Cloud

11/13/2017
04:00 PM
Jai Vijayan
Jai Vijayan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

Emerging IT Security Technologies: 13 Categories, 26 Vendors

A rundown of some of the hottest security product areas, and vendors helping to shape them.
2 of 14

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure. 

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.
	
Factors to Watch

- Hybrid CASB provides both API-based and proxy-based protections
- Agentless inline protection for sanctioned and unsanctioned devices
- $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA



Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.
	
Factors to Watch

- Multiple on-premise and cloud deployment options
- Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
- Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June



Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: 'CASBs are a crucial element to an organization's cloud security architecture, especially as they grow into PaaS and IaaS support,' says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. 'This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening.'

Image Source: LeoWolfert via Shutterstock

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure.

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.

Factors to Watch

  • Hybrid CASB provides both API-based and proxy-based protections
  • Agentless inline protection for sanctioned and unsanctioned devices
  • $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA

Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.

Factors to Watch

  • Multiple on-premise and cloud deployment options
  • Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
  • Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June

Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: "CASBs are a crucial element to an organizations cloud security architecture, especially as they grow into PaaS and IaaS support," says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. "This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening."

Image Source: LeoWolfert via Shutterstock

2 of 14
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
MarkS94105
100%
0%
MarkS94105,
User Rank: Apprentice
12/8/2017 | 2:28:08 PM
Story -> Potentially Valuable; Site -> Problematic Viewing and Printing
This topic and story is presented as a white paper.  To read the story, we must click the next arrow 13 times to see all 14 pages.  This is time consuming as the site loads so many advertisements.  There is no simple way to print the story, as the print function show only 1 of 14, 2 of 14, etc.  This may be by design, but I find it a serious barrier and will seek other sources for this material.  
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.