Symantec Enhances Managed Cloud, CASB To Protect Apps, Platforms

Symantec Tuesday unveiled Managed Cloud Defense and CloudSOC CASB offerings to provide greater protection for cloud applications and around-the-clock monitoring for cloud-based threats.

Managed Cloud Defense detects, protects and responds to issues in the cloud by correlating cloud-based attack activity with its Global Intelligence Network, according to the Mountain View, Calif.-based company. The offering also performs remote investigations, manages threat hunting, and contains cloud instances.

"We see huge demand from our customers," Vice President of Cloud Security Eric Andrews told CRN. "They're all flooding into the cloud at a fast pace, and they're trying to catch up on security."

[Related: Symantec Opens The Floodgates, Makes Its Threat Detection Tool Available To Customers For First Time]

Sponsored post

Native integration with Amazon Web Services and Microsoft Azure provides increased visibility and allows Managed Cloud Defense to monitor cloud platforms, the company said. The offering also delivers cloud user and application monitoring for shadow IT, according to Symantec, as well as remote incident investigation, containment, and threat hunting for rapid response.

S3 permission monitoring on Managed Cloud Defense, meanwhile, can help protect the storage of critical cloud-based data, Symantec said.

Pulling in telemetry from Amazon GuardDuty and CloudWatch should provide better visibility across the board and help deliver a 360-degree view around what's going on for customers, Andrews said. Meanwhile, new capabilities around automated hunting and conducting triage and investigations in virtualized environments should help customers get ahead of emerging threats, according to Andrews.

Symantec's cloud services are primarily focused on monitoring, Andrews said, making it possible for channel partners to layer their own services on top of that. All of the core Managed Cloud Defense capabilities are available to channel partners as well, according to Andrews.

Meanwhile, Symantec said its CloudSOC CASB (cloud access security broker) provides visibility, security and threat protection for any cloud application, including mobile and browser-based versions. CloudSOC also has an API offering that significantly reduces the time it takes to identify and remediate security incidents.

Provisioning CASB on mobile devices is simplified through integration with Symantec Endpoint Protection Mobile, the company said.

In addition, API integrations are available for popular apps such as Workday and Workplace by Facebook, while a fast API interface for Microsoft Office 365 and Box are intended to improve security and performance, according to Box. Investing alongside vendor partners in a fast API will enable Symantec to find and remediate account issues and security challenges much faster, Andrews said.

The offering also includes mobile app risk ratings and usage monitoring, according to Symantec, as well as a custom Gatelet to secure any homegrown or public cloud apps. Although applications such as Office 365, Box and Salesforce are well-known, Andrews said tens of thousands of other SaaS apps exist in the wild, and Symantec's Gatelet should help get them under control.

Finally, Symantec's new Cloud Workload Assurance for security posture management and Cloud Workload Protection (CWP) for Storage with Data Loss Prevention are intended to bolster infrastructure security by providing control over both cloud data and control planes.

As a result, Symantec said IT departments are now able to manage compliance and security posture as well as utilize advanced data and threat protection for AWS and Microsoft Azure. Companies can also protect all aspects of their cloud workloads and custom applications, Symantec said, as well as gain operational efficiencies and deep insight through constant monitoring and scanning.

CWP launched last year, Andrews said, and the enhancements around workload assurance, DLP and managed defense will better support organizations as they move heavier workloads into AWS and Azure.

"Cloud is very strategic to Symantec," Andrews said. "We're seeing lots of traction for this stuff."