ObserveIT announced recently that it had launched its CloudThreat security solution for Amazon Web Services (News - Alert). The new solution fills a void where many cloud environments had previously been left unprotected.
Boston-based ObserveIT develops user activity tracking software that uncovers unusual patterns in usage in an effort to prevent internal IT security breaches.
These solutions monitor the sessions of privileged users to determine if anyone is using, for example, admin privileges to open an IT system to attack. Application user monitoring looks for activity like massive data downloads or attempts to access sensitive data. Activity involving consumer-grade cloud applications like Dropbox (News - Alert), which can also facilitate breaches, is something that can also be detected. Vendor use, OS behavior, and gateway monitoring are other areas that can be analyzed.
One of the main issues that AWS enterprise customers face is that they have been left on their own when it comes to protecting their cloud. Amazon provides the hosting and other web-related services, but it does not provide security. This leaves a company wide open to an attack through AWS.
ObserveIT resolves this gaping hole in cloud security with CloudThreat, which integrates with Amazon’s CloudWatch monitoring solution. It uses the same behavior monitoring technology found in other ObserveIT solutions. Companies will be able to monitor the unusual behavior mentioned earlier, and also attempts to elevate a user’s privileges.
Companies have long used tools like audit trails, to determine who accessed data and what they did. This concept is taken to a higher level with CloudThreat. Nearly any type of activity, whether it comes from a user or an automated process can be monitored and admins can be notified when the questionable activity occurs, instead of having to sift through audit trail data.
Once an attack occurs, the damage is done and it may be too late to recover. CloudThreat allows IT admins to respond to unusual usage immediately. It takes a proactive approach to fighting security breaches instead of a reactive one. With so many AWS customers left to their own devices to protect information resources, it is a welcome sight.