At AWS re:Invent 2015, cloud cybersecurity solutions provider CloudLock has announced its expanded Cybersecurity-as-a-Service offering for AWS Cloud. With CloudLock’s expanded security offerings, organizations will be able to address their security responsibilities in the cloud, and support IT SaaS and ISV applications that run on Amazon Web Services (AWS Cloud).
CloudLock for AWS monitors the security of AWS user accounts, enforcing policies around activities such as logins by the “root” user, logins without using multi-factor authentication (MFA), and other abnormal behavior as detected by advanced User Behavior Analytics (UBA) capabilities. CloudLock for AWS integrates with services such as AWS CloudTrail, AWS Config and AWS CloudWatch to natively sync with and protect customer workloads on AWS Cloud. For example, CloudLock for AWS can monitor sensitive activity on Amazon EC2 instances, such as ssh and sudo credential escalation.
As a cloud Cybersecurity-as-a-Service solution, CloudLock offers native API support for workloads on AWS. CloudLock’s security services are available as cybersecurity APIs, allowing organizations to embed security directly into their own applications from the start. For example, a Healthcare ISV could embed CloudLock’s content classification service into its app to monitor objects stored on Amazon Simple Storage Service (Amazon S3) buckets for HIPAA content such as PHI.
“CloudLock’s mission is to turn cloud security into a business enabler for organizations and people,” said Gil Zimmermann, CEO and co-founder at CloudLock. “With our expanded cybersecurity-as-a-service offering for AWS, we enable organizations to leverage the most advanced security controls for apps they buy off the shelf, build themselves, or sell into the marketplace for some of the most advanced PaaS and IaaS environments.”
CloudLock’s core Cybersecurity-as-a-Service capabilities would include:
- Configuration Security – CloudLock for AWS can detect changes to key configuration settings, including AWS access key creation and lifecycle, access controls, security groups and other network definitions, and password policy settings.
- Privileged Access Management – CloudLock for AWS can monitor misuse of root and IAM user accounts, and help enforce multi-factor authentication policies.
- Account Compromise and Threat Protection with User Behavior Analytics – By correlating events across multiple SaaS, IaaS, PaaS, and IDaaS platforms, CloudLock would provide insight into abnormal user activities and identifies breaches that may otherwise go undetected – all while having no impact on end users.
- Security Operations & Forensics – CloudLock would provide user activity data collection and visual forensics views to detect security breaches, reduce incident investigation times, and comply with regulations. Easily determine “who did what and when” to gather evidence and simplify investigations.
- Incident and Policy Management – CloudLock can help users track security incidents from initial discovery through resolution and manage policy details, from sensitivity to notifications and automated response actions.
- SIEM Integration – CloudLock natively connects to a number of SIEM solutions such as IBM QRadar, HP ArcSight and Splunk to tightly integrate into an organization’s existing workflow for incident resolution and risk visualization.
CloudLock for AWS is one of the core components of the CloudLock Security Fabric, a unified cloud security platform that provides centralized visibility for organizations looking in monitoring their SaaS, IaaS, and PaaS environments for Salesforce, Office 365, Google Apps, Dropbox, Box, ServiceNow, AWS or any homegrown or custom app. The expanded solution is available in AWS Marketplace immediately.