Unveiling our Cloud Workload Protection Platform (CWPP) which defends your cloud servers in runtime against the leading cause of cyber attacks: unauthorized and malicious code
During the last two years, we have observed a significant increase in the number of cyber attacks targeting Linux servers. In 2019 alone, we published over 20 research publications related to Linux malware, the majority of these threats which were previously undetected.
While the rise in Linux and cloud-focused threats is alarming, it shouldn’t come as a surprise to many. Enterprises are increasingly shifting their biggest assets to the cloud, leaving their infrastructure exposed and more susceptible to data breaches.
We’re elated to unveil our new Cloud Workload Protection Platform (CWPP), Intezer Protect, which is based on our core Genetic Malware Analysis technology and protects your cloud workloads against the leading cause of cyber attacks: unauthorized and malicious code.
We’re excited to provide our customers with the ability to leverage Genetic Malware Analysis for not only incident response and malware analysis use cases, but now to also address one of the top concerns of organizations today: cloud security.
Throughout this post, we’ll explain how Genetic Malware Analysis revolutionizes runtime cloud protection to provide the best security solution possible, while taking into account modern, cloud-native needs such as scalability, performance, and extremely low operational overhead for security teams.
Challenges in Cloud Security
While organizations using the cloud benefit from increased efficiency, scalability, business continuity, and cost savings, among other benefits, protecting cloud servers against cyber attacks is a challenging task, even for the most experienced cybersecurity teams.
Recently, there has been an uptick in the number of cyber attacks targeting cloud servers. This is further supported by the emergence of undetected Linux threats, and the fact that Linux comprises nearly 90 percent of all cloud servers. Even among Microsoft cloud computing services, according to ZDNet, Linux has become the most popular operating system.
While cloud service providers like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) continue to expand security services to protect their evolving cloud platforms, it’s ultimately the customers’ responsibility to secure their data within these cloud environments.
According to the Cybersecurity Insiders cloud security report: 91% of organizations are concerned about cloud security, while 84% of organizations claim that traditional security solutions don’t work in the cloud, or have limited functionality.
Other cloud security challenges include:
- Security products have struggled to detect advanced threats because these solutions are based on IOCs or anomalies which can be evaded by sophisticated attacks which are designed to appear normal
- SOCs are drowning in false positive alerts and non-actionable data without sufficient context on how to prioritize and respond to incidents
- Traditional security solutions are not designed to work under the high performance and scalability requirements of cloud native and containerized infrastructure. Current agents are difficult to deploy and maintain, and the security of these products often degrades cloud performance and stability
- While the majority of security solutions are focused on protecting Windows endpoints, organizations require a solution designed to cope with modern Linux threats, not an adapted Windows technology
Most importantly, in our discussions with CISOs and cloud security professionals, security teams are becoming increasingly concerned with a lack of visibility and control into what’s running inside their cloud servers.
The key to mitigating cyber attacks is identifying the malicious code running in memory. In order for an adversary to conduct a successful cyber attack and inflict damage, such as stealing data, installing a backdoor, or deleting sensitive materials, they must run malicious code or commands on a victim’s machine. Regardless of the attack vector or surface, almost every cyber attack is the result of malicious code running.
However, we’ve noticed that organizations tend to pass on using runtime protection solutions. They typically turn to pre-runtime security vulnerability checks, likely because traditional runtime protection products struggle to work on cloud native environments.
Powered by our Malware Analysis technology, Intezer Protect continuously monitors the code running in your cloud workloads, alerting you on any unauthorized or malicious activity in real time, while making no impact to performance.
Unlike anomaly detection solutions which often flood security teams with vague and false positive alerts, Intezer Protect produces only actionable and high confidence alerts, with a clear risk classification for each threat. Not only does this require minimal to no work from the security team, but it enables them to quickly prioritize and respond to threats in their cloud infrastructure.
- Visibility and control into all applications and code running in your cloud infrastructure
- Produces only actionable and high-confidence alerts with clear risk classification
- Lightweight and designed to meet the performance needs of modern cloud and Linux production systems
- Protect your cloud infrastructure against data breaches, unauthorized code and administrative activity, exploitation of known and unknown vulnerabilities, fileless malware and APTs, and countless other cyber threats
Read our blog post How it Works to discover how this product takes into account modern, cloud-native needs such as scalability, performance, and extremely low operational overhead.
Protect your Cloud Environment Today!
During the last several months, we have tested Intezer Protect with our existing customers. Their feedback and excitement makes us confident that this solution is what CISOs and cloud security teams are looking for to secure their cloud environments.
Below are some additional resources to get you started:
Intezer offers solutions for cloud security, incident response automation, threat intelligence, and more. To get started using Genetic Malware Analysis today, contact us.