Meanwhile, with the rapid growth of IoT, customers started asking Aruba for better ways to handle IoT vulnerabilities around two years ago, Trent Fierro, senior marketing manager for cloud and AIOps for Aruba, said. Hewlett Packard Enterprise (HPE) Aruba added new AIOps capabilities to its Edge Services Platform (ESP) to help IT teams improve efficiency in network performance optimization, IoT profiling, and zero trust and secure access service edge (SASE) security enforcement.Īs the IT environment is becoming increasingly distributed and complex, “operations teams need to have solutions that help drive that efficiency,” which is the top goal of organizations’ digital transformation efforts, ESG principal analyst Bob Laliberte told SDxCentral.
It’s not clear to what degree IT organizations are embracing AI to manage cybersecurity, but as threats become increasingly more sophisticated, it’s clear existing manual processes do not enable cybersecurity teams to respond quickly enough to threats and vulnerabilities. The chronic shortage of cybersecurity expertise means most organizations are not able to keep pace with the rate at which workloads are being deployed in the cloud.ĬrowdStrike is making a case for using an AI-based platform to enable cybersecurity teams to keep pace with the rate at which workloads are being deployed and updated in highly dynamic cloud computing environments. Most of those developers have limited cybersecurity expertise so, inevitably, mistakes are made. Developers routinely employ open source tools like Terraform to provision cloud infrastructure as part of an effort to accelerate application development. While cloud platforms are generally more secure, the processes used to configure them and then deploy applications is often deeply flawed.
The Falcon OverWatch Cloud Threat Hunting service leverages a CNAPP platform that uses a combination of agents and agentless approaches to automate cybersecurity processes across both managed and unmanaged devices. The CrowdStrike Falcon platform employs machine learning algorithms and other forms of artificial intelligence (AI) alongside indicators of attacks, deep kernel visibility and behavioral blocking to secure cloud computing environments. Threat hunting today still relies too much on manual processes because previous automation efforts have often only served to increase the number of false-positive alerts that waste cybersecurity teams’ time, noted Singh.
The Falcon OverWatch Cloud Threat Hunting service also identifies other indicators of compromise based on sophisticated hands-on-keyboard activity and zero-day threats, said Singh. Param Singh, vice president for OverWatch at Crowdstike, said the Falcon OverWatch Cloud Threat Hunting service is designed to detect anomalies such as control plane, serverless and application vulnerabilities in addition to misconfigurations, container escapes, privilege escalations and node compromises that might be found across all three of the major cloud services. These updates were announced at the AWS re:Inforce event previously, Crowdstrike only supported the Amazon Elastic Kubernetes Service (EKS).