Critical capabilities for the cloud address challenges faced by security teams looking to validate container, identity, and access management controls
Bengaluru, August 9, 2023: Cymulate, the leader in exposure management and security validation, today announced innovations designed to deliver threat-informed defence through comprehensive exposure management and security validation for cloud infrastructure. The Cymulate Exposure Management and Security Validation platform now includes new and expanded cloud-focused attack simulation templates and resources to cover all major public cloud providers: AWS, Azure, and GCP.
Attacks on containers are on the rise, underscoring the need to better secure Kubernetes environments and validate the efficacy of security controls. According to a recent study, over half of organisations have experienced software supply chain issues related to cloud-native and containerized development in the past 12 months.
“In similar ways to how on-premises exposure management has evolved, cloud security posture management (CSPM) is maturing beyond understanding misconfigurations and attack paths to include capabilities for security control validation, breach feasibility assessment, and business risk context to effectively prioritize remediations,” said Avihai Ben-Yossef, CTO at Cymulate. “The Cymulate expansion of cloud and Kubernetes scenarios builds on existing cloud and traditional security validation features in the Cymulate platform to manage cloud exposures as part of an exposure management program.”
With more than 500 customers worldwide, Cymulate provides the security validation critical to managing the security posture of cloud infrastructure as well as traditional IT. The Cymulate platform provides a comprehensive and scalable solution for security leaders, regardless of their security posture maturity, to drive their continuous threat exposure management (CTEM) program and support both the technical and business requirements of scoping, discovery, prioritisation, validation, and mobilisation.
- Scoping: Scope exposure management for cloud deployments by adding business context to cloud resources and business impact related to cloud availability, sensitive data in cloud storage, business processes supported by the cloud, etc.
- Discovery: Understand the full cloud environment and its cybersecurity posture by mapping the attack surface, identifying assets, and identifying misconfigurations across clouds, ground to cloud, and cloud to ground.
- Validation: Validate cloud controls, policies, and defensive capabilities to detect and respond to attackers (who gain access to cloud environments).
- Prioritisation: Prioritise mitigations (such as updated cloud policies, control policies, and new controls) with the context of business impact, compensating controls, and breach feasibility.
- Mobilisation: Mobilise action and cloud remediations across teams with remediation guidance for correcting cloud misconfigurations or implementing new policies or new controls. Measure cyber security posture and baseline exposure risk for both cloud deployments and the cloud as part of the collective IT infrastructure.
Cymulate Cloud Exposure Management Offerings and Capabilities
Cymulate ASM: Discovers cloud assets across AWS, Azure, and GCP to inventory VMs, storage objects across AWS, Azure, and GCP, VPCs (Virtual Private Clouds), entitlements, Kubernetes containers, and more. Identifies misconfigurations for both internal (authenticated) and external (unauthenticated) assets and deployments. Unified attack path mapping creates a visual roadmap and analysis across multi-cloud, on-prem, and hybrid environments.
Cymulate BAS: Validates core controls for cloud assets vs. malicious behaviours, including those specific to cloud threats. The immediate threats module validates the control detection of emergent threat activity against cloud assets.
Cymulate BAS Advanced Scenarios: Validates configuration best practises for cloud and Kubernetes policy configuration. Validates cloud controls against malicious activity targeted at user access, secrets management, data exfiltration, ransomware, container discovery, and much more. Provides an open framework to create, store, modify, and execute both simple and sophisticated assessments using custom or out-of-the-box resources.
Cymulate CART: Validates potential propagation within the cloud and from the cloud to on-premises and back with automated network penetration testing.
Cymulate Exposure Analytics: Ingests, aggregates, and correlates data from Cymulate ASM, BAS, and CART, as well as cloud infrastructure and other third-party systems. The solution brings business context to cybersecurity programs to create a common language for managing risk. By building contextualised risk profiles, exposure analytics prioritises remediation and provides mitigation guidance for validated security gaps across cloud, on-prem, and hybrid environments. Measures and baselines for security resilience for cloud deployments Maps controls and security findings to control frameworks, including MITRE ATT&CK Cloud Matrix.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics