McAfee announced updates to McAfee MVISION Cloud for Microsoft Azure that will help customers “Shift Left” with security to preemptively help to address compliance and risk within their cloud infrastructure.
With McAfee MVISION Cloud, security is pushed earlier into the DevOps process so that security professionals can catch risky configurations before they become a threat in production. This gives organizations the ability to deploy applications in the cloud with greater speed and efficiency.
While Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) environments provide customers with choice and flexibility, if not configured correctly, they also potentially increase the organization’s surface area for security risks.
McAfee detects compromised account activity in Azure based on brute force login attempts, logins from new and untrusted locations for a specific user, and consecutive login attempts from two locations in a time period that implies impossible travel – even if the two logins occur across multiple cloud services – to support immediate remediation and limit exposure.
McAfee automatically constructs a behavior model with dynamic and continuously updated thresholds for each user and group to identify activity indicative of insider threat. Privileged user analytics identifies risk from inactive administrator accounts, excessive permissions, and unwarranted escalation of privileges and user provisioning.
McAfee MVISION Cloud for Azure enforces DLP policies across data at rest and in motion to ensure compliance with regulations and internal policies. McAfee supports DLP rules based on keywords, data identifiers, user groups, and regular expressions. Enforcement actions include coach users, notify administrator, block, quarantine, and delete. Leverage pre-built industry templates, create custom policies in McAfee, or leverage policies in an existing on-premises DLP solution.
With the new features in McAfee MVISION Cloud for Azure, security groups can integrate policy natively into DevOps processes and toolsets to discover security issues before systems are deployed to accelerate business in the cloud.
New capabilities include security scans for Azure Resource Manager templates that allow users to discover risky configuration issues or violations in Azure Resource Manager Templates prior to deploying resources. Its inline integration with the tools developers use: security checks inside the DevOps pipeline through API integration with tools including Microsoft Git, Github, and Azure DevOps. Security Feedback is natively integrated into the build process saving time, effort, and frustration.
The offering also offers unified cloud security for Azure ecosystem to allows developers to leverage Azure services knowing security will be built-in by design (IaaS/PaaS/Container services) aligning closely to the Cloud Security Posture Management (CSPM) best practices. Its preemptive risk avoidance improves compliance with regulatory frameworks and reduces the likelihood of data loss, abuse or fines associated with improper security controls by highlighting security findings before they become security incidents.
The new “Shift Left” capabilities in McAfee MVISION Cloud for Microsoft Azure are available now.
No comments:
Post a Comment