Cloud security specialist Zscaler will acquire the American startup Cloudneti. The startup’s technology should make it easier for customers to discover configuration vulnerabilities in their public cloud and SaaS applications.

With the acquisition, the cloud security specialist gets a product that scans cloud-based applications for poorly defined security settings and other configuration issues that could potentially open a backdoor to hackers. This will prevent incorrect configurations, due to human error or not, from causing data leaks.

The technology is suitable for all workloads running on the major public cloud environments, AWS, Microsoft Azure and Google Cloud, but also within popular SaaS environments such as Office 365.

Rule based security

With Cloudneti, administrators can concretely determine for themselves which application problems the service should look for. This is done on the basis of defining certain security rules. For example, they can indicate that MySQL databases running on AWS are not accessible through the public internet.

Cloudneti then shows whether certain MySQL instances in the AWS environment of the company in question are still accessible via the public Internet. In addition, the solution ranks these instances in the necessary order of adaptation to the established security rules.

Integration with Zscaler portfolio

According to Zscaler, Cloudneti’s technology is also highly compatible with its own solutions. For example, the cloud security specialist has its Private Access solution that secures employees’ connections to applications running in a private or public cloud. It also has its Internet Access solution that protects user traffic to known SaaS applications. The technology now purchased from Cloudneti can further expand these two solutions. However, Zscaler is not yet announcing how the acquired technology, and the startup in general, will be integrated.

Configuration scanning is popular

Cloud security posture management technology like Cloudneti’s is becoming increasingly popular. As a result, start-ups developing this technology are attracting more and more attention. At the end of last year, for example, Aqua Security took over CloudSploit. This startup also offers a scanning tool for finding vulnerabilities in cloud configurations.