Illusive Networks extends its Illusive Attack Surface Manager (ASM) to the cloud, as well as out-of-the-box deceptions for web application servers and CI/CD servers. The new rules in Illusive Attack Surface Manager now uncover and remediate cached browser credentials and connections from any cloud privileged user to any SaaS service, as well as AWS secret keys cached on endpoints used to interact with AWS.
Benefits of enhancements to different operators
ASM now also uncovers privileged identities and violations of Azure assets, which includes the enrichment of existing capabilities of domain user credentials and shadow admins with Azure privileged users. These capabilities allow security teams to identify high-risk users in the cloud, with dangerous cloud credentials that persist on multiple on-prem machines, or users operating or accessing shadow services in the cloud.
- Organizations that use web application servers like Tomcat or IIS: These organizations can enhance their security posture; stop post-breach attack movement to, from and across clouds; and get out-of-the-box protection for common services.
- Organizations that leverage CI/CD servers such as Jenkins: Not only can these organizations improve their security posture using ASM, but they also can reduce risk by enhancing the attack surface with credible and authentic deceptions in the cloud.
- Security operations center teams: SOC analysts too often have limited monitoring visibility in cloud environments, hindering their ability to effectively discover malicious activity. When an attacker engages with an Illusive deception, it means the threat is real. High-fidelity notifications with detail-rich forensics help incident response teams use actionable intelligence to stop the threat in motion before damage can be done.
Gil Shulman, vice president of product at Illusive Networks, said,
“Organizations across industries rely on web application servers and CI/CD to deliver mission-critical services to internal and external users. Attackers target these servers to establish a beachhead within the cloud environment from which they can begin discovery of native assets to facilitate ownership of cloud service accounts for further lateral movement. With these new rules and deceptions, customers have better defense against post-breach attacks occurring in or targeting cloud assets.”
See more Cyber Security News