Virtualization Technology News and Information
XM Cyber Unveils New Capabilities to Prioritize High-Impact Cloud Exposures

XM Cyber announced new capabilities designed to help enterprises prioritize and fix critical exposures in their multi-cloud environments. In addition to identifying over-privileges, misconfigurations, and vulnerabilities that expose cloud resources to attackers, XM Cyber instantly highlights the most high-impact exposures that should be remediated first, and provides the necessary information to address them.

This innovation empowers cloud security teams to build an actionable remediation plan that prevents high-impact attacks, increases efficiency, and enables accurate reporting on true risks across multi-cloud infrastructures. Furthermore, XM Cyber analyzes attack paths that span on-premises and cloud environments, ensuring comprehensive protection against threats that traverse hybrid enterprise environments.

As we analyze breaches and attack kill chains, we find exposures like misconfigurations and weak identities in multi-cloud that compromise critical assets on-prem and in the cloud, " says Zur Ulianitzky, VP of Security Research at XM Cyber. "Attackers will leverage your multi-cloud environment to identify an exposed public-facing asset or to elevate permissions to gain privileged access. Cloud environments are complex, and contain a high number of exposures. Therefore, Security teams must be able to easily find the most critical attack paths and proactively address advanced attack techniques in cloud environments. In addition, they need to have a capability to stop attacks that move across cloud and on prem environments."

Addressing the Challenges of Cloud Security

Cloud security teams face many challenges, including a lack of visibility, inconsistent permission management across cloud vendors, and multiple teams that are responsible for cloud deployment. As a result, they find themselves investigating and remediating thousands of exposures that may not all have the same impact on critical resources. This can lead to uncertainty about what to fix first and how to address all identified exposures, leaving cloud environments exposed to cyber-attacks.

To assist cloud security teams in mitigating high-impact exposures and thwarting sophisticated attacks, XM Cyber instantly highlights:

  • Top Choke Points: Choke points are critical weaknesses in your cloud defenses, where multiple attack paths converge on a single exposed entity. They can be easily breached by attackers who can then access a vast network of resources - databases, computers, identity controls, and more. Identifying and addressing these intersections of high impact attack paths first tightens security posture and increases remediation efficiency.
  • Highly Privileged Access: Highly-privileged accounts and roles, like pre-defined admins, are considered "game-over" entities. If compromised, attackers can wreak havoc. Identifying these accounts and uncovering weaknesses that could leave them vulnerable allows organizations to focus on securing privileged access to make sure it doesn't fall in the wrong hands.

The new analysis provides complete details around potential breach points, attack techniques, permissions usage, and remediation alternatives to help customers address these exposures and block the most critical attack paths.

Stopping Attacks End-to-End Across the Hybrid Environment

Recognizing the evolving threat landscape, XM Cyber analyzes attack paths end-to-end, bridging on-premises and multi-cloud environments. Attackers operate without constraints in hybrid environments, and XM Cyber ensures that defenders remain one step ahead, fortified against emerging threats from the outside in. By proactively identifying and neutralizing threats, organizations can preemptively safeguard their assets against cyber adversaries.
Published Tuesday, April 02, 2024 11:03 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2024>