Radware’s Cloud Workload Protection Service secures customers’ cloud-based assets from data breaches, account compromise, and resource exploitation.
As organizations increasingly migrate their computing workloads to publicly hosted clouds, IT and security administrators face new challenges. Cloud environments make it easy to spin up new resources and grant wide-ranging permissions that can potentially be abused. Such misuse often leads to cloud-native risks to public cloud services, namely data breaches, account compromise, and resource exploitation.
Initially available for Amazon’s AWS platform, Radware designed its Cloud Workload Protection service to help customers safeguard their role in cloud providers’ ‘shared responsibility model.’ Radware’s service uniquely addresses cloud security posture, detection of cloud native attacks, and consequent/respective actionable insights.
“Public cloud environments make it very easy to grant extensive permissions and very difficult to keep track of them. What is frequently mis-characterized as ‘misconfigurations’ is actually the result of permission misuse or abuse,” said Dr. David Aviv, Radware Chief Technology Officer. “We specifically designed Radware’s Cloud Workload Protection Service to offer extensive protection against the broader public cloud attack surfaces and new cloud-native risks.”
Radware’s early deployment has already proven invaluable to its customers. Amir Arama, Sr. Director of Engineering Operations at Perion said,“Radware’s Cloud Workload Protection service has helped Perion to identify threats in real time without the noise of false alerts. It has been excellent in exposing misconfigurations and potential risks and thus very helpful in both detection and prevention.”
Radware’s service takes a unique and different approach from traditional workload defenses. To reduce attack surfaces, Radware’s Cloud Workload Protection service addresses the core problem of excessive permissions and exposed assets. It analyzes the gap between granted and user permissions, and applying the ‘principle of least privilege, ’ to offer smart hardening recommendations, thereby reducing the organization’s attack surface which can be exploited.
Radware provides a robust detection engine based on advanced machine-learning algorithms that identifies potentially malicious activity within cloud accounts. Radware then correlates individual alerts into streamlined attack storylines, which show the step-by-step attack progression. This way, Radware maps-out hackers’ attack kill-chain, and helps block data theft attempts before they result in a breach.
The addition of Cloud Workload Protection makes Radware the leading security vendor to provide a full-stack protection of applications hosted on public clouds, covering both the perimeter (WAF, DDoS, SSL, bot management, and threat intelligence) as well as the internal cloud workload and cloud data (workload protection).
Radware® (radware.com), is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection and availability services to enterprises globally. Radware’s solutions empower more than 12,500 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.
©2019 Radware Ltd. All rights reserved. The Radware products and solutions mentioned in this press release are protected by trademarks, patents and pending patent applications of Radware in the U.S. and other countries. All other trademarks and names are property of their respective owners.
Safe Harbor Statement
This press release may contain statements concerning Radware’s future prospects that are “forward-looking statements” under the Private Securities Litigation Reform Act of 1995. Statements preceded by, followed by, or that otherwise include the words "believes","expects","anticipates","intends","estimates","plans", and similar expressions or future or conditional verbs such as "will","should","would","may" and "could" are generally forward-looking in nature and not historical facts. For example, when we say that the solution will detect threats across the different cloud entities, as they evolve, this is a forward-looking statement. Because such statements deal with future events, they are subject to various risks and uncertainties and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware's current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions and volatility of the market for our products; changes in the competitive landscape; inability to realize our investment objectives; timely availability and customer acceptance of our new and existing products; risks and uncertainties relating to acquisitions; the impact of economic and political uncertainties and weaknesses in various regions of the world, including the commencement or escalation of hostilities or acts of terrorism; Competition in the market for Application Delivery and Network Security solutions and our industry in general is intense; and other factors and risks on which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, reference is made to Radware’s Annual Report on Form 20-F, which is on file with the Securities and Exchange Commission (SEC) and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware’s public filings are available from the SEC’s website at sec.gov or may be obtained on Radware’s website.