Sophos unveiled advancements to Sophos Cloud Optix that automate and simplify the detection and response of cloud security vulnerabilities and misconfigurations to reduce risk exposure.
Cloud Optix is easily managed on the unified cloud-based Sophos Central platform alongside Sophos’ entire portfolio of next-generation cybersecurity solutions – including Sophos’ endpoint, network, mobile, Wi-Fi, email and encryption products. Real-time information sharing and threat response on Sophos Central empowers organizations to improve threat detection and response times, simplify investigations and minimize threat impact.
Cloud Optix answers a critical market need for cloud security through unmatched visibility into risky blind spots. Using artificial intelligence to automate detection of cloud architecture vulnerabilities and misconfigurations, security teams gain complete visibility into everything they have in the cloud as well as the ability to respond and remediate security risks in minutes. Available in AWS Marketplace, Cloud Optix provides automatic discovery of an organization’s assets across Amazon Web Services (AWS) and multi-cloud environments.
The innovative new features and capabilities include the following:
- Accelerate threat investigation: Cloud Optix transforms the visualization of AWS infrastructure, so organizations can identify and eliminate hidden security threats. Cloud Optix now extends support for the newly launched Amazon Detective with interactive and intuitive data about potential threats, such as failed login attempts and suspicious API calls across AWS workloads
- Identify Kubernetes security vulnerabilities: Amazon Elastic Kubernetes Service (Amazon EKS) clusters and native Kubernetes deployments are now tracked by Cloud Optix, providing comprehensive inventory and visualization of clusters, nodes, node pools, pods, containers and more; New security benchmark checks enable organizations to continuously assess the security posture of their container orchestration platform
- Detect cloud spend abnormalities: New security-focused cloud spend monitoring capabilities flag unexpected abnormalities potentially indicative of abuse, so organizations can take action. Cloud Optix monitors daily cloud spend and identifies unusual activity, highlighting top environments and services by spend with customizable spend threshold alerts
- Detect unintended public or cross-account access: Integration with the new AWS Identity and Access Management (IAM) Access Analyzer provides detail and context needed to quickly determine whether resource policies have been misconfigured to allow unintended public or cross-account access
- Secure cloud traffic: Extending security to the network, Sophos UTM support for the new Amazon Virtual Private Cloud (VPC) Ingress Routing, ensures traffic flowing in and out of VPCs and other virtual appliances is secure. With the new ability to restrict north-south traffic, Sophos provides an added layer of protection to secure cloud infrastructure