RedLock, a cloud threat defense company, announced Tuesday technology integration with Cloud Security Command Center for Google Cloud Platform, a security and data risk platform that helps enterprises gather data, identify threats and act on them before they lead to damage or loss.
The RedLock integration with Cloud Security Command Center provides customers with centralized visibility into security and compliance risks, and greater context for alerting and actionable remediation in Google Cloud environments. As part of the integration, RedLock continuously monitors environments and sends results pertaining to resource misconfigurations, compliance violations, network security risks and anomalous user activities to Cloud Security Command Center.
The RedLock Cloud 360 platform connects to an organization’s Google Cloud environment within minutes via APIs, and works in the background to ensure that DevOps can keep their focus where it belongs—on developing and deploying apps their customers need.
Key features of the platform include asset discovery and inventory that discover all assets in an environment such as Google App Engine, Google Compute Engine, Google Cloud Storage, and Cloud Datastore and view them in one place. The compliance reporting can Assess and report on compliance against industry standards such as CIS, NIST, SOC 2, and PCI; offer threat monitoring for risky configurations, sensitive user activities, and network intrusions and detect account compromises and insider threats by establishing behavior baselines and flagging any deviations.
The platform can also investigate current threats or past incidents and quickly determine the root cause; and provide contextual alerts that can prioritize and respond to issues based on context about all the risk factors associated with a resource.
RedLock provides pre-packaged policies for common compliance standards such as CIS, NIST, PCI, and HIPAA to monitor Google Cloud environments. Any misconfiguration of Google Cloud resources such as Google Compute Engine, Google Cloud Storage, and Cloud Datastore will be immediately detected and raise alerts. In addition, RedLock provides compliance reports as a standard feature.
In cloud environments, multiple users have privileged access which enables productivity but creates a greater risk of exposure. It is imperative to monitor users across your entire Google Cloud environments for anomalous activities. Unfortunately, the distributed nature of the cloud consisting of multiple accounts and regions makes this difficult.
The RedLock Cloud 360 platform develops a baseline of normal user activity. It consumes logs from across your entire Google Cloud environment. Any unusual activities trigger alerts and can be investigated with easy-to-use forensics tools in the RedLock platform, enabling users to detect account compromises and insider threats.
“We see how enterprises around the world are adopting Google Cloud Platform for their cloud migration, but we also understand that security and compliance remain a serious concern,” said Ankur Shah, VP of Products at RedLock. “We’re privileged to offer integration with Cloud Security Command Center and join Google Cloud in extending security and ensuring greater compliance support in every Google Cloud Platform environment. We pledge to continue developing solutions that help our customers realize the benefits of cloud computing.”
“Now more than ever, the cloud is where an increasing number of enterprises are turning to protect their data and stay secure,” said Andy Chang, Senior Product Manager, Google Cloud. “With Cloud Security Command Center, we are helping security teams gather data, identify threats, and quickly act on application and data risks. By working with industry leaders like RedLock, we are giving our customers the capabilities they need to keep up with today’s ever evolving security challenges.”