Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/13/2017
04:00 PM
Jai Vijayan
Jai Vijayan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

Emerging IT Security Technologies: 13 Categories, 26 Vendors

A rundown of some of the hottest security product areas, and vendors helping to shape them.
2 of 14

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure. 

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.
	
Factors to Watch

- Hybrid CASB provides both API-based and proxy-based protections
- Agentless inline protection for sanctioned and unsanctioned devices
- $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA



Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.
	
Factors to Watch

- Multiple on-premise and cloud deployment options
- Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
- Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June



Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: 'CASBs are a crucial element to an organization's cloud security architecture, especially as they grow into PaaS and IaaS support,' says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. 'This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening.'

Image Source: LeoWolfert via Shutterstock

Cloud Access Security Brokers (CASB)

A gateway for enforcing data governance, data leak prevention, and other security policies on traffic flowing between an enterprise network and a cloud provider's infrastructure.

Vendor: Bitglass

Agentless CASB architecture for protecting SaaS, IaaS, and private cloud apps on managed and unmanaged devices.

Factors to Watch

  • Hybrid CASB provides both API-based and proxy-based protections
  • Agentless inline protection for sanctioned and unsanctioned devices
  • $45 million in Series C funding from Jan 2017 funding fueling expansion in the US and EMEA

Key Executives: Chairman and founder Nat Kausik was previously a CEO at Asterpix and several other companies. CEO Rich Campagna is a former executive at F5 network who joined Bitglass as VP of products.

Founded: 2013

Vendor: Netskope

Context-aware governance of enterprise cloud usage from the corporate network, remote location, and mobile devices.

Factors to Watch

  • Multiple on-premise and cloud deployment options
  • Patented technology for real-time control over sanctioned and unsanctioned cloud enterprise cloud services
  • Has raised over $231 million making it one of most well funded CASB vendors; raised $100 million in June

Key Executives: CEO and founder Sanjay Beri is a former VP of Juniper Networks' secure access business group and co-founder of Ingrian Networks.

Founded: 2012

Analyst Commentary: "CASBs are a crucial element to an organizations cloud security architecture, especially as they grow into PaaS and IaaS support," says Pete Lindstrom, an analyst with IDC, who notes that Skyhigh Networks has done a good job establishing itself among the leaders in this market.

Where Skyhigh is doing a good job is in helping organizations secure the transition to Office in the cloud, email in the cloud, and other immediate priorities, adds John Pescatore, director of emerging threats at the SANS Institute. "This is the more immediate pain point for a lot of companies is making the transition the cloud. That is where a lot of the information leakage is happening."

Image Source: LeoWolfert via Shutterstock

2 of 14
Comment  | 
Print  | 
Comments
Threaded  |  Newest First  |  Oldest First
MarkS94105
100%
0%
MarkS94105,
User Rank: Apprentice
12/8/2017 | 2:28:08 PM
Story -> Potentially Valuable; Site -> Problematic Viewing and Printing
This topic and story is presented as a white paper.  To read the story, we must click the next arrow 13 times to see all 14 pages.  This is time consuming as the site loads so many advertisements.  There is no simple way to print the story, as the print function show only 1 of 14, 2 of 14, etc.  This may be by design, but I find it a serious barrier and will seek other sources for this material.  
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing Writer,  2/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8813
PUBLISHED: 2020-02-22
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
CVE-2020-9039
PUBLISHED: 2020-02-22
Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).
CVE-2020-8860
PUBLISHED: 2020-02-22
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. T...
CVE-2020-8861
PUBLISHED: 2020-02-22
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue ...
CVE-2020-8862
PUBLISHED: 2020-02-22
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from the ...