RedLock Enables Host Security

The RedLock Cloud 360™ platform provides the necessary context on risks by using AI to correlating host activity and host vulnerability data with resource configurations, user activities, network traffic, and threat intelligence. This enables it to further refine risk models and surface, investigate, and respond to threats in your public cloud environment.

Vulnerability Management

The RedLock Cloud 360 platform provides the context that is necessary to be able to identify risks such as host vulnerabilities. It correlates security data from your public cloud environment with vulnerability data from best-of-breed third party tools. This enables you to monitor for vulnerabilities and prioritize remediation for resources with high risk scores. You can also search for vulnerabilities across your entire environment in minutes based on severity, CVE IDs (Common Vulnerabilities and Exposures), and other attributes. For instance, you can run a query in a matter of minutes to determine if any hosts running sensitive applications in your environment are impacted by the Spectre and Meltdown vulnerabilities.

Application Profiling & Vulnerability Management

Compromise Detection

The platform ingests host data such as Amazon GuardDuty findings to enrich existing risk models. This refines your ability to surface, investigate, and respond to threats in your public cloud environment. For example, the platform identifies a database that is exposed to the internet and receiving traffic from suspicious IPs. Separately, the host data reveals port scan and SSH brute force attempts against this database. Correlating these insights suggests that this is a high severity threat and merits immediate action.

GuardDuty

Want to learn more?

Managing Host Vulnerabilities

Enable deeper visibility into and timely remediation of host and container vulnerabilities across your AWS, Azure, and Google Cloud environments.

RedLock Cloud 360 Demo

Get a demo of the RedLock Cloud 360 platform.

Cloud Threat Defense

Learn how the RedLock Cloud 360 platform enables comprehensive Cloud Threat Defense.

Get Started Today

Learn more about the problems that RedLock can help you solve or contact us for a free risk assessment of your public cloud infrastructure.

Learn More Get a Free Assessment