Freely subscribe to our NEWSLETTER

It’s now become commonplace for organizations to incorporate cloud-based infrastructure-as-a-service (IaaS) offerings into their IT estates. This transformation has many benefits, but also new challenges, particularly in relation to security.

These challenges include the rapid development of IaaS platforms, a scarcity of professionals with cloud security skills and experience, different regulatory considerations, and overall complexity. The fact that many companies use multiple public cloud providers simultaneously only adds to the difficulties in securing such infrastructure.

The challenges can add up to significant security problems. A 2022 WithSecure™ survey found that nearly 34% of companies detected non-misconfiguration vulnerabilities and 24% detected misconfigurations impacting their cloud platforms in the previous 12 months.*

Cloud Security Posture Management is a new module available for WithSecure™ Elements—a cloud-based security platform that provides organizations with the flexibility to pick and choose the capabilities they need via different modules.

The module is intended to manage risks related to vulnerabilities and misconfigurations in popular cloud-based IaaS platforms. Support for both AWS and Microsoft Azure is provided from the very beginning. Specific benefits include:
• Cloud security posture scanning that identifies and prioritizes misconfigurations based on risk level with accompanying mitigation instructions.
• Configuration checks for overly permissive IAM privileges, unencrypted data at rest, cloud instances with access to public IP addresses, whether logging is enabled for incident investigation, and additional existing and emerging cloud security issues.
• Service powered by consulting expertise and research to ensure checks fit within threat models and add real security value to organizations.
• Dedicated dashboard where important information that requires attention is provided in easy-to-interpret graphs, such as the evolution of security posture over time, and different security posture insights.
• Multi-company and multi-cloud management in a single easy-to-use portal along with endpoint security, collaboration protection and vulnerability management products.
• Specific rules and flagging that help in maintaining compliance with independent standards, namely CIS and NIST CSF.
• Possibility for partners, like MSPs and MSSPs, to provide CSPM as a managed service to their customers.
The capabilities provided by Cloud Security Posture Management complement WithSecure™ Elements’ endpoint protection, endpoint detection and response, vulnerability management, and collaboration protection modules to ensure organizations’ migration to the cloud includes security.

*Source: WithSecure 2022 B2B Market Research. Online survey with 3072 respondents was carried out during May 2022 across 12 countries (UK, France, Germany, Belgium, Netherlands, Denmark, Finland, Norway, Sweden, US, Canada, and Japan). Respondents were decision makers or decision influencers in their organizations for purchase of IT, cloud or network security products and services.