Skyhawk Security Adds Runtime Protection to Cloud Security Portfolio

Skyhawk Security this week added a runtime protection capability to its integrated cloud security portfolio.

Skyhawk Security CEO Chen Burshan said the Synthesis Security Platform brings a cloud threat detection and response (CDR) capability to the cloud security posture management (CSPM) platform that Skyhawk previously made available.

Skyhawk Security is also now making the core edition of its CSPM platform available for free for up to 1,000 seats. In modern IT environments, a CSPM is now table stakes, so the focus is on providing integrated extensions such as Skyhawk Synthesis that help lower the total cost of cybersecurity, noted Burshan.

In addition to a CDR and CSPM platform, Skyhawk Synthesis provides cloud infrastructure entitlement management (CIEM) and identity threat detection and response (ITDR) capabilities. Skyhawk Synthesis adds a tool for protecting runtimes that uses machine learning algorithms to identify correlated sequences of high-priority events. The platform then surfaces the paths of least resistance that cybercriminals could use to compromise an IT environment, added Burshan.

Skyhawk Security spun out of Radware last year following a $35 million strategic investment by a Tiger Global Management affiliate. The overall goal is to create a hub through which cloud security management becomes simpler and less costly, noted Burshan.

A recent University of Oxford study showed that 99% of securityalerts are false positives. As more workloads are deployed in the cloud—often by developers that lack any cybersecurity expertise—the number of alerts generated will only continue to increase and cybersecurity fatigue will soon follow. Skyhawk Security addresses that issue by combining an awareness of least-resistance paths with behavioral analytics and event correlation to connect suspicious activities into an attack sequence. That will reduce the number of false positive alerts generated, said Burshan.

At the core of that effort is a two-layered approach to machine learning that first identifies known threats and then applies a more sophisticated model to identify anomalies that might be indicative of a previously unknown threat, he added.

Cybersecurity teams are reevaluating their approaches to cloud security to reduce costs, make it simpler for smaller teams to secure multiple platforms and take advantage of advances in automation enabled by machine learning algorithms. It’s not clear how organizations will rationalize the tools they already have in place, but it is apparent there is a preference to minimize the number of tools that cybersecurity teams need to deploy, maintain and ultimately master.

Of course, the single biggest step forward when it comes to cloud security is to ensure that cloud platforms are secure when initially provisioned. The challenge, of course, is the developers that provision these platforms tend to make mistakes—and those misconfigurations are easily exploited by cybercriminals. As such, the first order of business for most cybersecurity teams is determining what workloads are running where in cloud computing environments and fix misconfigurations that cybercriminals, unfortunately, can easily identify.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 745 posts and counting.See all posts by mike-vizard