Published on : Jan 25, 2023
Synthesis Security Platform's comprehensive runtime protection of cloud infrastructure moves beyond basic misconfigurations, detecting when inadequate security posture is actually being exploited
Announces freemium model for CSPM functionality, now available free of charge
Skyhawk Security, a leader in cloud threat detection recently spun off of Radware® (NASDAQ:RDWR), today announced the release of its Synthesis Security Platform. The platform provides unique Cloud Threat Detection and Response (CDR) capabilities, across multi-cloud environments.
The platform is far ahead of other security products whose focus is identifying numerous static cloud security misconfigurations. Skyhawk Synthesis goes beyond this, using ML to identify correlated sequences of high-priority runtime events and pinpointing exactly when least resistance paths have been exploited to compromise cloud infrastructure. Even when cloud architecture is 100% compliant and configured 100% correctly, these environments can still be breached. Skyhawk Security not only improves security posture but allows SOC teams to zero in on events that pose a real threat to their organization.
Skyhawk Synthesis provides a comprehensive platform that, in addition to CDR, also includes Cloud Infrastructure Entitlement Management (CIEM), Identity Threat Detection and Response (ITDR), and advanced Cloud Security Posture Management (CSPM). Skyhawk considers CSPM to be a baseline capability, and for that reason, it is now available for free. The freemium CSPM solution includes complete posture management and hardening, compliance reports, and governance enforcement for up to 1,000 assets.
Skyhawk Security (formerly Cloud Native Protector) was launched by Radware, a leading provider of cybersecurity and application delivery solutions, in May of 2022 with a $35 million strategic investment by a Tiger Global Management affiliate. In a separate announcement, Skyhawk Security revealed the appointment of experienced cloud security entrepreneur Chen Burshan as CEO. Chen brings nearly a decade of cloud security experience to the role and played an instrumental part in the creation of CSPM during his time at Dome9, later acquired by Check Point Software.
The single biggest issue security teams face is false alerts. A recent University of Oxford study showed that a whopping 99% of alerts are false positives. Alert fatigue and a lack of efficiency are inevitable when security teams spend countless hours chasing events and alerts that pose no real threat. Beyond this, the rapidly expanding cloud infrastructure attack surface has opened the door for major misconfiguration and visibility concerns. For example, the recent Uber breaches showcase the heavy cost of mismanaged cloud security, resulting in the personal information of 77,000 employees being leaked.
Unlike competitors who focus solely on static cloud misconfiguration and at-rest scanning tools, Skyhawk Security’s Synthesis Platform surfaces runtime threats as they occur. It combines full awareness of inventory and least resistance paths with behavioral analytics and uses advanced context-based event correlation to connect suspicious activities into an attack sequence. This breakthrough approach cuts through the noise and elevates the awareness of actual alerts, or “Realerts” which pose a threat to the business. The results are presented within minutes in a CDR “Runtime Hub” that enables security analysts to react immediately to legitimate threats, while also reducing alert fatigue that other tools create.
“Cloud posture management is a major challenge; however, cloud security and SOC teams are overwhelmed trying to analyze and respond to the thousands of alerts brought on by current cloud security solutions,” said Chen Burshan, CEO of Skyhawk Security. “Our approach is unique because we’re pinpointing and stopping real attacks by discovering the latent risks and then monitoring the full runtime of dynamic threats in the cloud infrastructure. This bridges the gap between having an exhaustive list of misconfigurations and vulnerabilities to having awareness that those issues are being used to compromise your infrastructure.”