Cloud security firm upgrades threat detection and response tech
Armor, a global cybersecurity software company that protects workloads in public, hybrid and private cloud environments, has upgraded its flagship product, Armor Anywhere., Armor now reportedly delivers stronger threat detection and response while giving its customers greater operational control over their security.
Some of the new features in Armor Anywhere include the flexibility to turn security capabilities on and off, and easily ingest log data from other sources, making it one of the most flexible platforms on the market. New security capabilities include the addition of Intrusion Prevention, as well as Policy Recommendation Scans that suggest and automatically implement policies to enhance the security posture of an end user’s environment. Armor has also added features designed to streamline processes for DevOps users and security analysts.
“With these new capabilities and enhancements to Armor Anywhere, we can now ingest and analyse even more data from a wide variety of sources, providing better protection for our customers,” says Mark Woodward, Armor CEO. “We’ve also added key improvements in how customers can visualise their data and manage their security environments. We are extremely excited about the advancements this new release brings to our customers.”
New features include:
- Intrusion Prevention System (IPS)
Armor Anywhere now provides Intrusion Prevention, as well as Intrusion Detection, so customers can detect and block cyber threats.
- Policy Recommendation Scans
Armor scans the hosts’ operating system, installed applications, Windows registry, open ports, directory listings, file system, any running processes and services. If vulnerabilities or outdated rules are detected, recommended policy changes will be provided to the customer or the customer can choose to have those changes automatically implemented.
- Log and Data Management
Armor can ingest additional log sources to be analysed and correlated against threats. These sources include event logs from cloud-native sources, network appliances and security devices. With the Log Search and Visualisation feature, customers can do deep querying and analysis, create custom dashboards, and produce charts, graphs and custom reports of their data sets. Armor has also added Security Incident Connectors so that a security event or incident, discovered by Armor, can easily be ingested and analysed by the customer’s internal security tools.
- Operational Control
Armor’s customers can turn on or off any security features, using the Command Line Interface (CLI). This can be done for one virtual machine or can be done across multiple virtual machines at the same time. Customers can also use the “Toolbox” feature to schedule or automatically deploy the CLI command in their environment.
Combined, these new features and enhancements enable Armor to see more, ingest more, analyse more and block more for its customers. It also enables Armor’s customers to better scale and adapt their security to meet their business needs. As a result, these organisations’ assets are better protected, allowing them to focus on their priorities.
Comment on this article below or via Twitter @IoTGN