At RSA Conference 2022, RedSeal launched RedSeal Stratus, a Cloud Native Application Protection Platform (CNAPP) solution. The new solution gives security professionals a ‘blueprint map’ of their enterprise cloud to allow them to accurately identify where and how their business-critical resources are exposed to the Internet.
Stratus provides a singular view of an organizations cloud infrastructure, either Amazon AWS or Microsoft Azure or both, by creating a comprehensive visualization of connectivity within and between clouds using an agent-less API driven approach.
Fast analysis allows quick action
Stratus evaluates policies in cloud gateways, 3rd party firewalls, subnets (NACL policies) and instances (security group policies) with full attack path analysis to calculate unintended exposure and quickly begin remediation steps to prevent ransomware attacks and data breaches.
RedSeal’s patented discovery algorithm creates a dynamic visualization of the connectivity and hierarchical relationship between cloud resources and provides:
- Exposure trend analysis for AWS and/or Azure in a single view
- Exposure information organized by AWS accounts, Azure subscriptions, tags, and security groups
- A detailed visualization of precisely how critical resources are exposed to the Internet
- The drill-down details of each control and policy at all security checkpoints
Bryan Barney, Chief Executive Officer at RedSeal, commented: “Public cloud models do not have clear perimeters making it a very different reality compared to on-premise security. It has become a large and highly desirable attack surface for online criminals who will quickly exploit poorly secured cloud ports.”
He continued: “Cloud infrastructures can contain thousands of different resources and organizations can quickly lose track of where their critical assets are located and how they are connected and secured. Stratus is designed to help our customers see and secure their entire multi cloud environment. It gives security teams a centrally and continuously monitored and updated view of their cloud resources, making it easy to spot compliance gaps or respond quickly to breaches or unintended exposure to the internet.”