Acalvio introduces comprehensive distributed deception platform to protect public cloud workloads



Acalvio Technologies announced on Wednesday availability of ShadowPlex Cloud, a fundamentally new platform designed to protect cloud assets. Built on Acalvio’s patented Autonomous Deception technology, ShadowPlex Cloud detects malicious activity within public cloud environments with precision and speed, in a DevSecOps fashion, with minimal IT overhead.  

ShadowPlex Cloud extends deception to the cloud and supports all leading public cloud platforms, including Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).

ShadowPlex Cloud leverages AI to engineer and deploy a rich mix of deceptions at scale, powers it from the cloud and blends it with target assets. Cloud-specific decoys include Infrastructure Compute, Services, Storage, and even Application Decoys (Containers, Kubernetes Clusters, etc.).

The ShadowPlex Cloud platform features Acalvio’s FluidDeception automatically presents attackers with a comprehensive environment of realistic and non-fingerprintable decoys, lures, baits and breadcrumbs that blend in with an organization’s actual network and assets. It also includes DevOps for Deception that reduces the cost of operation compared to first generation deception products by dynamically and automatically deploying the most effective and relevant deceptions. By delivering deception in and from the cloud, organizations can easily implement dynamic deceptions wherever their assets are deployed.

The platform also includes DeceptionFarms that simplify the management of distributed deceptions across network topologies. Acalvio’s solution does not require access to trunk or span ports and costly infrastructure changes. ShadowPlex Cloud’s unique combination of AI, SDN, dynamic deception and cloud technology resulting in autonomous deception lowers the cost of deploying Deception solutions. The platform simultaneously increases efficacy, when compared to first generation deception products, by dynamically and automatically deploying the most effective and relevant deceptions.

“The launch of ShadowPlex Cloud demonstrates our continued commitment to helping organizations to securely leverage public cloud platforms,” said Ram Varadarajan, CEO of Acalvio. “The platform enables organizations to quickly and easily leverage the power and potential of public cloud platforms, while at the same time, protecting themselves against advanced adversaries. Through highly successful deployments at Global 1000 and SMB customers; Managed Security Service Providers (MSSP) and Managed Detect and Respond (MDR) providers, ShadowPlex has established its architectural leadership, deployment efficiency and detection efficacy.”

The market for deception technology is projected to reach $2.12 billion globally by the end of 2021, according to Research and Markets’ Global Deception Technology Market report, demonstrating the need for deception security technology across organizations. ShadowPlex leverages seminal inventions in AI, Software Defined Networking (SDN), distributed Deception and micro-services, delivering scale, automation and authenticity with low IT impact. In addition to Detection, ShadowPlex engages with adversaries in shadow networks to understand Tools, Techniques and Processes (TTPs) to gain further insight in order to facilitate timely and effective response.  

Gartner identifies deception platforms technology with “Benefit Rating: High” in its Hype Cycle for Threat-Facing Technologies, 2018.  “Server workloads in hybrid data centers spanning private and public clouds require a protection strategy different from end-user-facing devices. Security and risk management leaders should evaluate and deploy offerings specifically designed for cloud workload protection,” wrote Neil MacDonald, VP distinguished analyst, Gartner, in the Market Guide for Cloud Workload Protection Platforms.

“As enterprises transition to the public cloud, the ability to efficiently secure all workloads in heterogeneous hybrid multi-cloud environments is increasingly important,” said Jack Poller, senior analyst at Enterprise Strategy Group. “Acalvio is the first to offer a unified platform for public, private, and hybrid cloud deception. ShadowPlex Cloud represents a new benchmark in deception technology ease of deployment, detection efficacy, scalability, user experience and API support.”

Suspicious events detected by ShadowPlex Cloud are sent to the pertinent security ecosystem components for timely processing, containment, and remediation. Prebuilt integrations are available with Security Information and Event Management (SIEM) platforms; Security Orchestration, Automation and Response (SOAR); IT Service Management (ITSM); and firewall platforms, EDR platforms and NOC platforms.

Furthermore, ShadowPlex Cloud offers APIs to all of its facilities so that the Deception Engine can be orchestrated from SIEM, SOAR, Incident Response (IR) and Security Operations Center (SOC) environments in a DevSecOps fashion. Additionally, ShadowPlex Cloud can be delivered from Acalvio’s SOC2 compliant Public Cloud instances, client’s Cloud instances or through Acalvio’s MSSP partners.

“As organizations increasingly move critical workloads to the cloud, they will need to employ a comprehensive threat management strategy. This includes having a strong focus on detecting and responding to threats within public cloud environments. Having an advanced, automated and intelligent threat protection platform, can help provide assurance to business that their critical workloads in the cloud are well protected,” said Ravi Mishra, Head of Market Research at FireCompass. “Acalvio’s ShadowPlex Cloud is the first comprehensive active deception solution we have seen, that covers all major public clouds, in addition to hybrid and on-premises environments. Having a unified approach to threat detection and response across the enterprise is something every cloud-bound organization should seriously consider.”  

“High Fidelity and Timely Detection of malicious activity is a key imperative and pre-requisite to effective containment and remediation. Consequently, deployment of deception-based Advanced Threat Defense is a strategic imperative,” said Golan Ben-Oni, CIO at IDT. “ShadowPlex Cloud represents a very significant architectural advancement in the Cloud Deception space.  It is a very prudent investment for organizations looking to protect their cloud assets.”

 

Leave a Reply

WWPI – Covering the best in IT since 1980