Cybereason LLC announced on the 22nd that it will begin selling its cloud security solution “Cybereason CNAPP (Cloud-Native Application Protection Platform)” on May 19th. Cybereason CNAPP is a security solution that uses an agent-based architecture and is compatible with major cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud . It comprehensively protects a wide range of cloud-native workloads in containers, Kubernetes, and serverless environments. Cybereason provides a CNAPP solution that integrates prevention, detection, and response to address the four major risks that are particularly important to be wary of in cloud-native environments: vulnerabilities, misconfigurations, excessive permissions, and reduced visibility in incident response. It will contribute to solving issues such as protecting confidential data and managing risks in real time.
Cybereason CNAPP uses a host-based agent to detect threats in real time and respond quickly to security incidents, achieving a strong “shield right.” In addition, by integrating security into the development pipeline, it also achieves a “shift left” approach, allowing security risks to be managed from the early stages of development. It provides an integrated platform that realizes “zero blind spot” security monitoring and addresses vulnerabilities, misconfigurations, runtime threats, and excessive privileges in cloud environments. It visualizes risks such as vulnerabilities, network exposure, and confidential data through integrated management that supports multi-cloud. Among its main functions, the Cloud Posture Management (CSPM) function continuously monitors the settings of major cloud providers such as AWS, Azure, and Google Cloud, and automatically detects misconfigurations and compliance violations based on standards such as CIS benchmarks and NIST SP 800-53.
Also Read: BlueVoyant Expand in Japan, Partners with Marubeni I-DIGIO
The Kubernetes Security (KSPM) function implements security measures for Kubernetes that comply with NIST SP 800-190, and provides functions that can be integrated into DevSecOps workflows, from vulnerability scanning of image registries to runtime protection. The Workload Protection (CWP) function uses a lightweight agent that employs eBPF technology to realize runtime monitoring of servers and containers, and the ” Dash Cam ” function keeps detailed operation records when an incident occurs. The CIEM function automates identity management based on the principle of least privilege (PoLP), scores and evaluates accounts that have not been used for more than 90 days and excessive IAM permissions, and provides risk visualization and remediation guidance. The solution is available in two forms: an Enterprise license that allows access to all functions, and an agentless Essential license that is easy to deploy. Cybereason says that the launch of the Cybereason CNAPP solution will enable organizations to build a comprehensive security system from endpoints to the cloud.
SOURCE: Yahoo
