Cloudaware Threat Center
A security solution for cloud environments that addresses complex security challenges through advanced threat detection and mitigation.
| Category | Threat Detection & Response |
|---|---|
| This page updated | a month ago |
| Pricing Details | Contact for pricing details. |
| Target Audience | Cloud security professionals, IT administrators, organizations using multi-cloud environments. |
The Cloudaware Threat Center addresses the complex security challenges in cloud environments by providing a comprehensive and integrated security solution. The core challenge it tackles is the detection and mitigation of advanced, targeted, and persistent threats that can evade standard security measures.
Technically, the Cloudaware Threat Center employs a multi-level threat detection and analysis approach. It correlates security events from multiple sources, including cloud changes, network activity, and host behavior, using attributes such as source IP address, vulnerability type, and username. This correlation enables the detection of coordinated attacks and suspicious activities, whether originating from inside or outside the network. The system integrates with various security tools, such as Snort, to provide real-time visibility and insights, and it supports signature-, protocol-, and anomaly-based inspection to identify threats like buffer overflows, CGI attacks, and malware communications.
Operationally, the Cloudaware Threat Center automates threat remediation using advanced forensic techniques and a built-in workflow engine. It can isolate suspicious endpoints, roll back system changes made by malware, and route violations and incident management tasks. The system also provides end-to-end visibility of threat activity and customizable event alarms, which are crucial for proactive monitoring and risk management.
Key operational considerations include the integration with Salesforce's app engine, which subjects Cloudaware to Salesforce's robust security controls, including SOC2 compliance and strict access controls. This ensures that customer data is protected and only accessible to authorized users. The Breeze Agent, a component of Cloudaware, communicates with the Breeze Server over HTTPS with FIPS 197 compliant encryption, ensuring secure and authenticated communication between agents and servers.
Limitations include the potential for increased complexity in managing multi-cloud environments, as Cloudaware integrates multiple security solutions into a single bundle. Additionally, the system's effectiveness can depend on the proper configuration of security settings and the assignment of appropriate roles and permissions by the Cloudaware System Administrator.