Skyhawk Security on Tuesday released its Synthesis Security Platform, which features an integrated approach to securing cloud infrastructure across multi-cloud environments.
Along with cloud threat detection and response, Synthesis includes the following tools: cloud Infrastructure entitlement management (CIEM), identity threat detection and response (ITDR), and advanced cloud security posture management (CSPM). Because Skyhawk considers CSPM a baseline feature, it now offers CSPM for free.
Cloud security functionality has become so complex that it’s no more than an acronym salad to many customers, said Chen Burshan, chief executive officer of Skyhawk. Burshan said security leaders are struggling to understand which tools, including CSPM, CIEM, ITDR, and CNAPP are protecting them from cloud breaches and how. All of these tools result in alert fatigue, explained Burhsan.
“Skyhawk Synthesis takes a different approach,” said Burshan. “We're going to cover your baseline posture management, addressing reporting and compliance. Then, we're adding the most important functionalities from all the cloud security tools and focus on detection at runtime. So, network, identity, permissions and access management — we're synthesizing those to show you what's actually happening in your cloud, with the context to understand if a real breach is in progress."
Frank Dickson, group vice president for security and trust at IDC, added that multi-cloud solutions are a clear need. Dickson said including an identity feature as part of a cloud detection and response solution is a great idea because implementing least privileged access and illuminating malicious access is a clear value add.
“Eliminating false positives is a message that will be well-received by all security professionals,” said Dickson. “However, asserting the Skyhawk Security is unique because they are on the only vendor delivering runtime security is likely overstating the reality.”
Melinda Marks, a senior analyst with Tech Target’s Enterprise Strategy Group, added that vendors like Skyhawk are responding to the reality that traditional methods of scanning and looking for misconfigurations just create alerts without the context to prioritize actions fast enough to prevent incidents or to respond quickly. Marks said there are many security vendors now focused on solving the needs of cloud applications, and they are taking a similar approach of using monitoring and observability data of running applications to get the context they need to rapidly detect and respond to incidents.
“They can see the behaviors of running applications to better understand the impact of an attack or possible attack paths,” said Marks. “Some other vendors in this area connecting CSPM with CDR capabilities are Orca, Wiz, Lacework, Palo Alto Networks Prisma Cloud, and then you have XDR and EDR vendors also working on CDR.”