The Bridge Between Two Cloud Security Worlds

March 22, 2022

By Thyaga Vasudevan - Vice President of Products, Skyhigh Security

We are excited to announce The Forrester Wave™: Cloud Workload Security, Q1 2022 has published, and Skyhigh Security (formerly McAfee Enterprise) has been named one of only two Leaders in the report. This has been a great culmination of work from our team based on the Skyhigh Cloud Native Application Protection Platform (CNAPP) service we launched last year along with other innovations, including our Zero Trust Network Access (ZTNA) and Firewall as a Service (FWaaS).

Skyhigh Security has a long history of dedication to cloud security but from a specific perspective. Our flagship product has been our Cloud Security Gateway, which focuses on discovering and helping customers secure Software as Service (SaaS) apps like Salesforce, Microsoft 365, and other cloud applications (cloud apps). With the pandemic, more enterprises are moving to a hybrid work environment and accelerated the consumption of cloud apps. This has introduced new security challenges like securing traffic from multiple, remote locations from all over the globe, Security-as-a-Service (SaaS) security posture management (SSPM) for an ever-increasing array of new cloud apps, and data protection. We call this persona cloud app consumers.

However, we noticed a unique theme between these two different personas and that theme is data protection – the bridge between two cloud security worlds. On the Cloud Security Gateway side, our customers are consumers that are using off-the-shelf SaaS applications to help run line of business process. These customers need help in understanding what type of sensitive data resides in the SaaS apps, who is accessing this data, and how it is being used.

Another one of our customers is a payment card service company that uses Skyhigh CNAPP to scan all their S3 buckets for Personal Identifiable Information (PII). If PII is identified, they need automatic remediation to quarantine that file, and then they kick off an investigation notice via Slack to their Security Operations Center (SOC). However, the tricky part is they need to ensure that the appropriate SOC team members have access to the evidence files for investigation, but that information cannot be shared in Slack, e.g., same data protection policy for AWS and Slack.

Both these customers let us know that they were able to find data protection solutions on the SaaS side and on the IaaS side but nothing that stitched together a comprehensive data protection solution for both cloud app consumers and builders.

As we have been following our customers on their cloud journey and noticed this challenge, we released Skyhigh CNAPP last year built on the same cloud-native platform that hosts our Cloud Security Gateway. Skyhigh CNAPP provides customers with the ability to truly assess their posture in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud by not only identifying misconfigurations, vulnerable applications, but also true risk. A great example we like to share that illustrates our point is how our data protection capabilities make Skyhigh CNAPP more compelling is how a publicly open S3 bucket may be a problem, but a publicly open S3 bucket with PII is definitely a problem. If the solution is not combining data protection context with posture assessment, then that solution is not really providing valuable insight. Many solutions can tell you if your S3 bucket is publicly available, but what was accessed and by whom are much more compelling information.

Customers can also define data protection policies that identify and protect data regardless of where it resides in SaaS apps or IaaS apps and provide true posture assessment in both environments.

And you can imagine the excitement we felt when within our first year of launch Forrester named our solution as a leader in the CWS Wave. So, if you are a security team tasked with providing consistent data protection across SaaS apps, your own custom apps in IaaS, or posture assessment across the board, Skyhigh CNAPP is here to help.

To all our customers, thank you for joining us in the journey of securing your cloud and for the continued inspiration you provide us to help secure your data. And for those customers that are looking for a solution, come give us a try. We are sure you will be glad you crossed the bridge between the two cloud security worlds to create a uniform strategy for data protection.

To download a complimentary copy of The Forrester Wave™: Cloud Workload Security, Q1 2022, click here.