How to Better Identify Threats Within Your Public Cloud Network

Can you decipher endpoint activity on your cloud network?

There’s no question about it: Small and medium-sized organizations across all industries have embraced the low operation expenses, mobility and unprecedented scalability of public cloud infrastructure. IDC estimates that the market will grow at a compound annual rate of nearly 20 percent through 2019.

But it’s not all butterflies and rainbows just yet.

For many businesses, the honeymoon phase of public cloud migration is somewhat tainted by a notable lack of threat visibility. Specifically, device interactions on the network are obscured when IT management is handed off to Amazon Web Services, Azure or other public cloud vendor. As a result, many IT admins feel that they relinquish their ability to spot and inhibit dangerous endpoint activity on their own networks.

In fact, 49 percent of respondents to a recent survey about public cloud security cited “a lack of visibility into security infrastructure” among their chief concerns, according to DARKReading contributor Emily Johnson. Furthermore, nearly 60 percent of respondents stated that their existing traditional security platforms function “somewhat or not at all” with their cloud platforms.

So not only are companies’ vantage points of their own networks murky at best, but even if they had the threat visibility they desired, it remains to be seen if they’d also have the wherewithal to properly monitor, manage and secure their cloud-powered endpoints.

Cloud user behavior is at the root of the problem

Consider how users access applications and data that live in the public cloud. It can feasibly be through any internet-connected device, and from any location, which is actually a significant selling point for cloud vendors.

However, this is also a liability in the sense that the AWSes and Azures of the world aren’t managing user behavior across network endpoints (desktops, laptops, tablets, smartphones, wireless printers, etc.). Lost or stolen devices, nefarious insider activity, reckless end-user behavior and other cyberthreats therefore go mostly unchecked by the organization. On top of that, end-to-end encryption obfuscates data traffic comprehension, which makes security analysis even more difficult.

Without visibility into how endpoints are interacting with the network, and a streamlined methodology to define these interactions, it’s difficult, if not impossible, for organizations to detect potential threats to their data.

Public cloud visibility requires a detailed understanding of how endpoints behave on the network.

Dynamic Endpoint Modeling: A silver lining in the public cloud

Late in 2015, AWS became the first, but certainly not the last, public cloud vendor to enable third-party security firms to permissibly access VPC metadata. This was significant because it empowered customers with the ability to deploy monitoring solutions that could, in theory at least, give them the network visibility they need to automatically detect hazardous activity.

But it wasn’t until Observable Networks Dynamic Endpoint modeling became available on the AWS Marketplace that theory became practice. Dynamic Endpoint Modeling takes a data-driven approach to network monitoring, and more importantly, automatic threat detection.

Our solution creates device profiles, identifies their roles based on how they interact with other devices and data inhabiting the network, and then deploys advanced algorithms and learning theories to flag even the most subtle indicators that something on the network is amiss.

Because Endpoint Modeling uses metadata rather than relying on deep-packet inspection, encryption doesn’t obscure the meaning of data traffic. The result is autonomous, qualitative security log analysis that can pinpoint threatening endpoint behavior on your public cloud network, and enhance data security.

Experience Dynamic Endpoint Modeling on Your Own Network 

Getting better threat visibility into your network and improving your security couldn’t be easier. Sign up for a free, no-risk trial of Observable’s Endpoint Modeling solution, and change the way you see security.


Detect Threats Faster – Start Your Free, No-Risk Trial