RedLock Cloud 360 platform delivers comprehensive cloud infrastructure security with holistic visibility



RedLock debuted Tuesday a cloud infrastructure security offering designed to overcome challenges faced by every modern enterprise. The RedLock Cloud 360 platform features technology that enables organizations to accelerate digital business by managing security and compliance risks across their entire public cloud infrastructure, but without impeding DevOps (i.e. collaboration between software developers and IT operations to automate software delivery).

With RedLock Cloud 360, security teams gain a single view of existing and potential risks over the entire cloud infrastructure, even across multiple public cloud service providers such as Amazon Web Services (AWS). The platform automatically discovers workloads within an environment and enables continuous monitoring, anomaly detection, cloud forensics, adaptive response, and compliance reporting.

RedLock provides security teams with a comprehensive view of their environment, across multiple public cloud service providers, and down to every component within them. The RedLock Cloud 360 platform enables automated monitoring, anomaly detection, cloud forensics, adaptive response, and compliance reporting, all to deliver unparalleled true cloud infrastructure security. Global brands across a variety of verticals adopt RedLock to secure their public cloud infrastructure. The company is backed by Sierra Ventures, Storm Ventures, Dell Technologies Capital, and other high profile investors.

The RedLock Cloud 360 platform enhances cloud infrastructure security with a series of technological advances designed to take on these challenges. RedLock enables organizations to visualize their entire public cloud environment, across multiple cloud service providers and down to every component within the environment. The platform dynamically discovers workloads and connects the dots between configuration, user activity, network traffic, and threat intelligence data. Security professionals can pinpoint risks. RedLock enables companies to set guardrails for DevOps, ensuring full productivity without compromises to security.

The platform comes with policies that adhere to security best practices such as CIS, PCI, and NIST. In addition, security administrators can create custom policies based on individual needs. RedLock Cloud 360 automatically monitors new and existing workloads for violations to these policies. It also combines a deep understanding of public cloud infrastructure, correlation with third party data sources, and machine learning to baseline user and network behavior. Any anomalous pattern immediately triggers an alarm so the issue can be addressed as soon as it’s detected.

RedLock Cloud 360 continuously scores every workload based on risky attributes and behavior. The highest rated risks bubble to the top which makes it simple to prioritize response. The platform also provides context on the risk factors associated with a particular workload so that appropriate actions can be taken. RedLock data can also be used with third-party tools to speed responses.

With its understanding of the cloud environment, the new platform cuts the time needed to resolve incidents from weeks or even months to seconds. It enables organizations to go back to any point in time and use its interactive map to easily pinpoint active threats and perform impact analysis. The platform also provides time-serialized activity for any workload to review the history of changes and better understand the root cause of an incident.

RedLock enables organizations to report on risk posture to their management team, board of directors, and auditors. Similar to a credit score, the platform computes risk scores for every workload based on the severity of business risks, violations and anomalies. It then aggregates the risk scores to enable organizations to benchmark and compare risk postures across different departments as well as across the entire environment.

Traditional security solutions are often geared towards largely static on-premise environments rather than dynamically changing cloud environments. Many legacy tools rely on defining rigid policies based on fixed IP addresses. However, IP-based policies cannot be applied since cloud workloads are ephemeral and their IP addresses can change dynamically. Moreover, agent or proxy-based solutions need to be deployed inline with traffic which will not work with API-driven services such as Amazon Relational Database Service (Amazon RDS), Amazon Simple Storage Service (Amazon S3), and Elastic Load Balancing. None of this is truly compatible with a cloud environment that is continuously changing.

On a related front, the numerous point solutions implemented in most on-premise environments over time to secure the network create siloed views into configuration data, user activity, network traffic, and threat intelligence data. To get a true picture of risk within an organization’s cloud infrastructure environment, holistic visibility is imperative.

In contrast, RedLock’s Cloud 360 platform provides a comprehensive cloud-native approach. It connects the dots between configurations, user activity, network traffic, and threat intelligence data which makes it easier to accurately assess risk within the public cloud infrastructure environment. The platform’s API-based approach ensures that DevOps is unimpeded and complete visibility across all workloads is achieved. The solution is automated so that the right level of security is applied and adjusted as existing workloads change and new ones are instantiated.

The RedLock Cloud 360 platform can be implemented within minutes by connecting to public cloud environments via 50-plus APIs, without impeding DevOps. It ingests massive volumes of raw, siloed data from the environment and produces concise, actionable insights in a five-step process. RedLock Cloud 360 continuously aggregates configuration, user activity, and network traffic data from disparate cloud APIs. It automatically discovers new workloads as soon as they are created. Next, the platform applies machine learning to connect the dots between configuration, user activity, and network traffic data. It learns the role and behavior of each cloud workload to provide context that is necessary for defining appropriate policies. The correlated data is further enriched with external data sources such as vulnerability scanners, threat intelligence tools, and SIEMs to produce critical insights.

RedLock Cloud 360 scores each cloud workload for risk score based on severity to the business, policy violations, and anomalous behavior. Risk scores are then aggregated, enabling organizations to benchmark and compare risk postures across different departments as well as across the entire environment. The entire cloud infrastructure environment is visualized with an interactive dependency map that goes beyond raw data to provide context on security and compliance risks.

The RedLock Cloud 360 platform is generally available. Pricing is subscription-based and depends on the number of workloads deployed within an organization’s public cloud infrastructure environment.

Leave a Reply

WWPI – Covering the best in IT since 1980