; ;

Blog | Feb 13, 2020

Bringing Managed Detection and Response to Modern Cloud Environments with esCLOUD

Today we announced the availability of esCLOUD, a comprehensive portfolio of cybersecurity services which extends our industry-leading MDR capabilities and elite threat hunting expertise into modern cloud environments.

As businesses rush to take advantage of cloud capabilities including Infrastructure-as-a-service (IaaS) and Software-as-a-Service (SaaS), their transformation extends the attack surface beyond traditional security controls and outpaces the ability of their own teams to keep up with the IT and security demands of this new frontier:

  • 41 percent of respondents to Cybersecurity Insiders’ 2019 Cloud Security Report indicated that they had limited experience and training with cloud security, and 40 percent reported that they lacked adequate budget
  • From an operational standpoint, the top two security headaches with which SOC teams are struggling are compliance (34 percent) and lack of visibility into infrastructure security (33 percent)

esCLOUD addresses these challenges and concerns head-on by providing specialized expertise through an affordable, effective service which extends and adapts our proven MDR capabilities into the IaaS and SaaS domains—providing our customers with unified visibility and coverage and ultimately allowing them to confidently transform their businesses.

Cloud security is different, but the consequences of incidents are familiar

Cloud platforms provide businesses with enhanced flexibility and the potential for increased efficiency, but they also create another level of security complexity and risk by extending the attack surface beyond traditional on-prem security controls.

Unfortunately, the rush to adopt cloud services has created new opportunities for attackers, with the result being a 55 percent YoY increase in cloud breaches.[i]

According to Closing the Cloud Security Business Gap, by the Ponemon Institute, the number one cause of cloud breaches is human error—stemming from unfamiliarity with the security requirements of this new horizon. Cyberattacks came in a close second, followed by system glitches.

Many organizations don’t have the resources or knowledge of how the shared responsibility model of cloud works for securing infrastructure and workloads. This contributes to the leading cause of breaches to cloud services - misconfiguration. While the causes of breaches may be somewhat different than the on-prem world, the consequences are all-too familiar: system downtime, leakage of PII of PHI, and productivity loss are the main consequences cited in the Ponemon study, followed by revenue loss, lost transactions, leakage of trade secrets, brand damage, and client churn.

Managing complexity and providing visibility across your entire threat surface

Protecting the cloud requires tailoring MDR for this new environment, including its specific providers, characteristics, vulnerabilities and challenges, and that’s a big part of the esCLOUD story:

  • The esCLOUD portfolio will include support for Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) and Microsoft Office 365 with support for Google G Suite, Salesforce, ServiceNow, Dropbox and Box to follow this year
  • Because even simple configuration errors can lead to the exposure of large volumes of sensitive data, esCLOUD constantly monitors customer cloud environments to detect improper configurations and vulnerabilities which could lead to data loss and compromise
  • esCLOUD addresses compliance concerns by incorporating compliance frameworks (such as HIPPA and PCI) and reporting on deviations
  • To keep pace with attackers, our threat hunters identify known and unknown threats with integrated capabilities augmented by machine learning capabilities
  • esCLOUD leverages artificial intelligence to build baselines of normal behavior and detect deviations including suspicious traffic patterns (say, an unusual data egress) and log-ins (for instance, an attacker using stolen credentials)
  • To account for the integrated nature of today’s businesses, esCLOUD extends on-premise monitoring and infrastructure insights, enabling protection across hybrid environments at little to no additional cost
  • Crucially, esCLOUD includes automated policy enforcement, combined with response and remediation from our expert security analysts, to mitigate threats and provide needed answers and explanations so customers can operate in the cloud with confidence

Ultimately, esCLOUD extends and adapts our proven MDR capabilities into the IaaS and SaaS domains, growing with workloads and allowing our customers to confidently transform their businesses while maintaining visibility and coverage.

The future

The technical preview of esCLOUD will begin at the end of February, with general availability at the end of March. If you’re as excited as we are then I encourage you to visit us at RSA at booth S-1453. You can also find additional information right now in our esCLOUD Solution Brief.

With esCLOUD, we’re providing a powerful cloud security solution at a fraction of the time and cost of do-it-yourself approaches—we believe esCLOUD closes a fundamental and dangerous gap in the cybersecurity market, and we’re proud to enable our customers to confidently introduce cloud solutions by extending our MDR leadership into this transformational domain.

Charles “C.J.” Spallitta

Charles “C.J.” Spallitta

Chief Product Officer

Charles "C.J." Spallitta is eSentire’s Chief Product Officer responsible for product vision, strategy, and execution. Prior to joining eSentire, C.J. held senior leadership roles with Trustwave as Senior Vice President of Strategy and Corporate Development, and Head of Product Management. C.J.’s extensive experience in the enterprise security services space includes leadership and management roles with Hewlett Packard Enterprise (Executive Director of Worldwide Portfolio Management), Verizon Enterprise Solutions (Executive Director, Global Security Product Management), PricewaterhouseCoopers, Cybertrust, Betrusted and Security Assurance Group. In these roles, C.J. gained experience in the areas of product lifecycles, service developments, go-to-market strategies and pricing.

C.J. holds a bachelor's degree in business administration in information systems and a master's degree of business administration from Loyola University Maryland, where he also serves as an advisory board member to the Information Systems and Operations Management department and volunteers as a Cybersecurity club mentor at Loyola Blakefield High School.