{"id":10330,"date":"2014-04-02T12:43:34","date_gmt":"2014-04-02T12:43:34","guid":{"rendered":"http:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/e-commerce\/elastica_builds_an_soc_in_the_cloud_for_the_cloud.html"},"modified":"2022-10-14T18:34:36","modified_gmt":"2022-10-14T22:34:36","slug":"elastica-builds-an-soc-in-the-cloud-for-the-cloud","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/elastica-builds-an-soc-in-the-cloud-for-the-cloud.html","title":{"rendered":"Elastica Builds an SOC in the Cloud for the Cloud"},"content":{"rendered":"<p> Companies have a challenge that as more data has moved to cloud apps, they have lost the traditional visibility, threat detection and control they used to enjoy. As they evolve from a CAPEX model to OPEX in search of best-in-breed apps, there remains a large security hole which needs filling.<\/p>\n<p>This is where elastica (<a href=\"http:\/\/www.tmcnet.com\/query\/SearchResults.aspx?searchstring=elastica&#038;type=anywords&#038;stem=True&#038;phonic=False&#038;fuzzy=0&#038;feeds=False&#038;area=0&#038;sort=date\" target=\"_self\" title=\"\" rel=\"noopener noreferrer\">recently out of stealth mode<\/a>) comes in\u2026 In a conversation with Eric Andrews VP of Marketing and Rehan Jalil President &#038; CEO, they told me that companies need to be able to track activity in and out of these cloud services. They attack security through a suite of cloud-based services as follows:<\/p>\n<ul>\n<li><span style=\"line-height: 1.3em;\">Their AUDIT shadow IT solution looks at the SaaS apps being used and reports how vulnerable each one is. It updates regularly \u2013 as frequently  as 15 minutes.<\/span><\/li>\n<li><span style=\"line-height: 1.3em;\">DETECT threats solutions detects intrusions in cloud app usage \u2013 for example, when a user is acting maliciously or behavior is suspicious, an organization is alerted.<\/span><\/li>\n<li><span style=\"line-height: 1.3em;\">PROTECT cloud data stops policy violations from happening across cloud apps.<\/span><\/li>\n<li><span style=\"line-height: 1.3em;\">INVESTIGATE transactions is like a network DVR function for your cloud applications.<\/span><\/li>\n<\/ul>\n<p>The solutions can see firewall and other data and is aware of the users in the organization \u2013 they are placed in various groups. You can select from the above-four solutions in their cloud app-store and also opt for \u201csecurelets\u201d which are mini-apps which correspond to the cloud services you are looking to monitor and secure.<\/p>\n<p>Using the system\u2019s dashboard, you can determine user location and activity within applications. When a user tries to do something like send a file they aren\u2019t allowed to send, the system blocks this activity and further alerts the administrator through a dashboard and other alert.<\/p>\n<p>You can then drill down into a user\u2019s activities to see what apps they use and what they do in said applications.<\/p>\n<p>You can further determine on a group basis what users can do in each cloud app \u2013 or across a range of apps. In other words you may specify certain users can\u2019t send certain files regardless of application. Moreover, using a threat score, you can stop certain activities from happening. Moreover, if a user starts to download massive amounts of data which is unusual for them or they use a different IP address and engage in unusual behavior, their threat level automatically is increased thanks to the system\u2019s machine-learning capability.<\/p>\n<p>Administrators can be alerted of security events or threat level increases. A single dashboard enables a company to determine which users are malicious, where are attacks are coming from and which apps are the most threatening.<\/p>\n<p>The idea is they are rebuilding the SOC in the cloud for the cloud so a SISO could determine what is happening in the organization.<\/p>\n<p style=\"text-align: center;\"><strong> The elastica dashboard in action<\/strong><\/p>\n<div class=\"separator\" style=\"clear: both; text-align: center;\"><a href=\"http:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/Photo 20140402125424.jpg\" target=\"_blank\" style=\"margin-left: 1em; margin-right: 1em;\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/Photo 20140402125424.jpg\" id=\"blogsy-1396468490587.1816\" class=\"aligncenter\" width=\"500\" height=\"375\" alt=\"\"><\/a><\/div>\n<p>&nbsp;<\/p>\n<div style=\"text-align: right; font-size: small; clear: both;\" id=\"blogsy_footer\"><a href=\"http:\/\/blogsyapp.com\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/blogsyapp.com\/images\/blogsy_footer_icon.png\" alt=\"Posted with Blogsy\" style=\"vertical-align: middle; margin-right: 5px;\" width=\"20\" height=\"20\" \/>Posted with Blogsy<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Companies have a challenge that as more data has moved to cloud apps, they have lost the traditional visibility, threat detection and control they used to enjoy. As they evolve from a CAPEX model to OPEX in search of best-in-breed apps, there remains a large security hole which needs filling. This is where elastica (recently<\/p>\n","protected":false},"author":44,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[159,156],"tags":[],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/10330"}],"collection":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/comments?post=10330"}],"version-history":[{"count":1,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/10330\/revisions"}],"predecessor-version":[{"id":18829,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/10330\/revisions\/18829"}],"wp:attachment":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media?parent=10330"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/categories?post=10330"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/tags?post=10330"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}