Cybersecurity company Sophos recently unveiled advancements to Sophos Cloud Optix that automate and simplify the detection and response of cloud security vulnerabilities and misconfigurations to reduce risk exposure.
Cloud Optix is easily managed on the unified cloud-based Sophos Central platform alongside Sophos’ entire portfolio of next-generation cybersecurity solutions including Sophos’ endpoint, network, mobile, Wi-Fi, email, and encryption products. Real-time information sharing and threat response on Sophos Central empowers organizations to improve threat detection and response times, simplify investigations and minimize threat impact.
Cloud Optix answers a critical market need for cloud security through unmatched visibility into risky blind spots. Using artificial intelligence to automate the detection of cloud architecture vulnerabilities and misconfigurations, security teams gain complete visibility into everything they have in the cloud as well as the ability to respond and remediate security risks in minutes. Available in AWS Marketplace, Cloud Optix provides automatic discovery of an organization’s assets across Amazon Web Services (AWS) and multi-cloud environments.
Have you read “Sophos introduces cloud-based threat intelligence platform”?
Cloud Optix can now accelerate threat investigation and transforms the visualization of AWS infrastructure, so organizations can identify and eliminate hidden security threats. Cloud Optix now extends support for the newly launched Amazon Detective with interactive and intuitive data about potential threats, such as failed login attempts and suspicious API calls across AWS workloads
It can also identify Kubernetes security vulnerabilities. Amazon Elastic Kubernetes Service (Amazon EKS) clusters and native Kubernetes deployments are now tracked by Cloud Optix, providing comprehensive inventory and visualization of clusters, nodes, node pools, pods, containers and more; New security benchmark checks enable organizations to continuously assess the security posture of their container orchestration platform
Another feature of Cloud Optic is it can detect cloud spend abnormalities. The new security-focused cloud spend monitoring capabilities flag unexpected abnormalities potentially indicative of abuse, so organizations can take action. Cloud Optix monitors daily cloud spend and identifies unusual activity, highlighting top environments and services by spending with customizable spend threshold alerts
It can also detect unintended public or cross-account access: Integration with the new AWS Identity and Access Management (IAM) Access Analyzer provides detail and context needed to quickly determine whether resource policies have been misconfigured to allow unintended public or cross-account access
Sophos Cloud Optix is now capable of securing cloud traffic. By extending security to the network, Sophos UTM support for the new Amazon Virtual Private Cloud (VPC) Ingress Routing, ensures traffic flowing in and out of VPCs and other virtual appliances is secure. With the new ability to restrict north-south traffic, Sophos provides an added layer of protection to secure cloud infrastructure