Lightspin launches Remediation Hub. Discover new tools for streamlined security remediation and risk management. Last week OWASP released their Top 10 Web Security Vulnerabilities 2021 updated from 2017.
Lightspin’s remediation hub leverages graph technology to deliver key context, prioritization and remediation recommendations. This allows users to dynamically reduce overall account risks at scale. The hub also enables ticketing management through platforms like Jira and ServiceNow.
What is the Remediation Hub?
The Remediation Hub is an evolution of Lightspin’s Root Cause Analysis feature that enables users to dynamically remediate critical cloud environment risks at scale. This is a significant enhancement as it provides security teams the ability to prioritize and focus their attention on the vulnerabilities, misconfigurations and identity risk that matter most for their organizations.
Lightspin’s Root Cause Analysis is unique in the marketplace and provides a foundation for our Remediation Hub. Unlike other tools that simply flag thousands of risks for security teams to fix, Lightspin identifies the root cause of each vulnerability and prioritizes them based on their impact to your organization. This helps eliminate “alert fatigue” by focusing on the few issues that are truly important for your organization to address.
Once the root cause is identified, security engineers can quickly and efficiently fix each issue using Lightspin’s recommended remediation actions. This includes deploying and connecting a Lambda function that will automatically isolate an EC2 instance within your VPC network or deploy a custom action to disable a specific service on an AWS account. Lightspin’s Remediation Hub takes this a step further by providing the capability to automatically remediate many issues at once, which is not currently available in other tools.
In addition to the Remediation Hub, Cisco’s acquisition of Valtix also enables customers to improve their multi-cloud security posture by extending their Zero Trust model across public and private clouds with full visibility into application access based on policy. This helps customers wrangle the universe of unmanageable applications (also known as Shadow IT) by mapping all identities and assets across their XaaS environments. This enables them to identify hidden and unmonitored access, entitlement escalation paths, and cloud application misconfigurations that violate security policies.
Cisco has been focused on unifying its security portfolio of point products to deliver a more cohesive and integrated security solution to meet the needs of the hybrid world. The Remediation Hub is an essential part of this strategy and demonstrates the company’s commitment to solving security problems for their customers. We look forward to sharing more updates on the integration of the Remediation Hub with our customers in the future.
Why is the Remediation Hub important?
As more data moves to the cloud, security teams need a way to manage and prioritize risks quickly and easily. Lightspin’s Remediation Hub centralizes all recommendations and remediations from your security assessments. This helps to eliminate the need for manual curation of vulnerability results and provides a single view of all issues across multiple accounts and environments. It also enables you to take action in real-time, so that vulnerabilities can be remediated before attackers are able to exploit them.
It also reduces overall risk by providing dynamic remediation to the most critical risks based on your account risk score. This allows you to reduce risks with minimal actions – often down to 1 action that solves many risks at once (where applicable).
The Remediation Hub also includes root cause analysis which is a unique offering for a CNAPP and one that is not offered by competitors. The ability to identify the root cause of a vulnerability is essential for effective remediation, especially in large environments where there may be thousands of risks.
Currently, most security engineers tackle the issue of vulnerabilities by prioritizing in accordance with their severity and manually curating their results. This can be a time intensive and resource intensive process. However, with the addition of our root cause analysis, you can now quickly determine the impact and root cause of a risk and resolve them at scale with a few clicks.
This makes the Remediation Hub an important tool for any CNAPP to have. It will help to reduce your overall risk score and improve your vulnerability management capabilities so that you can be more confident in the security of your cloud environment.
In addition to the Remediation Hub, Lightspin is a complete solution for cloud security posture management (CSPM) and secure access control across your multi-cloud and container-based environment. Using Lightspin, you can eliminate attack surfaces, prevent lateral movement of threats, and inhibit the compromise of workloads to accelerate your cloud security journey.
Lightspin’s patented SideScanning technology scans the APIs of your cloud providers and the runtime block storage of your workloads to detect a range of vulnerabilities, misconfigurations, malware, and lateral movement risk. It also automatically detects and corrects configuration flaws that expose sensitive data to attackers, such as unsecured passwords and PII.
How does the Remediation Hub work?
The Remediation Hub centralizes all the recommended actions and remediations discovered in your environment, enabling you to quickly address and understand the root cause of threats. It also automates the detection and removal of threats by leveraging your existing security tools. In addition, it offers a unique approach to remediation at scale through our unique root cause analysis technology.
This week Alibaba cloud was hit with a security flaw in its Apache Log4j 2 open-source logging framework which was used to monitor and manage its services. The company was reportedly ordered by Chinese regulators to stop providing its service to some state-owned enterprises because it failed to promptly report the vulnerability to them. This vulnerability is a good reminder of how important it is to always keep your infrastructure up-to-date.
Cisco announced it will acquire Tel Aviv-based Lightspin, as it continues to invest in multi-cloud security and connectivity to support its customers’ cloud environments. Lightspin takes a unique approach to contextualised cloud-security coverage, using graph-based technology to deliver key context, prioritisation and remediation recommendations. Its focus on working with DevOps is a great fit for Cisco’s vision to help customers modernize their cloud environment with end-to-end security and observability from build to runtime.
In other news, Google added a new feature to its zero trust access security solution, BeyondCorp Enterprise that will allow administrators to diagnose why their policies are not working as expected. This will also enable them to take corrective action to ensure access is available. Additionally, FireEye and McAfee both added capabilities to their cloud security portfolio that provide protection against advanced threats.
Finally, CSA launched the STAR registry that allows 1500 cloud services to be evaluated against a common set of criteria in order to promote best practices and security hygiene across the industry. This is a great step towards helping organizations avoid having to complete multiple security questionnaires for different vendors.
AWS recently released a set of guidance and mitigations for the recent vulnerability in its CloudFront CDN. This vulnerability was exploited by a malicious website and injected code into the browser to redirect users to an infected site that collected passwords and personal information.
What are the benefits of the Remediation Hub?
The Remediation Hub is an evolution of our Root Cause Analysis feature and enables users to remediate critical vulnerabilities at scale. By centralizing recommended actions and remediations, teams can easily assign responsibilities, track progress and make faster decisions with the confidence that their fixes are working.
The Hub analyzes the impact of each identified misconfiguration or vulnerability and finds the best solution to resolve it. It also automatically prioritizes risks in accordance with their severity and provides recommendations for each of them. These recommendations are based on the solution that will have the greatest impact on your risk score and the number of vulnerabilities it addresses. This approach makes it easier to identify and fix the vulnerabilities that matter most for your organization.
As a result, your security team can focus on other priorities. It can even improve cloud environment health in a way that reduces the amount of time needed to detect and respond to vulnerabilities. Additionally, the Remediation Hub helps organizations improve compliance and audit readiness with automated remediation of known issues.
A key benefit of the Remediation Hub is its ability to provide a single, centralized view for security assessments across all your cloud environments. It also offers a number of other features that help to streamline the remediation process. These include:
Detailed Root Cause Analysis
A core component of the Remediation Hub is its ability analyze and identify the root cause of each vulnerability detected in your environment. This is done through a combination of machine learning and data science techniques that provide a more holistic and context-based view of your cloud security posture.
Another benefit of the Remediation Hub is its centralized repository for all vulnerabilities and recommended actions. This allows for easy assignment of responsibilities, tracking of progress and the ability to visualize the true state of your remediation efforts. In addition, the Hub is designed to be vendor-agnostic, allowing you to consolidate assessment results from multiple sources.
In addition to improving your cloud security posture, the Remediation Hub can also help you reduce your security costs through improved efficiency and fewer false positives. Additionally, it can provide you with a more accurate picture of your cloud environment by identifying all the vulnerable resources within an account and by helping to improve visibility of inter-account vulnerabilities.
