TrueFort Cloud detects security issues and blocks malicious workload activity

TrueFort announced TrueFort Cloud, which makes application-intelligent workload protection, service account analytics, and microsegmentation accessible to customers in one day, compared to competitive approaches that take weeks.

TrueFort Cloud

The TrueFort Cloud service is hosted on AWS, and supports both cloud and hybrid cloud/on-premises deployment architectures.

“As organizations increasingly host critical applications in cloud environments, they need ways to efficiently manage security risk,” said Melinda Marks, Senior Analyst at Enterprise Strategy Group, Inc. (ESG). “By monitoring workloads and understanding the communications between the applications and related resources, TrueFort helps customers detect security issues and efficiently take the needed actions to protect their workloads and assets.”

Shining a light on service accounts

Although service accounts pose great risk to organizations, they are very rarely reset or retired, out of concern that changes will cause an outage. These sensitive accounts are often highly privileged, and if compromised, allow attackers to move laterally throughout the environment undetected. Meanwhile, endpoint detection and response (EDR) and user/entity behavior analytics (UEBA) solutions provide service account metrics, but lack visibility into local activity by the applications that use them.

TrueFort identifies, monitors, and learns trusted connection patterns of workloads, applications, and service accounts, and can easily absorb EDR agent telemetry to provide insight into active, inactive, and rogue accounts. With TrueFort Service Account Analytics, customers can detect and prevent lateral movement by attackers and malicious insiders.

“The combination of cloud migration and modernization has made applications and workloads an increasingly popular target for attackers, since most security tools cannot detect when they have been compromised and are exhibiting suspicious behavior,” said Nazario Parsacala, CTO of TrueFort. “We continuously analyze workloads in real time and profile their activity against approved and acceptable baselines to detect risky and anomalous behavior, and protect assets by enforcing legitimate service account behavior.”

Workload segmentation to isolate compromise

Workload and application communications have increased in complexity due to the evolution of microservices-based architectures, which are virtually impossible to document since they continuously evolve and change. In these environments, enforcing network-based microsegmentation policies on firewalls or other hardware solutions is not viable. In contrast, TrueFort provides Zero Trust workload microsegmentation to protect business critical assets.

TrueFort moves segmentation to the workload by enforcing policies based on profiles that understand network, identity, process, and application behavior rather than relying heavily on IP or port data. By implementing policy enforcement on workloads, TrueFort detects and blocks lateral movement and supply chain attacks that evade network-based segmentation. TrueFort also discovers and maps the environment for intra-application dependencies, workloads, and data flows to reduce an organization’s attack surface. Finally, TrueFort uses a trusted baseline of acceptable behavior to reduce lateral movement and block malicious workload activity.

Availability

TrueFort Cloud is available immediately from TrueFort and its business partners worldwide.

More about

Don't miss