Webinar: Intrusion Detection for Elastic Cloud Deployments

Cloud security was by far the biggest theme at the AWS Summit in New York this year. Specifically, intrusion detection in the cloud: How does it work? How can it provide what traditional solutions simply cannot? Since this topic deserves much more detailed attention, we have decided to host an entire webinar on this topic.

Read more “Webinar: Intrusion Detection for Elastic Cloud Deployments”

Threat Stack Introducing SecDevOps at AWS Summit New York

Next Thursday, we will be at the AWS Summit 2014 in New York meeting with AWS users from across the country — many of which are our own customers — as well as leading the discussion around the intersection of Security, Development and Operations and what that means for continuous monitoring in EC2.

Read more “Threat Stack Introducing SecDevOps at AWS Summit New York”

Behavioral Threat Monitoring Without Models

One of the great things about the cloud is the ability for companies to grow and shrink their infrastructure elastically to meet varying levels of demand. What many people don’t think about is how to secure this sprawl of cloud compute instances. As new systems are deployed, how do you enforce a policy on them? How do you look for anomalous behavior when an instance hasn’t been up long enough to determine a baseline?

Cloud Sight has solved this problem from day 1 with our policy framework. Our policies encompass all attributes of an instance’s security posture: alert rules, file integrity rules, firewall rules, so many rules! But also, each policy has a unique, learned behavioral model associated with it. For example, an Apache web server process doesn’t usually fork /bin/sh. When our agent is activated, the instance’s baseline is already established from its peers which enables us to immediately start monitoring for anomalies.

Read more “Behavioral Threat Monitoring Without Models”