One of the biggest challenges businesses face today is supporting an increasingly mobile workforce and agile lines of business. This has lead them to migrate traditional business operations into the cloud, and with that, a new journey into the unknown. Whether they start lifting-and-shifting individual servers from data centers into cloud providers, move to using software-as-a-service solutions for HR, travel, and other business apps, or begin developing new apps on cloud, they are quickly learning there is a right way and a wrong way to do it.
What they don’t know is what that right way looks like. Customers have long turned to FireEye as a trusted advisor to address common cloud security issues as they evaluate and plan for cloud migrations. Today, we formalized our cloud advisory service by launching the Mandiant Cloud Security Assessment service which helps organizations evaluate and harden security in cloud platforms, including office suites such as Microsoft Office 365.
Our customers have also relied on our cloud security product suite, and in the past few years they’ve learned that solutions such as FireEye Helix can help make sense of cloud and software-as-a-service environments. As business systems change, they’ve grown to find new ways to take advantage of FireEye’s expert file analysis capabilities to inspect cloud storage with FireEye Detection On Demand. They’ve learned that the number one way attackers get into cloud environments is through advanced phishing techniques, and they depend on FireEye to keep cloud access from falling into the wrong hands.
However, even with all of that, they still faced more fundamental cloud security problems. These include ensuring that their cloud networks are setup with least-privilege access to avoid accidental gaps in protection, fulfilling audit requirements, understanding how newer solutions like containers can be deployed, and most of all, gaining visibility across multiple cloud providers.
Today, FireEye announced the acquisition of Cloudvisory, an innovator in cloud visibility, security, and policy management. By joining forces with cloud security startup Cloudvisory, FireEye places the capstone on its suite of cloud security solutions. Customers can now find answers to their cloud problems under one trusted umbrella, no longer needing to turn to an ad-hoc collection of random tools in order to defend against the advanced threats of adversaries and imposition of auditors.
Cloudvisory gives our customers the ability to actively auto-discover cloud assets to map their policies and relationships in Amazon AWS, Microsoft Azure, or Google Cloud. It also extends to private clouds running on-premise versions of Kubernetes or OpenStack. It provides a visibility framework for understanding the infrastructure intricacies, finds areas of concern, and incorporates a push-button remediation solution that aligns with enterprise change management procedures.
A highlight of this ability is the concept of micro-segmentation. This is best explained as the ability to automatically divine and test the least-privilege network access policies for a given asset. It does this by observing network activity and then uses that information to predict the outcome to a change in network access policy.
It can even perform this feat on the network traffic between containers in a Kubernetes or OpenStack environment using native data plane access that won’t slow down or interfere with the infrastructure. As the use of containers proliferates throughout enterprises, security teams have struggled to overcome the blind spot and maintain visibility and control over the interactions between containers.
Even when security teams are successful at defending their environment, their job is not done: They must prove it to auditors. With the addition of Cloudvisory, FireEye can now make this once-dreaded job of compliance reporting simple and automated with built-in reports for many different audit types, such as CIS benchmarks. With this burden lifted, a security team can devote more time to the activities critical to defending their environments.
The addition of Cloudvisory fits the previous FireEye Security Suite like a missing puzzle piece, complementing its detection capabilities with additional visibility, reporting, and active policy enforcement tools for the cloud-enabled enterprise.