Cisco announced this week it has partnered with cloud security and governance platform provider JupiterOne to launch Cisco Secure Cloud Insights. Secure Cloud Insights will be part of Cisco’s SecureX family of products and is intended to help customers manage risk and reduce the attack surface of their cloud-based processes and applications.
By tracking and normalizing data across multi-cloud and hybrid environments, the new offering will provide customers with public cloud inventory visibility, relationship mapping to navigate cloud-based entities and access rights, and security compliance reporting.
“JupiterOne has asset and cloud configuration management in addition to XDR [extended detection and response] capabilities,” said Andras Cser, vice president and principal analyst, Security and Risk Management at Forrester Research. “This is the differentiating aspect of the solution. Since Cisco does not provide any features natively in configuration management and cloud security posture [CSPM], they can benefit from the JupiterOne’s OEM features in these areas. CSPM competitors include CheckPoint, Palo Alto, and Trend Micro.”
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
Prior to partnering with JupiterOne, Cisco used it to monitor its own public cloud footprint.
“Cisco Secure Insights with JupiterOne will help businesses maintain a leading-edge cloud security posture by offering complete visibility into their cyber assets, ways to identify security and compliance gaps quickly, and methods to fast-track investigation and response,” Cisco’s PR team said in a statement.
Secure Cloud Insights does this by providing customers with a knowledge graph of consolidated metadata that highlights configurations, access policies, settings, tags, rules and more that govern interaction between entities. Entities include users, roles, groups, policies, databases, datastores, devices, code repositories, storage buckets (eg., AWS S3), cloud compute instances (eg., AWS EC2), containers, functions, etc.
APIs are used to ingest this data from 50 predefined integrations that include public cloud environments, vulnerability scanners, endpoint protection and network security tools, development and code repositories, identity providers and more. Custom integrations are also supported using SDKs and webhooks.
Secure Cloud Insights also is designed to make queries easier through the use of 550 pre-built queries and the option to create custom queries, Cisco said.
SEE: Mobile Device Security Policy (TechRepublic Premium)
To determine an organization’s security posture, Secure Cloud Insights relies on context and cloud security posture management capabilities. According to a recent blog post by Michael Polise, a director with Security Risk Management, CSPMs are an emerging category of tools for managing cybersecurity risk on AWS and Azure clouds.
“While CASB [cloud access security broker] has reigned as the four-letter acronym in the world of cloud security for years, Cloud Security Posture Management (CSPM) has been increasing in popularity and importance,” he said.
Cloud Insights is designed to provide context and visibility across the entire organization including from security operations and DevOps, Cisco said.
“It is for this reason that we have integrated Cloud Insights with Cisco’s security platform SecureX and intend to have it play a bigger role as a context wrapper for numerous other Cisco security services,” the company said in a press release.