Elastic Unfurls Cloud Security Platform for AWS

Elastic today launched a cloud security analytics platform that provides visibility into Amazon Web Services (AWS) environments. The Elastic Search platform is based on the open source search engine platform it developed.

Mike Nichols, vice president of product management for Elastic, said the Elastic Search platform provides both cloud security posture management (CSPM) and cloud workload protection platform (CWPP) capabilities and is generally available now.

The goal is to provide a platform running in the AWS cloud that is based on an open source data schema that is equally accessible to the cybersecurity professionals and DevSecOps teams that are increasingly responsible for application security, he said.

The Elastic Search platform is based on the open core Elasticsearch engine that is already widely employed by DevOps teams to observe IT environments. The platform provides visibility into the entire runtime environment, including standalone Linux workloads, virtual machines and cloud infrastructure.

In addition, Container Workload Protection capabilities, available in beta, provide visibility into container workloads in managed Kubernetes environments with pre-execution runtime analysis for workloads. An existing CSPM offering the company developed for Kubernetes is now including in beta support for virtual machines.

Finally, cloud vulnerability management capabilities, also in beta, make it possible to discover vulnerabilities in Amazon Elastic Compute Cloud (EC2) workloads in a way that provides the context that DevOps teams need to effectively remediate issues, said Nichols.

In general, there’s a lot more focus on cloud security as organizations look to embrace zero-trust IT principles and lock down their software supply chains. The challenge today is that responsibility for cloud security is generally shared between cybersecurity teams and the developers that build and deploy applications in the cloud. The Elastic Search platform surfaces security issues using an observability framework that many DevOps teams are already familiar with to reduce friction in a way that provides everyone involved in cloud security with a common view of the same issues instead of requiring DevOps teams to learn a tool designed for cybersecurity professionals, noted Nichols.

Elastic already offers a range of security analytics tools that can also be applied to cloud platforms from Microsoft and Google, so Elastic Search also presents opportunities for organizations to unify cloud security across multiple services.

There is, of course, no shortage of options when it comes to cloud security today. The issue that organizations need to navigate is that many of those platforms are based on proprietary data schemas that lock organizations into a set of tools provided by a single vendor. An open data schema makes it feasible for tools from multiple cybersecurity vendors to analyze the same data.

Unfortunately, there is no open data schema standard yet. The hope is that, over time, the open source community will converge on a single schema that multiple cybersecurity tools and frameworks will support. In the meantime, Elastic is making a case for an approach to cybersecurity that is rooted in the same observability technologies that many DevOps teams already know how to employ. Arguably, when it comes to cloud security, half the battle is finding a way to communicate with the developers responsible for remediating cloud security issues in a way they can easily understand.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 747 posts and counting.See all posts by mike-vizard