Cloud

11/13/2017
04:00 PM
Jai Vijayan
Jai Vijayan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

Emerging IT Security Technologies: 13 Categories, 26 Vendors

A rundown of some of the hottest security product areas, and vendors helping to shape them.
2 of 14

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure. 

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.
	
Factors to Watch

- Hybrid CASB provides both API-based and proxy-based protections
- Agentless inline protection for sanctioned and unsanctioned devices
- $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA



Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.
	
Factors to Watch

- Multiple on-premise and cloud deployment options
- Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
- Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June



Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: 'CASBs are a crucial element to an organization's cloud security architecture, especially as they grow into PaaS and IaaS support,' says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. 'This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening.'

Image Source: LeoWolfert via Shutterstock

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure.

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.

Factors to Watch

  • Hybrid CASB provides both API-based and proxy-based protections
  • Agentless inline protection for sanctioned and unsanctioned devices
  • $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA

Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.

Factors to Watch

  • Multiple on-premise and cloud deployment options
  • Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
  • Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June

Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: "CASBs are a crucial element to an organizations cloud security architecture, especially as they grow into PaaS and IaaS support," says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. "This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening."

Image Source: LeoWolfert via Shutterstock

2 of 14
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
MarkS94105
100%
0%
MarkS94105,
User Rank: Apprentice
12/8/2017 | 2:28:08 PM
Story -> Potentially Valuable; Site -> Problematic Viewing and Printing
This topic and story is presented as a white paper.  To read the story, we must click the next arrow 13 times to see all 14 pages.  This is time consuming as the site loads so many advertisements.  There is no simple way to print the story, as the print function show only 1 of 14, 2 of 14, etc.  This may be by design, but I find it a serious barrier and will seek other sources for this material.  
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Compliance and Risk Management Officer, AvePoint, Inc,  8/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15601
PUBLISHED: 2018-08-21
apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism.
CVE-2018-15603
PUBLISHED: 2018-08-21
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen.
CVE-2018-15598
PUBLISHED: 2018-08-21
Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable.
CVE-2018-15599
PUBLISHED: 2018-08-21
The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.
CVE-2018-0501
PUBLISHED: 2018-08-21
The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail.