IONIX Releases Cloud Security Feature: Attack Surface Cloud Cross-View

IONIX Releases Cloud Security Feature: Attack Surface Cloud Cross-View

By Greg Tavarez

Traditional cloud security tools have a blind spot. See, they operate solely within the cloud environment and are liable to miss crucial threats lurking in the shadows. These tools can't detect "shadow IT," unauthorized cloud services used by employees. Additionally, they miss "zombie IT accounts," dormant accounts that hackers can exploit.

Traditional tools also struggle to assess security vulnerabilities within cloud ecosystem's suppliers, which leaves organizations open to attacks through these third parties. Furthermore, traditional cloud security relies on separate tools and teams, and silos are created. This fragmented approach can lead to gaps in an organization’s overall security posture. 

These tools often lack the context to understand the significance of cloud assets. They can't see how these assets connect to a broader attack surface, which includes cloud and on-premise infrastructure. This limited understanding makes it difficult to prioritize vulnerabilities and allocate resources effectively.

Security firm IONIX sees this issue and acted with a major upgrade to its Attack Surface Management (ASM) platform. This new feature, called Attack Surface Cloud Cross-View (CCV) offers a comprehensive view of an organization's potential security risks.

CCV combines internal cloud asset data with external threat intelligence to provide a complete picture of an attack surface across cloud platforms such as AWS, Azure and GCP as well as on-premise infrastructure. Security providers like Akamai, Cloudflare and Imperva are also included.

CCV also analyzes connections between assets to identify how a seemingly low-risk asset could be exploited to access critical systems.

Expanded Threat Detection: Traditional cloud security often misses connections between cloud environments and other systems. CCV also bridges this gap where traditional cloud security often misses connections between cloud environments and other systems. Being able to do this uncovers vulnerabilities across a digital ecosystem, including vendor clouds and on-premises infrastructure.

CCV helps identify and map potential attack paths originating from your digital supply chain. It simulates real-world attacks across an infrastructure, including cloud, non-cloud and supply chain assets. And the integration with cloud security posture management solutions allows organizations to validate potential vulnerabilities identified by CSPM with exploit simulation, which turns alerts into actionable security assessments.

“IONIX was seeing customers facing attacks that arise from the security coverage gaps in their separately managed cloud security tools and on-premises vulnerability management solutions. We built Cloud Cross-View features into our ASM product to close the gaps between the two and to ensure that any asset, wherever it may reside, is a secure asset,” said Marc Gaffan, CEO of IONIX. “We envision a simpler solution where one contiguous attack surface, supported by a security software stack that one team can manage, covers cloud and on-prem security needs.”

IONIX plans to announce further integrations with CSPM providers in the coming months.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

MSP Expo Sponsor Wildix Launches E-Learning Platform

By: Greg Tavarez    6/24/2024

MSP Expo sponsor Wildix launched its new e-learning platform designed to enhance training and certification processes for MSPs and system integrators.

Read More

Strategizing to Strengthen Asset Intelligence Capabilities, Courtesy of Sevco Security and GuidePoint Security Partnership

By: Alex Passett    6/24/2024

Last week, a new strategic reseller partnership was announced between Sevco Security and GuidePoint Security.

Read More

SUSE Launches Cloud Elevate Program

By: Stefania Viscusi    6/24/2024

SUSE announced a new SUSE One Cloud Elevate Program, designed to empower SUSE One partners to sell SUSE's open-source solutions more effectively.

Read More

What You Need to Know About KnowBe4's New PhishER Plus Threat Intel

By: Alex Passett    6/20/2024

Renowned phishing awareness company KnowBe4 is rolling out additional features for its PhishER Plus offering - PhishER Plus Threat Intel packs one hec…

Read More

DataStrike Acquires MiCORE, Creating SMB Data Infrastructure Powerhouse

By: Greg Tavarez    6/18/2024

DataStrike recently completed the acquisition of MiCORE in a transaction that will form a large MSP specializing in data infrastructure services for S…

Read More