Radware, a leading provider of cyber security and application delivery solutions, launches its Cloud Workload Protection (CWP) Service. Radware’s Cloud Workload Protection Service secures customers’ cloud-based assets from data breaches, account compromise, and resource exploitation.
As organizations increasingly migrate their computing workloads to publicly hosted clouds, IT and security administrators face new challenges. Cloud environments make it easy to spin up new resources and grant wide-ranging permissions that can potentially be abused. Such misuse often leads to cloud-native risks to public cloud services, namely data breaches, account compromise, and resource exploitation.
Initially available for Amazon’s AWS platform, Radware designed its Cloud Workload Protection service to help customers safeguard their role in cloud providers’ ‘shared responsibility model.’ Radware’s service uniquely addresses cloud security posture, detection of cloud native attacks, and consequent/respective actionable insights.
“Public cloud environments make it very easy to grant extensive permissions and very difficult to keep track of them. What is frequently mis-characterized as ‘misconfigurations’ is actually the result of permission misuse or abuse,” said Dr. David Aviv, Radware Chief Technology Officer. “We specifically designed Radware’s Cloud Workload Protection Service to offer extensive protection against the broader public cloud attack surfaces and new cloud-native risks.”
Radware’s early deployment has already proven invaluable to its customers. Amir Arama, Sr. Director of Engineering Operations at Perion said, “Radware’s Cloud Workload Protection service has helped Perion to identify threats in real time without the noise of false alerts. It has been excellent in exposing misconfigurations and potential risks and thus very helpful in both detection and prevention.”
Radware’s service takes a unique and different approach from traditional workload defenses. To reduce attack surfaces, Radware’s Cloud Workload Protection service addresses the core problem of excessive permissions and exposed assets. It analyzes the gap between granted and user permissions, and applying the ‘principle of least privilege,’ to offer smart hardening recommendations, thereby reducing the organization’s attack surface which can be exploited.
Radware provides a robust detection engine based on advanced machine-learning algorithms that identifies potentially malicious activity within cloud accounts. Radware then correlates individual alerts into streamlined attack storylines, which show the step-by-step attack progression. This way, Radware maps-out hackers’ attack kill-chain, and helps block data theft attempts before they result in a breach.
The addition of Cloud Workload Protection makes Radware the leading security vendor to provide a full-stack protection of applications hosted on public clouds, covering both the perimeter (WAF, DDoS, SSL, bot management, and threat intelligence) as well as the internal cloud workload and cloud data (workload protection).