The new Darktrace/Cloud solution provides security teams better visibility into cloud architectures. This is to deliver strong threat detection and response and stop misconfigurations.
Cloud environments change rapidly, often suffer from misconfigurations and increasingly incorporate new technology such as containers, Kubernetes and microservices. Good visibility and being able to prevent and resolve misconfigurations is essential for this, according to Darktrace. Especially for detecting existing and upcoming threats.
Darktrace/Cloud provides an understandable view of cloud architectures, real-time cloud-based threat detection and response functionality. In addition, the tool provides security teams with the necessary recommendations that allow them to take immediate action, including resolving misconfigurations in cloud environments. In addition, this strong understanding of cloud architectures should improve compliance.
The AI-based solution gives users various functionality. Among other things, it provides clear insight and model construction of the cloud infrastructure in use. This is based on configuration, network and IAM data. Based on this, insightful patterns are created for cloud resources, identities and services. This should improve the recognition of anomalies and unknown threats.
Real-time threat detection and response
Another feature is the -earlier mentioned- real-time cloud-based threat detection and response. This functionality has a dynamic view of known and emerging threats in cloud environments.
Universal attack path modeling provides security experts with a dynamic overview of where attackers might strike later within cloud or network environments.
In addition, Darktrace/Cloud provides functionality that allows security administrators to compare cloud configurations against standard compliance frameworks via prioritized cloud posture management. When they encounter certain misconfigurations, the solution provides an overview of what should be fixed first. This is based on a risk profile composed of security and business context. The tool also provides a roadmap for this.
Other features in Darktrace/Cloud include a cost savings tool to better allocate cloud resources, enhanced communication and collaboration capabilities for streamlining workflows between security and DevOps teams and various flexible deployment options.
Darktrace/Cloud is available immediately for AWS’ public cloud in the AWS Marketplace.