Today is a great day. Huge, in fact. Today Sophos improved security for everyone running workloads on public cloud environments. And we included it in the single Cloud Optix license.
Improving security for anyone running workloads on public cloud
Managing user roles, permissions, and role-based access to AWS services is an enormous challenge. The scale and interwoven nature of individual and group access to services means that organizations often a) simply can’t accurately see how their services can be accessed, and b) don’t proactively manage it – creating an endless loop to a).
And here’s the obvious punch line – attackers will exploit that gap in security. We saw this happen in a recent high-profile public cloud attack that exploited overprivileged user access to access 40,000 Social Security numbers and 80,000 bank account numbers.
Breakthrough in IAM visualization
Sophos wasn’t recognized as winner among the most advanced cloud technology players for nothing. Cloud Optix IAM Visualization is a breakthrough for organizations managing infrastructure on AWS. It enables customers to easily visualize the relationships between IAM roles, IAM users, and services.
This innovative and differentiated new feature will allow customers to identify high risk users who have access to multiple services they rarely or never need. It helps answer questions like: Which IAM users in my AWS account have access to the S3 service, which might contain sensitive data? Which EC2 server instances can access the RDS service – your customer database? And much more. This helps organizations reduce their attack surface in the cloud dramatically.
Addressing a range of new threats
The latest security enhancements to Sophos Cloud Optix go even further to provide more depth than ever.
Detecting AWS, Azure, and GCP spend anomalies
Sophos Cloud Optix security-focused spend monitoring now makes daily and monthly cloud spend monitoring a breeze, identifying unusual activity indicative of abuse such as cryptojacking in AWS, Azure, and GCP cloud accounts. It highlights top services contributing to spend, allowing for faster decisions on whether increased spend equals malicious activity, and providing customizable spend threshold alerts for visibility.
Extending container security with Amazon EKS – Managed Kubernetes Service
As organizations look to expand in the cloud and take advantage of cloud-native workloads such as containers, they should be aware of the techniques used by cybercriminals to targeted hidden gaps in security responsibilities and misconfigurations.
Cloud Optix has provided automatic discovery of an organization’s assets across AWS, Microsoft Azure and Google Cloud Platform, and Infrastructure as Code environments for some time and added support for Native Kubernetes and Google’s managed Kubernetes Engine (GKE) in late 2019.
And now support for Amazon’s managed Elastic Kubernetes Service (EKS) has landed. Azure AKS managed Kubernetes service is hot on its heels and coming soon.
Amazon EKS nodes are now included in the topology visualization, as well as real-time inventory views of clusters, node groups, nodes, pods, containers, services, and more, while also enabling organizations to perform additional security benchmark checks on these container environments.
Full details are available in Sophos Community release notes.
In addition to the headline updates, today’s Cloud Optix release is packed with several new features to increase security and compliance of customer environments:
- Sophos Cloud Optix has been certified by Center for Internet Security (CIS) to accurately assess AWS and GCP system conformance with the security recommendations of the CIS Benchmark profile. By certifying Cloud Optix with CIS, Sophos has demonstrated its commitment to actively solve the foundational problem of ensuring secure standard configurations are used by customers. CIS Certified Security Software Products demonstrate a strong commitment to provide customers with the ability to ensure their assets are secured according to consensus-based best practice standards.
- Superior public cloud traffic analysis, helping organizations to analyze outbound traffic anomalies with visibility of destination IP addresses including ISP, organization, country, and region. Watch the video.
- Azure VM Scale Sets inventory, enabling customers to see that hosts are part of Scale Sets, and filter to see hosts within a specific VM Scale Set.
- Add AWS environments using AWS CloudFormation (in preview) as an alternative to running a script using the AWS CLI, or Terraform.
Get the latest marketing assets and share the goodness with your customers and prospects
Sophos Cloud Optix is the ideal solution for organizations using or moving to the public cloud, providing organizations with the continuous analysis and visibility needed to detect, respond, and prevent security and compliance risks that could leave them exposed. Re-brand the latest Cloud Optix partner campaign – now available from the Sophos Partner Portal.
Please note: Many of the links above require access to the Sophos Partner Portal, which is available only to Sophos Partners. If you are a registered partner and have trouble logging in, please contact firstname.lastname@example.org.
In some cases, if you are not logged in, the direct links given may not work. If so, verify you are logged in to the Partner Portal and then click the link again to view the desired page.