As we enter the second quarter of 2018, it’s hardly a surprise that revelations about high profile public cloud breaches continue. In the last several months, significant attacks have occurred at Uber, Federal Express and others. RedLock’s own CSI team discovered a much publicized cryptojacking attack at Tesla. At times, it seems that no organization is safe, but there are strategies that can greatly mitigate the likelihood of an attack.
To that end, I am extremely excited to announce a joint effort between RedLock and Barracuda Networks, a provider of cloud-enabled security and data protection solutions. Together, RedLock and Barracuda will better enable organizations to fulfill their shared responsibilities in securing public cloud environments. Our solutions working together take a unique approach based on the core pillars of NIST CSF.
NIST, for those of you unfamiliar, is the National Institute of Standards and Technology (part of the United States Department of Commerce). NIST provides guidance on standards, best practices, and recommendations with the goal to provide standardize practices. Though their recommendations for cybersecurity are not mandated, organizations of all sizes with both cloud and on-premises assets are increasing looking to NIST for leadership with respect to cybersecurity frameworks.
The NIST CSF is organized into major functions:
- Identify - Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
- Protect - Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.
- Detect - Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
- Respond - Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
To learn more about NIST CSF, check out RedLock’s recent webinar “Applying the NIST Framework to Secure AWS”.
RedLock and Barracuda Joint Approach Aligns to NIST CSF
Specifically, RedLock and Barracuda deployed together address subcategories within the four functions of NIST CSF by providing the following capabilities:
- Identify: RedLock continuously discovers assets and profiles applications to provide comprehensive visibility across fragmented cloud environments. The Barracuda Vulnerability Manager service uses this context to identify web application security risks.
- Protect: Barracuda’s industry-leading CloudGen WAF and CloudGen Firewall implement safeguards that ensure secure delivery of services
- Detect: The RedLock platform detects a variety of risks, including whether configurations have drifted away from policy-defined best practices. The platform creates behavioral baselines for each user, and flags deviations to identify issues such as account compromises or insider threats. The platform monitors network traffic and highlights suspicious activity. In addition, hosts that are potentially compromised can be quickly identified.
- Respond: The joint deployment of RedLock and Barracuda helps prioritize the highest risks, enables rapid investigation, and integrates with enterprise incident response tools such as Slack, Demisto, Splunk, and QRadar.
This joint deployment solution offers organizations the ability to implement a broad Cloud Threat Defense strategy across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud environments. Here are two sample scenarios that RedLock and Barracuda can uniquely address.
Sample Use Cases
- Organizations can use RedLock’s discovery capabilities to identify any instances that developers have exposed to the internet, and can automatically deploy the Barracuda CloudGen Firewall to protect those instances.
- The joint solution can be used to detect and protect vulnerable web applications. In this case, RedLock determines if there are any internet exposed web applications communicating with suspicious IPs. The Barracuda Vulnerability Manager can scan applications and gather vulnerability data. Finally, the Barracuda CloudGen WAF can be used to provide highly scalable application layer protection.
RedLock and Barracuda can minimize windows of opportunities for malicious actors. If you would like to learn more, please reach out to RedLock, and we can provide additional information.
Download the Cloud Security Buyer’s Guide Based on the NIST Cybersecurity Framework
Download this guide to get 20+ tips based on the NIST Cybersecurity Framework to manage risks across your cloud computing environment:
- Identify if any resources have been misconfigured
- Find out if there are any unpatched hosts
- Monitor for network intrusions
- Detect insider threats or account compromises
- Automatically remediate incidents