SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

Illumio, Qualys Team for Vulnerability-Based Micro-Segmentation

April 16, 2018

Illumio has developed new global vulnerability mapping capabilities on its Adaptive Security Platform. For the first time, vulnerability and threat data from the Qualys Cloud Platform is integrated with Illumio application dependency mapping to show potential attack paths in real time. The integration between the Qualys Cloud Platform and Illumio delivers vulnerability maps, enabling organizations to see connections to vulnerabilities within and between applications. This new capability also includes an East-West exposure score that calculates how many workloads can potentially exploit vulnerabilities on applications. This integration can be used to generate micro-segmentation policies as compensating controls that reduce East-West exposure and to prioritize patching.

“Digital transformation leads to an explosion of connected environments where perimeter protection is no longer enough. The focus now needs to shift from securing network perimeters to safeguarding data spread across applications, systems, devices, and the cloud,” said Philippe Courtot, CEO and Chairman of Qualys. “The new Illumio integration with Qualys helps enterprises get visibility across hybrid environments and implement appropriate controls to protect assets from cyber threats, whether on premises or in the cloud.”

Software vulnerabilities in applications have been the cause of recent headline-grabbing attacks and data breaches around the world, including WannaCry, NotPetya, and Apache Struts. Meltdown and Spectre are among other recent examples of vulnerabilities where potential exploitation could give attackers access to an environment – or to move laterally within data centers and clouds. Due to the growing scale of infrastructure and software vulnerabilities, organizations are unable to patch every vulnerability and may be unable to patch many critical vulnerabilities due to production freezes or for fear of breaking their applications.

“Vulnerability management is an invaluable tool in every security team’s arsenal. With our Qualys Cloud Platform integration, organizations can see a map of how active, exposed vulnerabilities can potentially be exploited by a bad actor,” said Andrew Rubin, CEO and co-founder of Illumio. “By adding vulnerability maps to our Adaptive Security Platform, security teams can see potential attack paths in real time and immediately implement micro-segmentation to prevent the spread of breaches.”

New capabilities of the Illumio Adaptive Security Platform:

  • Vulnerability Maps: Enable application security teams, vulnerability management teams, and segmentation teams to understand the paths that bad actors can leverage within data center and cloud environments. Vulnerability maps:
    • Show in real time which applications are connecting into vulnerable ports.
    • Show the risk inherited by destination applications when the initiating connections are unpatched.
    • Eliminate unnecessary attack surface by showing vulnerabilities with no active or historic traffic.

Illumio Vuln Map

Vulnerability map: see vulnerabilities in the context of the application dependency map.

  • East-West Exposure Score: Using workload, application, and connectivity context, Illumio gives organizations an exposure score for their East-West traffic. The score is calculated based on how many workloads can potentially exploit the vulnerabilities on any given workload. The lower the score, the smaller the chance that a bad actor can exploit it. If patching is not available, the optimal way to reduce exposure is to use micro-segmentation to reduce the number of workloads that can connect to it.

Illumio EW Exposure

East-West exposure score: the number of workloads that can potentially exploit a vulnerability.

  • Automated Policy Recommendations Based on Vulnerabilities: Mitigates vulnerabilities through automatic policy recommendations. The Adaptive Security Platform now ties vulnerability data to application traffic in real time, providing organizations with the ability to use micro-segmentation to prevent the spread of breaches.

Illumio Vuln-based-recco

Automated vulnerability-based policy recommendations: mitigate vulnerabilities without breaking your application.

Illumio has maintained a track record of continuous innovation to meet the growing needs of the emerging micro-segmentation market. In 2017, Illumio achieved 300 percent year-over-year bookings growth. This rapid growth is being driven by organizations who are increasingly turning to Illumio to prevent the spread of breaches inside data center and cloud environments and to meet regulatory compliance standards such as SWIFT, PCI, GDPR, and HITRUST.

Terms of Use | Copyright © 2002 - 2018 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement