nobeastsofierce - Fotolia
How to cut false security, malware alerts in hybrid cloud
The bad news: IT teams are deluged by false security and malware alerts with their hybrid clouds. The good news: New tools are here to help.
With market research projecting hybrid cloud revenues nearing $100 billion in 2021, it is evident that a wide range of organizations are building out architectures that combine on-premises IT infrastructure with workloads running in third-party environments. These often highly virtualized and distributed environments present a number of challenges from a management perspective. Among the most difficult: How to secure workloads that may pass through public and private clouds in an environment with multiple connection points.
In a traditional IT environment, enterprises have a multitude of security options from which to pick to detect malware and other suspicious activity, and then alert them to potential threats. Unfortunately, many IT organizations are drowning in a deluge of false security and malware alerts -- including many that send them down a proverbial rabbit's hole chasing false positives while actual breaches are overlooked. Securing a hybrid environment -- one comprised of a mix of physical and virtual systems operated both internally and through third-party providers -- is inherently even more complicated.
Getting more visibility to cut false security, malware alerts
What organizations need is a way to get clearer and more accurate visibility into unusual and potentially dangerous activity across the entire hybrid environment. A class of new threat detection tools and technologies is emerging that is designed specifically for hybrid IT environments. Vendors, including Trend Micro, Symantec and Hewlett Packard Enterprise, apply a variety of techniques to shine a light on the most perilous threats to hybrid environments.
LightCyber, which was acquired by Palo Alto Networks in February 2017, diverges from some in its pragmatic approach to cutting false security and malware alerts. Rather than concentrating entirely on detecting malware, LightCyber also alerts IT to active attacks, so organizations can begin the mitigation process to limit damage. The vendor, which takes a network-centric view on hybrid security, leverages behavioral attack detection technology that observes network communications to pick up on unusual and potentially threatening activity. LightCyber uses either a physical or virtual appliance to profile network activity and alert IT security professionals to threats.
Organizations need to build security into their hybrid implementations. Unfortunately, too often, the security piece comes as an add-on later in the process. By designing an architecture with security in mind at all points, enterprises have a far better chance of minimizing disruption due to security threats and false security alerts.