IONIX Extends ASM Reach to Cloud Computing Platforms
IONIX today extended the reach of its attack surface management (ASM) platform into cloud computing environments, including Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).
The IONIX Cloud-Cross View capability leverages the application programming interfaces (APIs) that cloud service providers expose to given cybersecurity team a unified view of the attack surfaces they need to defend. It accomplishes this by applying machine learning algorithms to identify hundreds of different asset characteristics, such as where applications are hosted, what domains are being used, which certificates are active and the domain name system (DNS) data made available.
IONIX CEO Marc Gaffan noted existing cloud security tools typically don’t identify instances of shadow IT or zombie IT accounts that may have been set up without the knowledge of a cybersecurity team.
In addition, existing cloud tools fail to surface the interdependencies that might exist across either a multi-cloud or hybrid cloud computing environment, Gaffan added. In the absence of that level of visibility ,many cybersecurity teams cannot properly assess the level of risk the organization’s level of risk.
The IONIX ASM platform provides cybersecurity teams with a unified view of an IT environment in a way that enables cybersecurity teams to run attack simulations, said Gaffan.
As IT environments become more distributed in the era of the cloud, it’s becoming that much more challenging for cybersecurity teams to defend IT environments. At the same time, the pace at which changes are being made to those platforms is increasing. Each of those changes creates another potential vulnerability that cybersecurity teams are expected to remediate. Organizations need to continuously scan the attack surfaces they are expected to defend at a time when the volume and sophistication of cyberattacks is increasing, as cybercriminals continue to experiment with artificial intelligence (AI) tools.
It’s not clear at what point ASM and traditional IT asset management might converge, but anything connected to a corporate network is a potential target. Each of those assets presents yet another platform for which cybersecurity teams are accountable, regardless of which team in an organization deployed it.
Various forms of shadow IT have, of course, always created cybersecurity challenges. The issue now is that as regulations continue to evolve the fines levied for not adequately securing an IT environment are about to become more costly. The tolerance that governments around the world have historically had for organizations that experienced a breach because of lax security policies is declining around the world.
The challenge is there is simply not enough cybersecurity expertise available. As a result, a larger percentage of security operations (SecOps) tasks are now being assumed by IT operations teams that are now managing cybersecurity within the context of a larger set of workflows. The issue, as always, is that which can’t be seen can’t be managed, much less secured, so the first order of cybersecurity business is gaining visibility.
Photo credit: sorin kwon on Unsplash
