Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:00 AM
Dark Reading
Dark Reading
Products and Releases

FireLayers announces cloud application security gateway

Industry's first policy-based cloud application security gateway enables security, compliance and IT governance across all cloud applications by any user on any device

REDWOOD CITY, Calif. and HERZLIYA, Israel, September 17, 2014 – The shift to the cloud has been tectonic; however, the IT infrastructures of the last 20 years have not kept pace to adequately protect enterprise networks, data and transactions. Applications are moving to the cloud, so must the corporate security gateway. Enterprises need a cloud application security gateway.

FireLayers™ today announced its flagship solution, the FireLayers Cloud Application Security Gateway, the first of a series for enabling the secure and responsible adoption of cloud applications. This new cloud application security gateway sits between cloud apps and users, enabling enterprises to responsibly and securely leverage cloud applications like ADP, Google Apps, NetSuite, Office365, Salesforce, TribeHR, Workday and others, as well as customized and homegrown apps.

“Until now, CIOs and CISOs were forced into making the inadequate choice between blocking or allowing cloud apps,” said FireLayers co-founder and CEO, Yair Grindlinger. “IT teams and business leaders are becoming increasingly aware that cloud app security is a corporate problem, and that they need to be responsible for the security of how the application is used, the data and the users themselves. With FireLayers, they have the tools they need to enforce corporate policies that support their risk tolerance and compliance needs.”

FireLayers’ policy-based cloud application controls – an industry first – allow IT teams to define, deploy and enforce corporate security, compliance and governance policies across any device or application (popular, customized or homegrown) with near-zero performance impact. Furthermore, the FireLayers open architecture integrates with a host of tools for security (anti-x, malware, DLP, encryption and others) and monitoring (SIEM). The FireLayers gateway is the first solution to support the standards-based XACML protocol for interoperable access control, making it a solid foundation for a strategic cloud security program.

With cloud security now impacting corporate operation decisions at every level, it is mission critical for organizations to have centralized cloud control. In addition to providing deep visibility into cloud application usage, FireLayers protects against external attackers, account hijacking, malicious insiders, unauthorized access from BYOD, unintentional risky behavior and thousands of other risks inherent in using cloud apps.

“Cloud app providers like Salesforce, Google, Box, SuccessFactors and others provide excellent user experiences, meet demanding performance SLAs and secure data in their cloud. But their responsibility ends there. FireLayers closes that gap by giving IT teams a cloud application security gateway to control and secure all cloud application usage at a granular level,” said Doron Elgressy, FireLayers co-founder and president.

Available immediately, the FireLayers Cloud Application Security Gateway achieves a number of industry firsts:
-          Delivers granular policy-based rule enforcement and auditing down to the single command level
-          Uses the XAML standard to create and enforce policies so that user interactions can be identified in real time
-          Allows or denies individual sessions
-          Controls any command in any cloud app (popular, customized or homegrown) without depending on native APIs, extending security, compliance and IT governance capabilities
-          Provides pre-defined controls, rule sets and policies for a growing catalog of popular cloud applications; i.e., Box, Google Apps, Office365, NetSuite, Workday, Yammer and others
-          Integrates with best-of-breed cloud security (authentication, anti-malware, anti-x, DLP, encryption and others) and monitoring (SIEM) tools
-          Delivers near-zero latency and transparent operation for sustainable user productivity
-          Features device and session-based controls including: SSL/OS/browser versions, IP address control and session ID protection

“FireLayers has chosen to focus on application control and how it impacts security, compliance and governance. The company feels that this is the core of what the market is all about, and we agree,” wrote 451 Research Analyst Adrian Sanabria in a recent Market Impact Report. In a later Tweet, he added, “Their example to me: SaaS app you want doesn’t support two-factor authentication, a corporate requirement? Just add it! Blew my mind.”

About the FireLayers Cloud Application Security Gateway
The FireLayers Cloud Application Security Gateway gives enterprises confidence to securely extend their use of cloud resources. It provides the granular control IT teams need to responsibly adopt cloud applications and create safe zones for employees to work productively while protecting enterprise data, networks and financial transactions from hackers, external threats and accidental risky behavior by employees. The three components of the cloud application security gateway are:
-          FireLayers Control: the gateway’s foundation, which enforces context-aware IT security, compliance and governance policies across any application on any device by any user; delivers granular control; provides an intuitive policy manager that leverages pre-defined, customizable rule sets developed by FireLayers’ security analysts
-          FireLayers Respond: a 24/7 growing repository of proven, pre-defined policies for leading cloud apps, like Salesforce, NetSuite, Office365 and Google Apps, and research on emerging threats and common gaps; rapid incident response to actual and potential threats; a knowledge center featuring effective threat models and a growing expert community
-          FireLayers Analyze: this proprietary discovery tool delivers deep visibility and insights into cloud application usage; it maps the enterprise’s cloud application landscape and provides a real-time auditing tool and comprehensive logs that reach field-level attributes and provide immediately actionable controls; and dynamic operation reports include detailed user and usage information with drill down capabilities

The FireLayers Cloud Application Security Gateway inaugural solution will be followed by other innovative cloud security, compliance and IT governance tools that ensure secure and responsible cloud adoption. 


FireLayers Cloud Application Security Gateway Video

451 Research Impact Report: FireLayers answers a burning question: how to address the multi-layered CAC market?”

Secure 1 Cloud Application for 1 Year - FREE

About FireLayers
FireLayers enables companies to adopt the cloud responsibly, while ensuring security, compliance and governance of any cloud application on any device by any user. The FireLayers Cloud Application Security Gateway, our inaugural solution, is the industry’s first to leverage XACML-based granular policies to deliver full control over popular apps like Salesforce, Office365, SuccessFactors, NetSuite and endless others as well as customized and homegrown cloud applications. With our cloud application security gateway, enterprises gain new levels of security, visibility and control across their cloud application landscape.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-12-02
CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
PUBLISHED: 2020-12-02
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
PUBLISHED: 2020-12-02
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access,...
PUBLISHED: 2020-12-02
HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system.
PUBLISHED: 2020-12-02
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat ...