Cloud service providers, data-center security vendors and network security companies are acquiring cloud security startup companies at an increasing pace. This consolidation is fueled by the rapid enterprise migration of critical applications to public cloud, and the incompatibility of legacy security solutions in these environments. This is evidenced by a number of recent high profile cloud security breaches and compliance issues. Today’s news that Evident.io is being acquired by Palo Alto Networks continues this trend, and we should expect this movement to continue.
I want to congratulate Evident.io and Palo Alto Networks on their merger. This transaction validates RedLock’s position that compliance monitoring is one of the critical enterprise requirements. However, compliance and configuration scanning-only products, such as Evident.io, represent the first generation of cloud compliance products. These products are limited, in that they can only tell you what might be going wrong with your cloud resources. These first generation tools lack the architecture to address the more sophisticated, contextual needs for cloud compliance, visibility and governance, and threat detection. Which is why RedLock was founded.
The bad guys are getting smarter and more creative. This past year we have seen more advanced cloud threats including compromised cloud access credentials, internet exploitable vulnerable hosts, and the Tesla attack, where hackers were performing crypto mining from one of Tesla’s Kubernetes pods. None of these attacks would be addressed by first generation compliance-only products like Evident.io.
In public cloud environments, resources are often created and retired in a matter of minutes. Nothing is static, making the management and security of cloud resources an on-going challenge. At RedLock, we believe that more information - and context - leads to better security decision making. Which is why RedLock dynamically discovers cloud resource changes and continuously correlates raw, siloed data sources including user activity, resource configurations, network traffic, threat intelligence, and vulnerability feeds to provide a complete view of public cloud risk. RedLock is a Cloud Threat Defense platform, and represents the second generation of cloud security and compliance products. RedLock enables real-time continuous monitoring of your cloud resources to tell you what is going wrong NOW!
We are excited as to what the future holds. Everyday, we get market validation that our API-based approach with Amazon Web Services (AWS), Microsoft Azure and Google Cloud for providing effective cloud threat defense is preferred over other agent or proxy based alternatives. We’ve got a broad and deep roadmap, and we are looking forwarding to meeting - and beating - Palo Alto Networks / Evident.io in the market. We look forward to talking with you as well.
Get the NEW Cloud Security Trends - February 2018 edition
The threats are real and cybercriminals are evolving and actively targeting information - and more - left unsecured in public cloud environments. Our report provides 11 Tips for your “PreCrime” Unit to Combat Tomorrow’s Cybercrime. View our complete findings by downloading the Cloud Security Trends - February 2018 report.