Data Theorem and AlphaSOC announced their new partnership to deliver cloud extended detection and response (XDR) with cloud infrastructure entitlement management (CIEM) features to address customer challenges around attack surface management of their cloud-native applications.
This partnership introduces combined Cloud XDR and CIEM for proactive attack surface management delivered in a leading CNAPP solution. This new combination uniquely enables organizations to protect against data exfiltration and command-and-control channels within their public and hybrid cloud environments.
“We have been working together with AlphaSOC for over a year and are excited to announce our formal partnership to deliver an industry-first attack surface management capability that combines our Cloud XDR Hacker Toolkit with their integrated CIEM functionality,” said Doug Dooley, Chief Operations Officer at Data Theorem. “This new combined offering helps customers accurately identify data exfiltration threats and limit cloud entitlement policies that attackers take advantage of to extract sensitive data. Uniquely enforcing least-privilege access control for embedded cloud services ultimately helps organizations realize additional benefits of their cloud-native application protection platforms (CNAPP).”
Traditional security tools not developed for cloud services continue to leave gaps in coverage for IT security teams. As a result of this partnership, Data Theorem’s Cloud XDR Hacker Toolkit now has advanced network-based detection insights to uncover exploited cloud resources and highlight users, groups, and policies impacted by exfiltration breaches. Customers can now conduct network threat detection analysis of potential data exfiltration breaches and limit the impact on their users, groups, and overall cloud infrastructure.
“This partnership builds on the expanding relationship and market opportunity of working together, and teaming with Data Theorem greatly expands the reach of AlphaSOC,” said Chris McNab, CEO and co-founder, AlphaSOC. “This combined solution delivers a real competitive advantage in the application security testing (AST) and CNAPP markets. As a result, customers will be able to better understand and protect the attack surfaces of their cloud-native applications.”
The AlphaSOC Analytics Engine (AE) performs deep processing of network flow, DNS query logs, and activity logs within cloud environments and escalates findings via cloud-native services – including Amazon Web Services EventBridge, Microsoft Azure Sentinel, and Google Cloud Platform Pub/Sub – to support threat hunting and security operations teams. It is a next-generation NTA product that identifies emerging threats, automates remediation responses, and solves the “patient zero” problem through prevalence scoring and active analysis.
Patient zero refers to the idea that the first victim of an attack has no idea they are compromised because their tools rely on threat intelligence of known attacks. Leveraging its patented processing stack to uncover emerging threats without relying on threat intelligence or stale indicator lists, AlphaSOC’s accuracy and reliability are setting new security standards for malicious activity detection.
Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its award-winning Analyzer Engine, which leverages a new type of dynamic and runtime analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation.
Data Theorem is one of the first vendors to provide a full stack application security analyzer that connects attack surfaces of applications starting at the client layers found in mobile and web, the network layers found in APIs, and the infrastructure layers found in cloud services.
Pricing and availability
Data Theorem’s Cloud XDR with CIEM is available today as part of Cloud Secure Enterprise Edition. Pricing starts at $15,000 USD annually.