There have been suggestions floating around for at least a year that big data techniques could, indeed should, make an important contribution to IT security in general and cloud security in particular. This would form the basis of real-time, policy-driven security management. Now, it is starting to happen.
San Jose-based Elastica (not to be confused with the English post-punk rock band) is a well-funded startup that has just emerged from stealth mode to release a set of cloud security applications collectively called CloudSOC. It has released four Elastica Apps on CloudSOC that provide audit for cloud application usage and shadow IT, granular transaction visibility, real time threat detection, security controls and post-incident forensics analysis capabilities.
said: "Elastica's CloudSOC solution addresses a real and growing need for enterprises as they embrace cloud applications and services,” said Frank Dickson, Industry Principal of Network Security at Frost & Sullivan. “Enterprises are finding themselves unintentionally out of compliance with reporting standards due to a lack of data visibility in SaaS-based applications. Elastica applies machine learning technology to provide in depth visibility and controls for a broad range of cloud applications. Designed from the beginning with usability in mind, CloudSOC's visualisation makes management easy and intuitive for security operations staff."
According to the company, as enterprise users rapidly adopt cloud services, transparency and security are being left behind. Today's traditional Security Operations Centres (SOCs) do not have comparable monitoring, real-time threat detection and controls of their cloud services that they have with their on-premise applications and data.
Elastica's CloudSOC has been designed to provide this missing piece by providing security operations for cloud applications and services in one place. It has been designed to apply the power of data science on data coming from multiple sources, including real time traffic, APIs, firewalls and end-devices to enable security.
The company’s StreamIQ technology leverages machine learning to analyse and secure a broad range of cloud applications and services. Its design secures usage of both native and browser-based applications for mobile or desktop.
"Cloud and mobile has brought the promise of a truly Elastic Enterprise. Such an enterprise empowers employees to collaborate from anywhere using any device, enables efficient consumption of business resources as needed, and improves overall business agility. Elastica eliminates the security hurdle to enable a safe and secure Elastic Enterprise," said Rehan Jalil, President and CEO of Elastica.
CloudSOC supports the four new Elastica Applications. These are Audit, which is designed to take the covers off Shadow IT by providing instant insights and analytics about cloud services being used throughout the company; Detect, which detects threats in enterprise cloud application and service usage, using data science algorithms to assign ThreatScore scores that can trigger automated policies to alert on or block threats; Protect, which enforces policies on real-time traffic sessions with cloud services; and Investigate, which pursues post-incident investigations and forensic analysis across all cloud applications on all historical data.