Elastic expands Cloud Security capabilities for AWS

Elastic has introduced expanded capabilities for Elastic Security including Cloud Security Posture Management (CSPM) for AWS, container workload security, and cloud vulnerability management. Building on the previously released Kubernetes security posture management (KSPM) and Cloud Workload Protection Platform (CWPP) capabilities, Elastic now delivers a comprehensive security analytics solution that includes complete Cloud Native Application Protection for AWS.

According to Gartner, more than 85% of organisations are moving to a cloud-first model and 95% of new digital workloads are being deployed on cloud-native platforms. However, 99% of cloud failures will be the customer’s fault due to mistakes like cloud misconfigurations. Research from Elastic Security Labs found that nearly 1 in 3 (33%) attacks in the cloud leverage credential access, indicating that users often overestimate the security of their cloud environments and fail to configure and protect them adequately.

“Many companies have a fragmented approach to cloud security, as security and devops teams pivot between multiple dashboards,” said Ken Buckler, Research Analyst - Security and Risk Management, Enterprise Management Associates. “Unified visibility across all cloud resources, as well as on-premises systems, is critical to quickly identify and stop security threats at scale, especially when attackers repeatedly cross boundaries between cloud and on-premise in attempts to evade detection. With Elastic Security, organizations can streamline their cloud security operations by establishing real-time, unified visibility across their environments in a single interface.”

Elastic’s comprehensive suite of cloud security capabilities includes:

•        Cloud Workload Protection (generally available) — Expands on existing runtime security for traditional endpoints, enabling cloud security teams to gain deep visibility into the entire runtime workload including standalone Linux workloads, virtual machines, and infrastructure hosted in AWS, Google Cloud, and Microsoft Azure.

•        Container Workload Protection (beta) — Provides cloud security teams deep visibility into container workloads in managed Kubernetes environments with pre-execution runtime analysis for workloads running in Amazon EKS, GKE, and AKS environments.

•        Cloud Security Posture Management (beta) — Enables cloud security teams to continuously detect and remediate misconfigurations across workloads in AWS and Amazon EKS in real-time with Center for Information Security (CIS) benchmark controls, out-of-the-box integrations, and posture management dashboards and reports.

•        Cloud Vulnerability Management (beta) — Uncovers cloud-native vulnerabilities in AWS EC2 workloads with minimal resource utilisation on workloads and enumerating vulnerabilities with risk context to help cloud security teams identify and respond to potential risk.

“Elastic Security is a unified security solution offering SIEM, endpoint, and cloud security capabilities—rooted in data management and analytics—that enables customers to protect, investigate and respond to threats across their entire infrastructure,” said Santosh Krishnan, General Manager of Elastic Security, Elastic. “The expansion of Elastic Security’s comprehensive cloud security capabilities provides organizations with the power they need to modernise their cloud security operations, improve attack surface visibility, reduce vendor complexity, and accelerate remediation.”