The new product, Cisco Secure Cloud Insights provides cloud inventory tracking and relationship mapping to navigate public clouds as well as access rights management and security compliance reporting.
Cisco announced this week that it has partnered with cloud security and governance platform provider JupiterOne to launch Cisco Secure Cloud Insights. Secure Cloud Insights will be part of the SecureX family of Cisco products and aims to help customers manage risk and reduce the attack surface of their cloud-based processes and applications.
By tracking and generalizing data across multi-cloud and hybrid environments, the new proposal will provide clients with public cloud list visibility, relationship mapping and access rights to navigate cloud-based organizations, and security compliance reporting.
JupiterOne has XDR’s additional assets and cloud configuration management [extended detection and response] Capabilities, ”said Andras Cesar, vice president and chief analyst at Safety and Risk Management at Forrester Research. Cisco does not offer any features natively in configuration management and cloud security currency [CSPM], They can benefit from JupiterOne’s OEM features in these areas. CSPM competitors include Checkpoint, Palo Alto, and Trend Micro. ”
See: Password Violation: Why Pop Culture and Passwords Don’t Match (Free PDF) (Tech Republic)
Prior to partnering with JupiterOne, Cisco used it to monitor its own public cloud footprint.
“Cisco Secure Insights with JupiterOne will help businesses maintain a leading-stream cloud security currency by providing full visibility into their cyber assets, ways to quickly identify security and compliance gaps, and quick-track research and response methods,” said Cisco’s PR. The team said. In a statement.
Secure Cloud Insights provides customers with a knowledge graph of consolidated metadata that highlights configurations, access policies, settings, tags, rules and more to control interactions between organizations. Organizations include users, roles, groups, policies, databases, datastores, devices, code repositories, storage buckets (e.g., AWS S3), cloud compute instances (e.g., AWS EC2), containers, tasks, etc.
APIs are used to inject this data from over 50 predefined integrations including public cloud environments, risk scanners, endpoint security and network security tools, development and code repositories, identification providers and more. Custom integrations are also supported using the SDK and webhooks.
Secure Cloud Insights is also designed to make queries easier through the use of 550 pre-built queries and the option to create custom queries, Cisco said.
See: Mobile device security policy (Tech Republic Premium)
To determine the security currency of an organization, secure cloud insights context and cloud security rely on currency management capabilities. According to a Recent blog post CSPMs are an emerging category of tools for managing cybersecurity risks in the AWS and Azure clouds, by Michael Polis, Director of Security Risk Management.
“While CASB [cloud access security broker] Cloud Security Posture Management (CSPM) has been growing in popularity and importance over the years as it has been ruling the world of cloud security as a four-letter acronym, ”he said.
Cloud Insights is designed to provide context and visibility to the entire organization, including security functions and DevOps, Cisco said.
“Because of this we have integrated Cloud Insights with Cisco’s security platform SecureX and it wants to play a big role as a reference wrap for many other Cisco security services,” the company said in a press release.