Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

4/26/2018
04:00 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

How Microsoft, Amazon, Alphabet Are Reshaping Security

Tech's biggest giants are shifting the cybersecurity landscape as they incorporate security into their products and services.

Microsoft, Amazon, and Alphabet are stomping into the security market, ready to shake things up and address the weaknesses they see in today's tools. Analysts predict the three tech giants will disrupt security the same way they disrupted industries like computing, advertising, and retail by bringing protections to where people are moving their work: into the cloud.

Forrester analysts Jeff Pollard and Joseph Blankenship illustrate the threat in a new report intended to help security pros prepare to work with the companies as they focus on security in the cloud, a space the three effectively control. Legacy security vendors should be intimidated, says Pollard, Forrester's principal analyst serving security and risk professionals.

"As more and more technologies are cloud-ready and more services are cloud-enabled, what winds up happening is, in the same way Amazon can control a retailer on Amazon Prime, that's the kind of power Microsoft, Amazon, and Google will have on their own cloud marketplaces," he continues, referring to Google Cloud, which operates under parent company Alphabet.

Cybersecurity is a hot market for venture funding; Forrester reports VCs poured $3.1 billion into nearly 300 startups in 2016. The investment has driven innovation but failed to address basics like full-featured APIs and integrated management consoles bridging on-prem with cloud.

With their strong influence over the tech market, Microsoft, Amazon, and Alphabet would have had some degree of impact on security no matter what. Now, their effect will be bigger. "They control the marketplace, and that means you have to pay attention to them," Pollard notes.

Each firm bundles technologies and simplifies deployments for security teams, which can use preconfigured security policies for new servers and containers. Scalability isn't an issue; as infrastructure and applications grow, so do cloud platforms. Teams don't need to worry about whether hardware can handle bandwidth upgrades, or whether management servers can handle new endpoints.

As an example of bundling tech, Pollard points to Microsoft's Advanced Threat Protection on Office 365. This puts pressure on email vendors offering spam filtering and automated analysis. If companies already use the Microsoft 365 platform, they don't need additional tools.

Pollard explains how each company approaches security from a different angle. If you want to monitor endpoints you go to Microsoft, which sees how attackers target the Windows OS. If you want to interact with developers, you turn to Amazon Web Services (AWS). If you want to use VirusTotal, you work with Alphabet, which bought the malware and virus scanner in 2012.

He breaks down each company's strategy and explains its perspective:

Microsoft

"Microsoft should probably scare most people as the biggest existential threat," says Pollard.

The company has shown its ability to move into adjacent markets and succeed. Windows is the world's most common OS, giving Microsoft a market advantage and the easiest path to market if they want to push out other vendors. Even if an antivirus tool is on 30% of Windows machines, the AV company has a small fraction of the data Microsoft does.

The shift has changed CISOs' strategies, Pollard explains. Gone are the days when security leaders opted for separate antivirus tools in lieu of Windows Defender. Now, many question the business' choice to buy an endpoint suite when Microsoft's services have security built in.

Microsoft's strategy relies on integrated capabilities; its plan is to build security into each part of Azure, Office 365, and Windows. Acquisitions of smaller firms like Adallom and Aorato have added cloud security capabilities and malware detection, respectively.

Looking ahead, he anticipates Microsoft will continue to target its core enterprise market by making security easy to buy and use. He cautions security teams against investing all their resources in one vendor, however. Microsoft may have succeeded with Windows, Office, and Azure, but has failed in the past with Bing, Windows Phone, and Zune.

Amazon

Amazon's primary audience is developers, who benefit from the scalability and orchestration of AWS but put security teams in a tough spot with poor visibility and fragmented data. The Amazon strategy is to boost visibility in AWS so dev and security have the same set of threat intel, infrastructure logs, user activity, and CloudTrail API in one dashboard.

"Teams continue to use AWS and security teams aren't prepared for that," says Pollard. Amazon is now trying to empower both dev and security teams so they're on the same page.

Look to Amazon if you're focused on secure development, as developers will continue to be its primary audience, Forrester points out in the report. The company, analysts predict, will continue to add security features but will likely take time to broaden its target market.

Alphabet

Alphabet dabbled in the security space for a while, investing in VirusTotal and launching Project Zero for internal employees but it began its big push after Amazon and Microsoft did. Now it's trying to bundle security and grow the Google compute platform, says Pollard.

It seems Google Cloud's strategy is to go after the AWS market, he speculates. "They don't have the enterprise relationship that Microsoft has, so it makes sense to go after AWS." Its two focus areas include visibility and data analytics, and privacy on personal and professional levels.

Forrester recommends using Alphabet for data but approaching long-term investment with caution. "Alphabet has a history of announcing products and services, then letting them languish when they don’t take the world by storm," Pollard and Blankenship report.

Cybersecurity is a focus for Alphabet now, but the issue is whether the company will continue to prioritize its security services or abandon them. If your business uses Google Cloud Platform then it's worth investing in Alphabet's strategy, but if feature developments start to slow, it's recommended you reconsider.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the security track here. Register with Promo Code DR200 and save $200.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/30/2018 | 11:16:34 PM
bridging on-prem with cloud
This is a huge problem to solve. Many dove headfirst into cloud only to realize 100% immersion was not the right path. Most organizations leverage a hybrid solution and as such are subject to this detriment in bridging data between the two facets. 
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15246
PUBLISHED: 2020-11-23
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an October CMS server via a specially crafted request. Issue has been patched in Build 469 (v1.0.469) and v...
CVE-2020-15247
PUBLISHED: 2020-11-23
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions who would normally not be permi...
CVE-2020-15248
PUBLISHED: 2020-11-23
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the ...
CVE-2020-15249
PUBLISHED: 2020-11-23
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, backend users with access to upload files were permitted to upload SVG files without any sanitization applied to the uploaded files. Since SVG ...
CVE-2020-28927
PUBLISHED: 2020-11-23
There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload.