Platform security vendor Sophos sets to address the security weaknesses of public clouds with Cloud Optix-- an agentless solution leveraging AI to highlight and mitigate threat exposure in cloud infrastructure.
As the company puts it, Cloud Optix provides intelligent cloud visibility, automatic compliance regulation detection and threat response across multiple cloud environments. It also promises to reduce alert fatigue by pointing out what is "truly meaningful and actionable," providing security teams with a more accurate picture of current security posture.
Based on AI technology from January 2019 acquisition Aivd Secure, Cloud Optix uses a Smart Visibility feature to automatically discover organisation assets across AWS, Microsoft Azure and Google Cloud Platform (GCP) environments via single console. Continuous Cloud Compliance keeps up with changing compliance regulations and best practices policies by automatically detecting cloud environment changes in real time, while AI-based monitoring and analytics detect risky resource configurations and suspicious network behaviour.
Sophos recently tested the threat to cloud environments with honeypots-- and discovered cybercriminals attacked one of the cloud server honeypots used in a study within 52 seconds of going live in Sao Paulo, Brazil. On average, the cloud servers were hit by 13 attack attempts per minute, per honeypot.
The honeypots were set up in 10 of the most popular AWS datacentres in the world, including California, Frankfurt, Ireland, London, Mumbai, Ohio, Paris, Sao Paulo, Singapore, and Sydney over a 30-day period. In total the test period saw over 5 million attack attempts in the 30-day period. If successful the cybercriminals can obviously steal data, as well as use the breached cloud servers as pivot points to gain access into other servers or networks.
