December 15, 2022
The concept of “moving to the cloud” to simplify IT and cybersecurity is fascinating. Clearly, the ultimate objective is fantastic. It is hard to argue against elastic, software-defined (and API driven) building blocks for running your applications, in lieu of static hardware investments and custom orchestration software running in traditional data centers. Cybersecurity for cloud data centers is also supposed to be easier – software defined and consistent.
That said, the journey to cloud nirvana is not so simple if you are a typical billion dollar organization. Most Fortune 500 organizations have a complex hodgepodge of cloud deployments as well as numerous traditional data centers, offices and mobile endpoints.
Many cybersecurity teams are wrestling with how to deal with skyrocketing costs and complexity when managing their cybersecurity posture in a multi-cloud and hybrid world. There are several reasons for this pain and cost. Fragmented visibility and different tooling for managing cloud and non-cloud makes it hard to prioritize and fix vulnerabilities and security risk issues in a consistent way across the enterprise. Assuring compliance is also tricky: a ton of manual effort is expended to extend policies for traditional IT assets to Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP) environments.
To help security teams better protect their traditional and multi-cloud environments, I am excited to announce that Balbix has extended security posture automation to Microsoft Azure. Security teams can use Balbix to quantify, prioritize and mitigate risks in their Azure environments, as well as in previously supported AWS, GCP and traditional environments in a unified and consistent maximally automated way.
This product release also significantly broadens our support for the Microsoft ecosystem. This includes security posture automation for assets running Windows and other Microsoft software, and third-party software products running on those assets. Balbix is also announcing a new integration with Microsoft Azure Active Directory single sign-on.
With the newly announced support for Microsoft Azure, you can continuously monitor popular Azure cloud services including: Azure Virtual Machines, Azure Service Bus Messaging, Azure Key Vault, Azure Blob Storage, Azure Cosmos DB, Azure Kubernetes Service (AKS), Azure SQL Database, Azure AKS Deployments, and Azure Functions. This extensive support is provided through a new API-based Balbix Connector for Microsoft Azure and through optional sensors for virtual machines.
Security teams can easily connect Balbix and Azure using our API connector and start ingesting data into Balbix within minutes using a wizard-driven configuration process.
Once configured, the Connector for Microsoft Azure automatically ingests and categorizes Azure services into compute, storage, network, containers, database, security and identity. The Balbix platform also allows you to combine asset data from Azure Cloud with data from your existing IT and security tools to map over 400 IT, security and business attributes for each asset. Optional Balbix sensors also capture additional system details for virtual machines, including network, storage, ports, users, software inventory, the software bill of materials (SBOM) and security controls. This allows you to get a comprehensive and near-real time visibility of your Azure assets.
The Connector for Microsoft Azure also provides security teams the ability to discover, prioritize and remediate common vulnerabilities on Azure assets, notably misconfigurations – the most prevalent and exploited attack vector in the cloud. Balbix (optional) sensors provide additional visibility into other types of vulnerabilities – such as unpatched software vulnerabilities, weak credentials and trust issues.
Balbix’s cyber risk quantification (CRQ) solution also measures the risk of Azure cloud environments in terms of breach likelihood and business impact in order to prioritize remediation and quantify cyber risk in dollars (or other currencies).
Multi-cloud deployments come with unique security challenges. Cybersecurity Insiders reports that 62% of organizations are not confident in their security posture. What are the biggest contributors to this lack of confidence? Survey respondents say that these include: the lack of visibility in their asset inventory and inability to prioritize vulnerabilities based on business risk.
With the release of our support for Microsoft Azure, Balbix has extended support for the top three cloud infrastructure providers: Azure, AWS and GCP. We also extensively cover on-prem and hybrid-cloud environments.
This unified coverage allows security analysts to work more productively by eliminating the need to pivot across multiple tools and dashboards. They also no longer need to combine data manually from these tools into custom spreadsheets to get a comprehensive view of their security posture. For example, the image below shows a server group with servers spanning Azure, AWS, GCP and on-premises at the organization’s HQ.
Balbix provides more than just visibility. Unlike other vendors, Balbix combines Cloud Asset Attack Surface Management (CAASM) with Risk-Based Vulnerability Management (RBVM) and CRQ solutions.
With RBVM, security teams can prioritize and mitigate unseen risks across multi-cloud and hybrid environments, including risks such as unpatched software vulnerabilities, weak credentials, missing security controls, poor encryption, trust issues and cloud infrastructure misconfigurations. Security teams can also prioritize risk issues across their entire environment to reduce risk faster.
Security teams can also group their cloud assets (Azure, AWS and GCP) by business unit, geography, site or business owner to improve accountability and business reporting.
Balbix’s support for Azure is one part of our broader support for the Microsoft ecosystem in which Balbix provides security posture automation for all assets running Windows OS and for other Microsoft software and third party software products running on those assets.
As an example, Balbix provides security teams with a consolidated view of Windows OS patch status across all the assets in their environment and recommends fixes based on patch precedence.
For the assets with Balbix sensors deployed, Balbix also reports on Windows OS patch status for individual assets: whether a server can be reached to determine patch status, time of the last successful update check, and the status of known installed patch versions.
Balbix has also released new capabilities such that security and IT teams can now manage the security posture of any application downloaded from the Microsoft Store that is running in a Windows environment. Additionally, integration with Microsoft Azure Active Directory (AAD) Single Sign-on (SSO) provides Balbix customers with the ability to use Azure AD SSO to provision access to Balbix for their employees.
To learn more, schedule a 30-minute demo with Balbix.