Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

8/13/2020
09:05 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Adaptive Shield Emerges From Stealth

Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.

Numerous organizations have experienced major data breaches in recent years because of security configuration errors in their cloud applications.

A research report by Divvy Cloud earlier this year estimated as many as 33.4 billion records were exposed in breaches resulting from misconfigured cloud apps and services in 2018 and 2019 alone. Each year, the number of records exposed via such breaches has increased despite heightened awareness of the issue. Gartner estimates that through 2025, 99% of all breaches in the cloud will result from customer mistakes.

The trend has spawned the emergence of a relatively new category of security tools known as Cloud Security Posture Management (CSPM) or SaaS Security Posture Management (SSPM).

The newest entrant to that market category is Adaptive Shield, an Israel-based startup that this week emerged from stealth mode with $4 million in venture funding. Like the rapidly growing number of other vendors in the general space, Adaptive Shield's platform is designed to help organizations proactively find and address misconfigurations in their SaaS environment that could lead to exposing data.

The company claims that its technology can be deployed in minutes and can be used to automate discovery of configuration errors; to continuously monitor for them; and to provide alerts when potential new issues are discovered.

Maor Bin, co-founder and CEO of Adaptive Shield, says businesses today run nearly every facet of their operations on a wide array of interconnected cloud services. "The problem is that even though SaaS providers have been improving their native security capabilities and controls, each has its own security model and settings," Bin notes. "This makes maintaining a consistent policy across platforms, business units, and user groups an uphill battle."

Common Configuration Errors

According to Bin, the most common security problems resulting from poorly configured SaaS environments include: a failure by SaaS administrators to require multi-factor authentication for system owners and super users; the use of shared mailboxes for financial, customer, and other sensitive information; and overly permissive access for external users.

Other common security lapses include a failure to turn on auditing or logging functions for monitoring user and system activity, and leaving sensitive dashboards, forms, discussions, and other data publicly exposed and accessible over the Internet.

In many cases, SaaS platforms offer a wide range of built-in security configurations to minimize risk to enterprise data. But security teams can get overwhelmed trying to manage the settings across all of their apps, he notes.

Bin says aside from identifying and discovering configuration errors, the platform also can help speed up the remediation process. "Every issue that is presented in the platform comes with a remediation plan — step-by-step instructions on how to fix the issue," he says. Adaptive also offers automation in terms of transmitting configuration error details to the change board, and a remediation bot that performs automated fixes for simple configuration errors. The platform can be integrated with a SIEM to report configuration drifts, users who are violating policy, and other potential security issues.

Other vendors who offer similar SaaS security posture management and continuous compliance capabilities include AppOmni and Obsidian Security, for example, Bin says.

AppOmni has so far raised $13 million in funding from a multiple venture capital firms. The company has described its platform as a "Rosetta Stone" for translating and enforcing an organization's current security policies and configurations in the cloud. Obsidian, founded by former executives at Carbon Black, Cylance, AWS, and other companies, so far has raised close to $30 million in funding from an array of venture partners including Greylock and GV, a venture firm belonging to Google parent Alphabet.

Several other vendors, including Orca Security, Zscaler, Bitglass, Fugue - which has raised some $70 million in VC funding - and others, offer capabilities for cloud security posture-management.

Related Content:

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Malware Attacks Declined But Became More Evasive in Q2
Jai Vijayan, Contributing Writer,  9/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15216
PUBLISHED: 2020-09-29
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users of goxmldsig should upgrade to at least revisio...
CVE-2020-4607
PUBLISHED: 2020-09-29
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...