Investments in the Cloud continue to grow by more than 20% per year*. Indeed, companies wants to reduce their IT infrastructure costs, increase their flexibility and better support the various functions of the company. But the security of critical data and information systems in cloud environments remains a major obstacle to Cloud adoption.
The main problems companies meet with on the Cloud are :
– Traditional security solutions (scanner, intrusion tests, FIM…) no longer fit the Cloud development rhythm
– Developers knowing and respecting cloud security best practices are few.
– The cloud user environment changes too quickly to complete all remediation.
– DevOps are not specialists in computer security.
Those new security needs have prompted software publishers to create new solutions which better suited this market, known as Cloud Workload Platform Protection.
According to Gartner, “the Cloud Workload Platform Protection (CWPP) is defined by solutions that address unique requirements of server workloads protection in modern hybrid data center architectures.”
IaaS provider solutions need to be complemented
In this dynamic environment, IaaS providers are attempting to meet this demand by providing tools to enhance the security of their users. For example, Amazon Web Services, the public cloud leader, launched solutions like AWS Trusted Advisor and AWS Inspector.
– Amazon Inspector allows to analyze the AWS user resources behaviour to identify potential security issues. Each resource can be dissociated from the others for a more precise evaluation. This one will collect a set of data (network activities, files, OS configurations …) that will be correlated, analyzed and compared with the best security practices recommended by AWS. All the potential security problems will be reassembled in order to intervene as quickly as possible.
– AWS Trusted Advisor is a solution allowing an administrator to make available Amazon Web Services resources according to the Cloud best practices in 4 categories : cost optimization, security, fault tolerance, and performance improvement. AWS Trusted Advisor compiles best practices based on the collective experiences of previous and existing AWS customers.
These solutions are necessary to add a security brick but they must be supplemented with specialized to obtain an optimal security. Indeed, some solutions can test in real-time configurations made and take on further analysis to get the cyber-attacks exposure level.
EWP and Dome9 Arc, complimentary solutions for the cloud
We have chosen to present the US Dome9 cloud security analysis solution and our 100% French Elastic Workload Protector solution. We will compare these 2 solutions on several points in a second time.
The Dome9 Arc solution is a SaaS platform of security management and regulatory compliance in the public cloud. Interfaced with AWS, Microsoft Azure, Google Cloud Platform and Alibaba Cloud, Dome9 Arc promises fast implement : the solution works without agent. Dome9 Arc monitors and evaluates security conditions, detects vulnerabilities and wrong configurations (compromised workload, vulnerabilities, open ports, …), presents results in a simple dashboard (allowing a quick reading of the situation thanks to the main indicators but also a more detailed analysis with the details of each breaches and the appropriate solution) in order to make the necessary remediation. System monitoring is done continuously and returns are made automatically if unauthorized changes are made. The solution allows a micro segmentation of the public cloud environment as well as a client systems segmentation through accounts, projects, regions, servers, cloud, … Dome9 Arc makes compliance with regulations (including PCI DSS standards) and good security practices (AWS and Microsoft Azure) its priority and adds an additional layer of security with Identity and Access Management protection (IAM).
Elastic Workload Protector
Elastic Workload Protector is a vulnerability management system for Cloud infrastructure but also for traditional and hybrid ones. The solution verifies compliance with the best security practices recommended by the Center for Internet Security, the Cloud Security Alliance and IaaS providers (AWS, Microsoft Azure, Google Cloud Platform, Openstack …). The solution works without agent. All new machines integrated into the infrastructure will automatically enter in the scope of the analyzes. Thanks to its continuous analysis system, all potential security breaches are detected and alerts are transmitted to the security team. Likewise, the integrated vulnerability scanner analyzes more than 60,000 known vulnerabilities through a daily updated database. Elastic Workload Protector can clone (patent registered) servers to be analyzed for further study without affecting servers in production. The complete and personalized reports generated after each analysis are therefore based on three safety standards: ANSSI’s computer hygiene guide, OWASP and PCI-DSS. They are aimed to leaders as well as technical teams thanks to its different levels of reading. These reports are customizable for a better comfort in the communication between the different departments of the company. Finally, the solution integrates analyses for Docker and Hadoop environments into its “Cloud Analytics”.
Elastic Workload Protector VS Dome9 Arc
We can notice some differentiating points between Dome9 Arc and Elastic Workload Protector. If the solutions goal is similar, the continuous monitoring of IT security vulnerabilities, some features and techniques differ :
Elastic Workload Protector and Dome9 Arc are 2 solutions which match with the cybersecurity market and its issues. So, the CISOs choice will be oriented by its cloud environment nature and its needs requirement.
So, Dome9 is a complete solution for business which have already migrated to a public Cloud infrastructure. It will be able to perfectly connect with IaaS provider solutions.
On the other hand, Elastic Workload Protector meets the CISOs new needs in terms of continuous security and regulatory compliance because it is compatible in hybrid environments to facilitate businesses transition to the Cloud. It is, in addition, a solution for CISOs legacy problems. Finally it incorporate a vulnerability scanner which is a major component of the Cloud Workloads Protection market, as defined by the Gartner engineering firm.
To know more about your Cloud environment security, we give you the opportunity to perform right now a free analysis of your Cloud infrastructure.
You can meet us at Cloud Expo Europe in Paris on November 15th and 16th. We are waiting for you at booth L45 to discover our cloud solution.
*2016 SPOTLIGHT REPORT