WithSecure releases Cloud Security Posture Management to identify insecure cloud configurations

WithSecure has released Cloud Security Posture Management, a new module for its WithSecure Elements security platform, that identifies insecure cloud configurations attackers use to compromise networks.

It’s now become commonplace for organizations to incorporate cloud-based infrastructure-as-a-service (IaaS) offerings into their IT estates. This transformation has many benefits, but also new challenges, particularly in relation to security.

These challenges include the rapid development of IaaS platforms, a scarcity of professionals with cloud security skills and experience, different regulatory considerations, and overall complexity. The fact that many companies use multiple public cloud providers simultaneously only adds to the difficulties in securing such infrastructure.

“The task of securing cloud infrastructure is very hard for several reasons. The cloud typically provides a layer of abstraction compared with traditional infrastructure, meaning that both traditional and could-specific security concerns apply. For many customers, it is very confusing to understand which aspects of security are delivered by the cloud provider and which is the sole responsibility of the user,” said WithSecure Head of Product Management Leszek Tasiemski.

The challenges can add up to significant security problems. A 2022 WithSecure survey found that nearly 34% of companies detected non-misconfiguration vulnerabilities and 24% detected misconfigurations impacting their cloud platforms in the previous 12 months.

“There are sometimes vulnerabilities in the cloud layer, like Amazon’s IMDSv1. And cyber criminals do their homework. It’s becoming more common for these configuration errors to be successfully attacked by adversaries in the kind of incidents you hear about in the news,” added Tasiemski.

The module is intended to manage risks related to vulnerabilities and misconfigurations in popular cloud-based IaaS platforms. Support for both AWS and Microsoft Azure is provided from the very beginning.

Specific benefits include:

• Cloud security posture scanning that identifies and prioritizes misconfigurations based on risk level with accompanying mitigation instructions.
• Configuration checks for overly permissive IAM privileges, unencrypted data at rest, cloud instances with access to public IP addresses, whether logging is enabled for incident investigation, and additional existing and emerging cloud security issues.
• Service powered by consulting expertise and research to ensure checks fit within threat models and add real security value to organizations.
• Dedicated dashboard where important information that requires attention is provided in easy-to-interpret graphs, such as the evolution of security posture over time, and different security posture insights.
• Multi-company and multi-cloud management in a single easy-to-use portal along with endpoint security, collaboration protection and vulnerability management products.
• Specific rules and flagging that help in maintaining compliance with independent standards, namely CIS and NIST CSF.
• Possibility for partners, like MSPs and MSSPs, to provide CSPM as a managed service to their customers.

The capabilities provided by Cloud Security Posture Management complement WithSecure Elements’ endpoint protection, endpoint detection and response, vulnerability management, and collaboration protection modules to ensure organizations’ migration to the cloud includes security.