Cloud

10/10/2018
11:15 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symantec Expands Cloud Security Portfolio

Integrated approach to cloud security, compliance and management delivers 'no compromises' visibility and control to IaaS, PaaS and SaaS applications

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Symantec Corp (NASDAQ: SYMC), the world’s leading cyber security company, today announced innovations and expansions to its cloud security portfolio, designed to help organizations protect the cloud generation applications and infrastructure they rely on. Symantec’s Cyber Defense Platform offers the broadest cloud protection available, providing visibility and control for virtually any cloud app and integrations with CloudSOC CASB, Cloud Workload Protection (CWP) and Data Loss Protection (DLP). It also provides the deepest cloud protection, giving customers the ability to track more risk attributes and scan cloud applications and repositories with new API Integrations.

As enterprises move critical infrastructure, applications and workloads to the cloud, they gain major advantages in scale, convenience, cost and performance. However, this adoption often comes without proper IT oversight or security controls, introducing risk for data loss, breaches and compliance violations.

To address these challenges, Symantec has developed the most complete suite of technologies and solutions for every cloud security and compliance need through its Integrated Cyber Defense Platform, which offers market-leading integrated security solutions covering a robust set of IaaS, PaaS and SaaS technologies that businesses use every day.

Key portfolio updates include:

Protection for cloud infrastructure: New Cloud Workload Assurancefor security posture management, Cloud Workload Protection (CWP) for Storage with Data Loss Prevention (DLP) and CloudSOC CASB support for custom cloud applications. These new capabilities bolster infrastructure security and provide policy control over both the cloud data and control planes. IT departments can now:

  • Protect all aspects of their cloud workloads and custom applications
  • Manage compliance and security policies in AWS and Microsoft Azure
  • Utilize advanced data and threat protection for AWS and Microsoft Azure
  • Gain operational efficiencies and deep insights through constant monitoring and scanning

Security for cloud applications: Symantec CloudSOC CASB is the first to provide visibility, security and threat protection for virtually any cloud application, including mobile and browser-based versions. Additionally, CloudSOC has unveiled an industry-leading API solution that may help to significantly reduce the time it takes to identify and remediate security incidents.

New features include:

  • API integrations for popular apps including Workday and Workplace by Facebook
  • Custom Gatelet to secure any homegrown or public cloud apps
  • Mobile app risk ratings and usage monitoring
  • Fast API interface for Microsoft Office 365 and Box for improved security and performance
  • Symantec Endpoint Protection Mobile integration for simplified CASB provisioning on mobile devices

Expanded Cyber Security Services:

To help businesses secure their cloud journey and address staffing and resource challenges, Symantec introduced Managed Cloud Defense – providing the same broad suite of Integrated Cyber Defense products powered by 24x7 monitoring, advanced analytics, response capabilities and world-class cloud SOC analysts. Managed Cloud Defense detects, protects and responds to cloud-based threats by correlating attack activity in the cloud with its Global Intelligence Network and by performing remote investigations, managed threat hunting and containment of cloud instances.

New features include:

  • Monitoring of cloud platforms via native integrations with AWS and Azure for increased cloud visibility
  • Cloud user and application monitoring of threats and shadow IT
  • S3 permission monitoring for protecting storage of critical cloud-based data
  • Remote incident investigation, containment and threat hunting for rapid response

Doug Cahill, senior analyst and group director at ESG, said, “Many organizations sacrifice security in exchange for convenience and speed, often inadvertently, when it comes to moving their infrastructure, applications and workloads to the cloud. With these new features and integrations, Symantec has shown its dedication to delivering a holistic platform for cloud-based security and compliance across the entire organization.”

Snapper Services Ltd. designs and develops innovative ticketing technology, processing millions of secure contactless smart card transactions for commuters each year. Snapper Cyber Security Lead, Paul Hortop said, “CWP for Storage provides the simplicity and ease of deployment we require, along with the asynchronous protection and file tagging system required for proof of scanning as part of our service.”

Bradon Rogers, senior vice president, enterprise product strategy at Symantec added, “Our cloud security suite was designed with innovative new features and comprehensive integrations to help meet the security and compliance needs of any organization. By delivering these technologies with a cloud-first mindset and integrating security across infrastructure, workloads and applications, we are able to provide the most expansive protection in the industry. And, through innovations across the Integrated Cyber Defense platform, we are able to secure key control points – cloud, endpoint, network and email.”

For more information, please visit: https://www.symantec.com/products/cloud-application-security-cloudsoc

About Symantec

Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on FacebookTwitter, and LinkedIn.

 

Contacts

Symantec
Nicole Murphy, 650-527-8000
[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
2018 Was Second-Most Active Year for Data Breaches
Jai Vijayan, Freelance writer,  2/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8948
PUBLISHED: 2019-02-20
PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163.
CVE-2019-8950
PUBLISHED: 2019-02-20
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via TELNET.
CVE-2019-8942
PUBLISHED: 2019-02-20
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image c...
CVE-2019-8943
PUBLISHED: 2019-02-20
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring...
CVE-2019-8944
PUBLISHED: 2019-02-20
An Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (and before 2018.10.4 LTS) allows remote authenticated users to view sensitive Terraform output variables via log files.