Sophos has recently unveiled advancements to Sophos Cloud Optix that automate and simplify the detection and response of cloud security vulnerabilities and misconfigurations to reduce risk exposure.
Cloud Optix is easily managed on the unified cloud-based Sophos Central platform alongside Sophos’ entire portfolio of next-generation cybersecurity solutions – including Sophos’ endpoint, network, mobile, Wi-Fi, email and encryption products. Real-time information sharing and threat response on Sophos Central empowers organizations to improve threat detection and response times, simplify investigations and minimize threat impact.
Cloud Optix answers a critical market need for cloud security through unmatched visibility into risky blind spots. Using artificial intelligence to automate the detection of cloud architecture vulnerabilities and misconfigurations, security teams gain complete visibility into everything they have in the cloud as well as the ability to respond and remediate security risks in minutes. Available in AWS Marketplace, Cloud Optix provides automatic discovery of an organization’s assets across Amazon Web Services (AWS) and multi-cloud environments.
Showcased at AWS re:Invent 2019 booth #1032, innovative new features and capabilities:
- Accelerate threat investigation: Cloud Optix transforms the visualization of AWS infrastructure, so organizations can identify and eliminate hidden security threats. Cloud Optix now extends support for the newly launched Amazon Detective with interactive and intuitive data about potential threats, such as failed login attempts and suspicious API calls across AWS workloads
- Identify Kubernetes security vulnerabilities: Amazon Elastic Kubernetes Service (Amazon EKS) clusters and native Kubernetes deployments are now tracked by Cloud Optix, providing comprehensive inventory and visualization of clusters, nodes, node pools, pods, containers and more; New security benchmark checks enable organizations to continuously assess the security posture of their container orchestration platform
- Detect cloud spend abnormalities: New security-focused cloud spends monitoring capabilities flag unexpected abnormalities potentially indicative of abuse, so organizations can take action. Cloud Optix monitors daily cloud spend and identifies unusual activity, highlighting top environments and services by spending with customizable spend threshold alerts
- Detect unintended public or cross-account access: Integration with the new AWS Identity and Access Management (IAM) Access Analyzer provides detail and context needed to quickly determine whether resource policies have been misconfigured to allow unintended public or cross-account access
- Secure cloud traffic: Extending security to the network, Sophos UTM support for the new Amazon Virtual Private Cloud (VPC) Ingress Routing, ensures traffic flowing in and out of VPCs and other virtual appliances is secure. With the new ability to restrict north-south traffic, Sophos provides an added layer of protection to secure cloud infrastructure
Also at AWS re:Invent 2019, Sophos will lead a session on building security solutions using the Amazon Elasticsearch Service. Taking place Wednesday, Dec. 4, from 5:30-6:30 pm PST, Sophos Distinguished Cloud Engineer Key Vaidya and Senior Director of MDR Platforms Dennis Griffin will share best practices on designing for scale based on their experiences developing a security monitoring and alerting system leveraging Amazon Elasticsearch Service and other components.