Cloud

10/10/2018
11:15 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symantec Expands Cloud Security Portfolio

Integrated approach to cloud security, compliance and management delivers 'no compromises' visibility and control to IaaS, PaaS and SaaS applications

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Symantec Corp (NASDAQ: SYMC), the world’s leading cyber security company, today announced innovations and expansions to its cloud security portfolio, designed to help organizations protect the cloud generation applications and infrastructure they rely on. Symantec’s Cyber Defense Platform offers the broadest cloud protection available, providing visibility and control for virtually any cloud app and integrations with CloudSOC CASB, Cloud Workload Protection (CWP) and Data Loss Protection (DLP). It also provides the deepest cloud protection, giving customers the ability to track more risk attributes and scan cloud applications and repositories with new API Integrations.

As enterprises move critical infrastructure, applications and workloads to the cloud, they gain major advantages in scale, convenience, cost and performance. However, this adoption often comes without proper IT oversight or security controls, introducing risk for data loss, breaches and compliance violations.

To address these challenges, Symantec has developed the most complete suite of technologies and solutions for every cloud security and compliance need through its Integrated Cyber Defense Platform, which offers market-leading integrated security solutions covering a robust set of IaaS, PaaS and SaaS technologies that businesses use every day.

Key portfolio updates include:

Protection for cloud infrastructure: New Cloud Workload Assurancefor security posture management, Cloud Workload Protection (CWP) for Storage with Data Loss Prevention (DLP) and CloudSOC CASB support for custom cloud applications. These new capabilities bolster infrastructure security and provide policy control over both the cloud data and control planes. IT departments can now:

  • Protect all aspects of their cloud workloads and custom applications
  • Manage compliance and security policies in AWS and Microsoft Azure
  • Utilize advanced data and threat protection for AWS and Microsoft Azure
  • Gain operational efficiencies and deep insights through constant monitoring and scanning

Security for cloud applications: Symantec CloudSOC CASB is the first to provide visibility, security and threat protection for virtually any cloud application, including mobile and browser-based versions. Additionally, CloudSOC has unveiled an industry-leading API solution that may help to significantly reduce the time it takes to identify and remediate security incidents.

New features include:

  • API integrations for popular apps including Workday and Workplace by Facebook
  • Custom Gatelet to secure any homegrown or public cloud apps
  • Mobile app risk ratings and usage monitoring
  • Fast API interface for Microsoft Office 365 and Box for improved security and performance
  • Symantec Endpoint Protection Mobile integration for simplified CASB provisioning on mobile devices

Expanded Cyber Security Services:

To help businesses secure their cloud journey and address staffing and resource challenges, Symantec introduced Managed Cloud Defense – providing the same broad suite of Integrated Cyber Defense products powered by 24x7 monitoring, advanced analytics, response capabilities and world-class cloud SOC analysts. Managed Cloud Defense detects, protects and responds to cloud-based threats by correlating attack activity in the cloud with its Global Intelligence Network and by performing remote investigations, managed threat hunting and containment of cloud instances.

New features include:

  • Monitoring of cloud platforms via native integrations with AWS and Azure for increased cloud visibility
  • Cloud user and application monitoring of threats and shadow IT
  • S3 permission monitoring for protecting storage of critical cloud-based data
  • Remote incident investigation, containment and threat hunting for rapid response

Doug Cahill, senior analyst and group director at ESG, said, “Many organizations sacrifice security in exchange for convenience and speed, often inadvertently, when it comes to moving their infrastructure, applications and workloads to the cloud. With these new features and integrations, Symantec has shown its dedication to delivering a holistic platform for cloud-based security and compliance across the entire organization.”

Snapper Services Ltd. designs and develops innovative ticketing technology, processing millions of secure contactless smart card transactions for commuters each year. Snapper Cyber Security Lead, Paul Hortop said, “CWP for Storage provides the simplicity and ease of deployment we require, along with the asynchronous protection and file tagging system required for proof of scanning as part of our service.”

Bradon Rogers, senior vice president, enterprise product strategy at Symantec added, “Our cloud security suite was designed with innovative new features and comprehensive integrations to help meet the security and compliance needs of any organization. By delivering these technologies with a cloud-first mindset and integrating security across infrastructure, workloads and applications, we are able to provide the most expansive protection in the industry. And, through innovations across the Integrated Cyber Defense platform, we are able to secure key control points – cloud, endpoint, network and email.”

For more information, please visit: https://www.symantec.com/products/cloud-application-security-cloudsoc

About Symantec

Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on FacebookTwitter, and LinkedIn.

 

Contacts

Symantec
Nicole Murphy, 650-527-8000
[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
2019 Attacker Playbook
Ericka Chickowski, Contributing Writer, Dark Reading,  12/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
[Sponsored Content] The State of Encryption and How to Improve It
[Sponsored Content] The State of Encryption and How to Improve It
Encryption and access controls are considered to be the ultimate safeguards to ensure the security and confidentiality of data, which is why they're mandated in so many compliance and regulatory standards. While the cybersecurity market boasts a wide variety of encryption technologies, many data breaches reveal that sensitive and personal data has often been left unencrypted and, therefore, vulnerable.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19790
PUBLISHED: 2018-12-18
An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restricti...
CVE-2018-19829
PUBLISHED: 2018-12-18
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.
CVE-2018-16884
PUBLISHED: 2018-12-18
A flaw was found in the Linux kernel in the NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel id and cause a use-after-free. Thus a malicious container user can cause a host kernel memory corruption and a system ...
CVE-2018-17777
PUBLISHED: 2018-12-18
An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. If the PIN of the page "/ui/cbpc/login" is the default Parental Control PIN (0000), it is possible to bypass the login form by editing the path of the cookie "sid" generated by the page. The attacker will have acc...
CVE-2018-18921
PUBLISHED: 2018-12-18
PHP Server Monitor before 3.3.2 has CSRF, as demonstrated by a Delete action.