Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/13/2017
04:00 PM
Jai Vijayan
Jai Vijayan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

Emerging IT Security Technologies: 13 Categories, 26 Vendors

A rundown of some of the hottest security product areas, and vendors helping to shape them.
2 of 14

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure. 

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.
	
Factors to Watch

- Hybrid CASB provides both API-based and proxy-based protections
- Agentless inline protection for sanctioned and unsanctioned devices
- $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA



Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.
	
Factors to Watch

- Multiple on-premise and cloud deployment options
- Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
- Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June



Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: 'CASBs are a crucial element to an organization's cloud security architecture, especially as they grow into PaaS and IaaS support,' says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. 'This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening.'

Image Source: LeoWolfert via Shutterstock

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure.

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.

Factors to Watch

  • Hybrid CASB provides both API-based and proxy-based protections
  • Agentless inline protection for sanctioned and unsanctioned devices
  • $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA

Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.

Factors to Watch

  • Multiple on-premise and cloud deployment options
  • Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
  • Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June

Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: "CASBs are a crucial element to an organizations cloud security architecture, especially as they grow into PaaS and IaaS support," says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. "This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening."

Image Source: LeoWolfert via Shutterstock

2 of 14
Comment  | 
Print  | 
Comments
Threaded  |  Newest First  |  Oldest First
MarkS94105
100%
0%
MarkS94105,
User Rank: Apprentice
12/8/2017 | 2:28:08 PM
Story -> Potentially Valuable; Site -> Problematic Viewing and Printing
This topic and story is presented as a white paper.  To read the story, we must click the next arrow 13 times to see all 14 pages.  This is time consuming as the site loads so many advertisements.  There is no simple way to print the story, as the print function show only 1 of 14, 2 of 14, etc.  This may be by design, but I find it a serious barrier and will seek other sources for this material.  
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26814
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...
CVE-2021-27581
PUBLISHED: 2021-03-05
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVE-2021-28042
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
CVE-2021-28041
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
CVE-2021-3377
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.