10 Hottest Cloud Security Tools Of 2019

The 10 tools making noise in the cloud security market have emphasized the safe migration of applications and data, maintaining compliance in the public cloud, and correlating threat activity in disparate clouds.

ARTICLE TITLE HERE

Sunshine On A Cloudy Day

Read the latest entry: The 10 Hottest Cloud Security Tools and Products of 2022

id
unit-1659132512259
type
Sponsored post

Vendors have spent 2019 monitoring policies and maintaining compliance in the public cloud, facilitating the secure migration of data and applications to the cloud, and correlating threat activity and intelligence that affects cloud users.

Credential theft in the cloud has been a major area of focus in 2019, with advancements around detecting cybercriminals attempting to access businesses from Microsoft Office 365 hacked accounts. Vendors have also focused on having end users flag false positives during the incident remediation process to reduce the burden on Security Operations Center (SOC) analysts.

Six of the 10 hottest cloud security tools of 2019 came from companies based in Silicon Valley, three came from companies based abroad, and one came from a company based in Texas. Read on to learn about how vendors have gone about increasing the ease and effectiveness of safeguarding cloud applications and workloads.

Check Point CloudGuard Dome9

Check Point Software Technologies’ CloudGuard Dome9 allows organizations to visualize and assess their security posture, detect misconfigurations, model and actively enforce security best practices, and protect against identity theft and data loss in the cloud. The public cloud security and compliance orchestration software platform supports Amazon Web Services, Microsoft Azure, and Google Cloud Platform (GCP).

The product accelerates intrusion detection and enhances threat investigation in the public cloud using contextual intelligence, Check Point said. It allows businesses to visualize their security posture and enforce gold-standard policies across accounts, projects, regions and virtual networks.

With Check Point CloudGuard Dome9, organizations can ensure their public cloud infrastructure always conforms to regulatory compliance requirements and security best practices, the company said. The product also protects against identity theft by enforcing just-in-time privilege elevation for a company’s most sensitive operations in the public cloud, according to Check Point.

Forcepoint Converged Security Platform

The Forcepoint Converged Security Platform was released in February and is intended to enable the secure migration of data, applications and business operations to the cloud, according to the company. The platform makes it possible for CISOs to define, enforce and monitor policies consistently across the security stack in one place, eliminating the gaps and redundancies of managing point products.

The platform hosts a company's complete range of enterprise-class security capabilities, delivering risk-adaptive protection and seamless cloud connectivity anywhere organizations and their users are located, Forcepoint said. It allows for the application of policies that are dynamically tailored to each individual user's actions, reducing security friction and enabling businesses to innovate more rapidly.

In addition, the company said open APIs enable integrations with third-party products, extending Forcepoint's risk-adaptive protection across infrastructure while delivering security efficacy.

Fortinet FortiCloud Services

Fortinet in June expanded its partner-focused Security-as-a-Service cloud offerings to help clients streamline threat correlation by allowing them to consolidate the number of security vendors they use. The services are intended to provide partners and customers with cloud security and management capabilities that are easy to implement, easy to manage, flexible, and scalable as their business grows.

Many FortiCloud Services are available on multiple platforms such as appliance, virtual machine and cloud, allowing partners and customers to better tailor their experience to suit their needs. FortiCloud Services help partners become more operationally efficient through automation and centralized management and provide flexible business models that help partners scale with their customers’ needs.

FortiCloud Services currently supports offerings such as Fortinet’s cloud-based firewall management tools and FortiSandbox Cloud, both of which are growing rapidly. Customers looking for valuable performance extensions to their FortiGate UTM can also tap into the benefits of FortiMail SEG and FortiWeb WAF, according to the company.

Imperva Cloud Application Security

Imperva Cloud Application Security safeguards applications as they are migrated from on-premises data centers to a public cloud, the company said. Organizations can select from a cloud-based service, virtual appliance in the public cloud, or on-premises appliance to protect their applications either in the data center, or in Amazon Web Services, Microsoft Azure or Google Cloud, according to Imperva.

Imperva uses the same set of security policies and management capabilities no matter where an organization’s applications are, meaning that businesses can maintain a consistent application security posture as they migrate. The tool is also able to protect cloud applications using automated threat intelligence that detects and stops known bad actors wherever they originate, Imperva said.

With the offering, businesses can manage all their cloud applications from a single console and push common security policies across their deployment either on-premises or in the cloud. Imperva Cloud Application Security also allows firms to scale their security deployment based on demand and usage, as well as integrate native public cloud features to track the status of their web application firewall.

McAfee MVision Cloud

McAfee MVision Cloud was derived from rebranding and enhancing the capabilities of cloud access security broker Skyhigh Networks acquired in late 2017. The flexibility baked into MVision Cloud means that protection can be provided at the origination on the endpoint through a proxy using the cloud, or on an application moving to a platform such as AWS or Microsoft Azure.

