Cloud Misconfiguration: The “Accidental” Security Risks in the Cloud

As organizations migrate applications and data to the cloud, they are realizing that many of their staff lack cloud security expertise. The cloud represents a fundamentally different approach to computing and the security differences between the cloud and traditional on-premise infrastructures are night and day. Because of these differences in computing, your staff is likely to make mistakes that result in configuration errors in your cloud. While not intentional, these mistakes will be costly to businesses as they look to secure their data in the cloud. Below are some stats that highlight this risk:

Sign up to request a free security and compliance assessment

Introducing Armor Automated Security and Compliance – RedLock

Securing the Accidental and Intentional

In order to solve the risks associated with how your employees are using and configuring the cloud, Armor has partnered with RedLock®, a continuous cloud security and compliance posture management solution for hybrid and multi-cloud environments and is from Palo Alto Networks, to launch: Armor Automated Security and Compliance – RedLock. This offering combines the RedLock and Armor Anywhere offerings to reduce security incident response times resolving both the accidental and intentional security threats to your cloud environment. With the RedLock offering, Armor is able to help clients resolve any configuration missteps (i.e. leaving cloud storage open to the world, exposing an application to the public internet, not enforcing IAM rules, etc.) with how they are using the cloud that might leave their environment vulnerable to breach. Armor Anywhere takes this service a step further by providing threat detection and response against intentional attacks against your environment by threat actors (i.e. intrusion detection, file integrity monitoring, malware protection). Combined, the offering protects against accidental and intentional threats to your cloud environments.

Delivering on the Promise of Continuous Security and Compliance

Armor Offers a FREE Initial Security and Compliance Assessment for your Cloud Posture

Get started with Armor’s Automated Security and Compliance – RedLock offering by taking a free security and compliance assessment to get a baseline reading of your cloud security and compliance posture. Armor offers a free assessment for one of the following standards:

  • CIS v1.2.0 (AWS)
  • GDPR
  • HIPAA
  • ISO 27001:2013
  • NIST 800-53 Rev4
  • NIST CSF
  • PCI DSS v3.2
  • SOC 2

Armor Automated Security and Compliance – RedLock: How it Works

After your initial free assessment, organizations will purchase Armor Automated Security and Compliance – RedLock so they can continuously monitor security and compliance violations of one or many of the above standards. The diagram below shows how the offering works to deliver on the promise of continuous compliance and security monitoring within your environment; this product allows you to manage risk within your environment based on your business requirements, the latest threat intelligence and regulatory and best practice standards.

With Armor Automated Security and Compliance – RedLock you Can:

  • Identify your cloud environment footprint and monitor for the creation of new instances or buckets (i.e., shadow IT).
  • Provide policy visibility and ensure consistent enforcement across multiple cloud providers.
  • Scan your compute instances for misconfigurations and improper settings that could leave them vulnerable to exploitation.
  • Scan your storage buckets for misconfigurations that could make data accessible to the public.
  • Audit for adherence to appropriate compliance mandates.
  • Perform risk assessments vs. frameworks and external standards such as the International Organization for Standardization (ISO) and National Institute of Standards and Technology (NIST).
  • Verify that operational activities are being performed as expected (e.g., key rotations).
  • Automated remediation—or remediation at the click of a button.
  • Host-based security controls (FIM, IDS, Malware Protection, Vulnerability Scanning) to protect against intentional attacks against your environment from threat actors.