XM Cyber announced new capabilities designed to help
enterprises prioritize and fix critical exposures in their multi-cloud
environments. In addition to identifying over-privileges, misconfigurations,
and vulnerabilities that expose cloud resources to attackers, XM Cyber instantly
highlights the most high-impact exposures that should be remediated first, and
provides the necessary information to address them.
This
innovation empowers cloud security teams to build an actionable remediation
plan that prevents high-impact attacks, increases efficiency, and enables
accurate reporting on true risks across multi-cloud infrastructures.
Furthermore, XM Cyber analyzes attack paths that span on-premises and cloud
environments, ensuring comprehensive protection against threats that traverse
hybrid enterprise environments.
As we analyze breaches and attack kill
chains, we find exposures like misconfigurations and weak identities in
multi-cloud that compromise critical assets on-prem and in the cloud, "
says Zur Ulianitzky, VP of Security Research at XM Cyber. "Attackers will
leverage your multi-cloud environment to identify an exposed public-facing
asset or to elevate permissions to gain privileged access. Cloud environments
are complex, and contain a high number of exposures. Therefore, Security teams
must be able to easily find the most critical attack paths and proactively
address advanced attack techniques in cloud environments. In addition, they
need to have a capability to stop attacks that move across cloud and on prem
environments."
Addressing
the Challenges of Cloud Security
Cloud security
teams face many challenges, including a lack of visibility, inconsistent
permission management across cloud vendors, and multiple teams that are
responsible for cloud deployment. As a result, they find themselves
investigating and remediating thousands of exposures that may not all have the
same impact on critical resources. This can lead to uncertainty about what to
fix first and how to address all identified exposures, leaving cloud
environments exposed to cyber-attacks.
To assist
cloud security teams in mitigating high-impact exposures and thwarting
sophisticated attacks, XM Cyber instantly highlights:
- Top Choke Points: Choke points are critical weaknesses in your cloud
defenses, where multiple attack paths converge on a single exposed entity.
They can be easily breached by attackers who can then access a vast
network of resources - databases, computers, identity controls, and more.
Identifying and addressing these intersections of high impact attack paths
first tightens security posture and increases remediation efficiency.
- Highly
Privileged Access:
Highly-privileged accounts and roles, like pre-defined admins, are
considered "game-over" entities. If compromised, attackers can wreak
havoc. Identifying these accounts and uncovering weaknesses that could
leave them vulnerable allows organizations to focus on securing privileged
access to make sure it doesn't fall in the wrong hands.
The new
analysis provides complete details around potential breach points, attack
techniques, permissions usage, and remediation alternatives to help customers
address these exposures and block the most critical attack paths.
Stopping
Attacks End-to-End Across the Hybrid Environment
Recognizing the evolving threat landscape, XM
Cyber analyzes attack paths end-to-end, bridging on-premises and multi-cloud
environments. Attackers operate without constraints in hybrid environments, and
XM Cyber ensures that defenders remain one step ahead, fortified against
emerging threats from the outside in. By proactively identifying and
neutralizing threats, organizations can preemptively safeguard their assets
against cyber adversaries.