Elastic, the company behind Elasticsearch, today announced the launch of Elastic Security for Cloud featuring new capabilities for cloud risk and posture management, and cloud workload protection.
Elastic Security for Cloud expands the capabilities of Elastic Security by bringing together the ability to enforce security posture for cloud-native and hybrid environments with infrastructure detection and response (IDR) to give customers deep visibility into cloud workloads and perform expert prevention, detection, and response. Customers can monitor for deployment time risks and run-time threats in the unified Elastic Search Platform.
Elastic Security also delivers out-of-the-box rules and machine learning models to identify known and unknown threats with insights derived from Elastic Security Labs, the company’s threat research, malware analysis, and detection engineering team.
Providing a unified view across cloud-native and hybrid environments
Gartner® , over 85% of organizations will move to a cloud-first model with 95% of new digital workloads deployed on cloud-native platforms by 2025. However, a recent study by Elastic found that nearly half (49%) of organizations adopting cloud-native technologies anticipate that misconfigurations will increase as a root cause of breaches over the next two years.
While cloud security is key to business, it introduces more dependencies on various internal and third-party elements and increases complexity. The result is an environment with fragmented visibility, and you can’t secure what you can’t see. Such an environment can be difficult to secure, since many elements need to come together cohesively, Elastic aims to reduce this complexity and improve attack surface visibility by delivering Elastic Security for Cloud on a single platform that enables customers to secure their cloud risks while integrating it within their broader security operations.” Ken Buckler, Research Analyst Security & Enterprise Management Associates
Key capabilities of Elastic Security for Cloud include:
- Integrating cloud security into a unified platform for endpoint security, cloud security, SIEM, and XDR to deliver broad visibility and security while eliminating the overhead of deploying, managing, and integrating disparate security operations, monitoring, and compliance tools.
- Securing cloud workloads and cloud native applications with a lightweight agent powered by eBPF technology to automate the identification of cloud threats with out-of-the-box detection rules and machine learning (ML) models.
- Enabling analysts to accelerate workflows with integrated case management, built-in response actions, and native integrations with security orchestration platforms.
- Accelerating the investigation experience for cloud-native and hybrid workloads across multiple clouds through a unified alert management console. The console features a terminal-like experience providing rich visibility and context into commands executed in cloud workloads, coupled with runtime intelligence integrations, OS and infrastructure analytics powered by osquery, and automation and integrations with IT and security orchestration platforms.
- Enabling organizations to enforce cloud security posture for their Kubernetes deployments and aligning deployments with security benchmarks such as CIS controls. With this new capability, customers can identify misconfigurations and insecure configurations in their Kubernetes deployments and gain near real-time visibility into their cloud risk