Symantec Seeks to Slash SaaS Security Response Time
Symantec is looking to drastically improve the speed at which enterprises get notified of potential security problems with software-as-a-service (SaaS) applications, so the organizations can take action more quickly.
Symantec Corp. (Nasdaq: SYMC) is working to improve the API interfaces that cloud applications and services like Box, for example, use to communicate with security services like Symantec's. The problem with these APIs is lag.
"Once you see a change, you have to analyze it for violations or risk," Eric Andrews, Symantec VP of cloud security, tells Light Reading. "There is a window there between when the data is first uploaded and when you can actually act on it. That can be 10-20 minutes. We're working with cloud providers to change the APIs to a push model."
He adds, "You can think of it as a Twitter feed, where they're pushing information out to us right away. Instead of 10-20 minutes, I can now act in seconds." Symantec is hoping to bring the technology to standards groups to improve security industry-wide.
Speeding API performance in one of several updates Symantec announced Tuesday to its Integrated Cyber Defense Platform, to improve cloud security on the application, platform and infrastructure level. (See Symantec Expands Cloud Security Portfolio.)
These include tools to manage security configurations and protection on Amazon Web Services Inc. and Microsoft Azure ; secure any homegrown or public cloud apps; and Data Loss Protection (DLP) for storage.
Additionally, the new CloudSOC CASB monitors security and data in cloud applications including Microsoft Office 365, Salesforce.com Inc. and Workday , looking for regulated data and confidential information and locking that down. CloudSOC CASB also provides threat protection against any kind of suspicious activity. "If you have 10,000 credentials floating around for Salesforce, and any of them get compromised, that bad actor has access to all my data," Andrews said.
The tools are available as software products or a combined into a managed, professional service, the Symantec Managed Cloud Defense.
- Palo Alto Buys Into Cloud Security Analytics With $173M RedLock Acquisition
- CenturyLink on How Automation & Analytics Are Improving Security
- When Making SD-WAN Plans, Don't Shirk Security
— Mitch Wagner Executive Editor, Light Reading