Enhancements to the Skyhigh Networks platform included CASB Connect, which can be wrapped around applications moving to the public cloud so that security teams can deliver data protection in a more streamlined fashion. MVision Cloud also takes the cloud elements of data protection and hooks them together with the endpoint and network to provide more holistic security, according to McAfee.

New in 2019, McAfee MVision Cloud now enables organizations to involve end users in the incident remediation process by allowing them to provide business justification for a flagged incident or mark it as a false positive. The feature makes it possible for incidents to be auto-resolved based on end-user input, which McAfee said in turn will significantly reduce the burden on SOC analysts.

Palo Alto Networks Prisma

Prisma was released in May, and gives customers what they need to consistently govern access, protect data, and secure applications. Palo Alto Networks CEO Nikesh Arora said Prisma is the largest cloud security business in the world with 9,000 enterprise customers and a billings run rate in excess of $250 million.

Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture, blending enterprise-grade security with a globally scalable network. Prisma Public Cloud provides continuous visibility, security, and compliance monitoring across public multi-cloud deployments, correlating data and assessing risk across the cloud environment.

Prisma SaaS is a multi-mode cloud access security broker (CASB) service that safely enables SaaS application adoption by providing advanced capabilities in areas like risk discovery, adaptive access control, data loss prevention, and compliance governance. And VM-Series is the virtualized form of the Palo Alto Networks firewall that can be deployed in private and public cloud computing environments.

Proofpoint Cloud Account Defense

Proofpoint Cloud Account Defense allows organizations to detect, investigate and defend against cybercriminals attempting to access their business from Microsoft Office 365 hacked accounts. The product’s multifaceted approach helps companies detect account hacks and the activities that leverage stolen credentials, Proofpoint said.

Organizations using Proofpoint Cloud Account Defense can build their own policies to detect Office 365 account hacks and the threat arising from credential abuse by leveraging parameters like user, network, device, location and suspicious activity. The tool also allows businesses to keep a close watch on at-risk users and suspend their Office 365 accounts for suspicious activity, Proofpoint said.

And when incidents occur, Proofpoint said its drill-down graphs and reports provide fine-grained forensics details such as user, data, time, device, browser and threat. The product also make it easy to sort or filter user activity logs so that organizations can customize their analysis and reporting, according to Proofpoint.

Sophos Cloud Optix

Sophos in April unveiled a new tool that provides visibility, automatic compliance regulation, detection and threat response across multiple public cloud environments. Sophos Cloud Optix leverages artificial intelligence to highlight and mitigate threat exposure in cloud infrastructures, building upon the AI capabilities Sophos acquired from startup Avid Secure in January 2019.

A single Sophos Cloud Optix license provides support around development platforms, test QA platforms, and production platforms for up to 100 cloud assets, which can include virtual machines or Amazon S3 storage buckets, said Richard Beckett, senior product marketing manager for Sophos. Customers with large environments beyond 100 cloud assets can obtain multiple licenses, according to Beckett.

Although the live production platform gets a lot of the focus, Beckett said companies that operate in a test environment and use customer accounts within that environment need to address the weakness and organizational risk that poses. Sophos Cloud Optix licenses are available for a one-month or 12-month term, he said, and allow users to run an unlimited number of compliance checks on the platform.

Symantec Managed Cloud Defense

Symantec Managed Cloud Defense detects, protects and responds to issues in the cloud by correlating cloud-based attack activity with its Global Intelligence Network. Symantec said the offering provides around-the-clock monitoring, a unified view across hybrid environments, correlated threat intelligence, advanced analytics, native support for cloud apps and services, and real-time detection and response.

The company said Managed Cloud Defense also performs remote investigations, manages threat hunting, and contains cloud instances. Native integration with Amazon Web Services and Microsoft Azure provides increased visibility and allows Managed Cloud Defense to monitor cloud platforms, according to Symantec.

The offering also delivers cloud user and application monitoring for shadow IT, Symantec said, as well as remote incident investigation, containment and threat hunting for rapid response. S3 permission monitoring on Managed Cloud Defense, meanwhile, can help protect the storage of critical cloud-based data, Symantec said.

Trend Micro Deep Security

Trend Micro Deep Security detects and protects against vulnerabilities, malware and unauthorized changes with broad hybrid cloud security capabilities for a mixed environment of virtual, physical, cloud and containers. The product can automatically protect new and existing workloads against unknown threats with techniques like machine learning and virtual patching, Trend Micro said.

Deep Security delivers timely protection from attacks by leveraging the latest in global threat intelligence, providing continuously updated global threat data as well as threat surveillance. And a complete set of workload security capabilities protects cloud-native applications, platforms, and data in any environment with a single agent, according to Trend Micro.

The product can protect sensitive enterprise workloads without forcing organizations to set up and maintain their own security infrastructure, Trend Micro said. And Trend Micro Deep Security accelerates and maintains compliance for hybrid and multi-cloud environments, the company said, streamlining audit evidence gathering and enabling continuous compliance.