Try our new research platform with insights from 80,000+ expert users
2017-07-09T08:07:00Z

New Cloud Security Reviews 2017

it_user326337 - PeerSpot reviewer
  • 2
Published:Jul 9, 2017

New Cloud Security Reviews 2017
How effective is cloud security software when serving IT infrastructure monitoring needs?

What insight do information security professionals share in their cloud security reviews?

How do users' software of choice serve their company's IT infrastructure monitoring needs? Which of their pain points are addressed? Which monitoring features could be improved, and how so?

As the cloud security landscape evolves and introduces new challenges to IT professionals, software reviews written by real users provide first-hand experience of how these cloud solutions impact the security needs of businesses.

Evident.io

Monitoring AWS Accounts

When asked to describe some of Evident.io’s valuable features, an IT Security Manager at a comms service provider with 1,001-5,000 employees shares:

“The ability to audit each AWS account at a high level so we can see critical vulnerabilities that might otherwise be overlooked. The granular approach helps me to drill down and deal with each alert properly and individually.”

Securing AWS Accounts

A Supervisor Architecture & Infrastructure Platform Delivery at a recruiting/HR firm with 10,001+ employees writes about how Evident.io has improved his company’s security processes:

“The ability to scan our AWS accounts to understand what is not in alignment with best practices is huge for us...This improves our overall security process to an acceptable level.

We are building out new AWS accounts that are secured from the beginning instead of fixing problems as they are detected. This ensures that everything is consistent and secure from the beginning. Previously, we had to wait until our security team identified a problem.”

PCI Audits

IT Security professional at a comms service provider with 1,001-5,000 employees suggests that improvements be made to the PCI auditing capabilities:

“I would like to see integration of PCI audits into the dashboard. That would help greatly in passing our PCI audits for AWS in an easy-to-view method.

I would also like the ability to integrate Evident with AWS in such a way that we could make basic changes to the AWS environments based on security alerts. For example, the ability to lock down unsecured security groups, apply PW policies, and rotate IAM keys.”

Real-Time Analysis

A Supervisor of Architecture and Infrastructure Platform Delivery at a recruiting/HR firm with 10,001+ employees adds that “This product needs to focus on real-time analysis. Currently, it only focuses on configuration settings. Giving us the ability to analyze CloudTrail results would enable us to take security to the next level.”

OpenDNS

Powerful Query Options

A Senior Information Security Analyst at a financial services firm with 1,001-5,000 employees discusses OpenDNS’s powerful query options:

“The various powerful query options are the most valuable features of this product to me. Using the Investigate API, we can gather the detailed history of a domain, whois information, DNS records, etc. All of this information helps us determine whether a domain is malicious or not.”

Transparent Protection

Oleg Simonov, Cloud Solutions Architect at a hospitality company with 1,001-5,000 employees, praises OpenDNS for how it “transparently protects users from rogue websites”;

OpenDNS filters DNS query/reply without any software to be installed on the client side, so in my mind, the transparency I was talking about relates to:

No changes on the client side required, i.e. software or configuration changes;
The complete communication is not proxied as such, only DNS query/response filtered.”

Network Security

Eric Witham, Vice President of Information Technology at a Consumer Goods with 1,001-5,000 employees, suggests that OpenDNS’s network security capabilities be improved:

“One thing I can mention is network security. There's no real mention about the potential of malware & virus protection for locations that we are using OpenDNS on. In certain areas, we only have a few people on-site and there’s no real need for a firewall at that point.”

Skyhigh

Box API Access with DLP Capabilities

A Cyber Security Engineer at a recruiting/HR firm with 51-200 employees shares how his organization benefits from Skyhigh’s Box API integration:

“Our organization is moving much of its non-sensitive data to Box and we needed the ability to have full visibility into what was occurring within the Box infrastructure.

With the Skyhigh to Box API integration, we can not only see everything that occurs but we can set up many DLP policies to block or monitor what is occurring in Box.

You can also run a custom DLP query against your Box infrastructure to look for specific DLP issues that may have been created since the older data was loaded.”

Shadow IT Capabilities

Spencer Jackson, Cyber Security Analyst at a tech services company, describes Skyhigh’s shadow IT capabilities and cloud risk registry as “the two most helpful tools for our organization”;

Jackson elaborates that “We are able to see what cloud services are being used with much more clarity than with our proxies and more importantly identify that we are using many cloud services we were not aware were even cloud services. Especially collaboration services.

The cloud risk registry has been great for getting a quick and clearer understanding of the risk of proposed services that we are looking at allowing. Previously, we were paying for expensive industry reports.”

Console Performance

Paul Dumbleton, Manager of Infrastructure Security Engineering at a pharma/biotech company with 1,001-5,000 employees, suggests that improvements be made to Skyhigh’s console performance:

“The console performance is sometimes slow, meaning that switch screens or generating reports can sometimes feel sluggish. Data and graphics take time to load in the browser, and also performance can depend on which browser you are using.”

Custom Attributes

Dumbleton also finds that Skyhigh’s custom attributes capabilities need UI-related improvements.

He explains that his company uses these attributes “to identify and record details of our own interactions with the cloud service to show which are reviewed, which services are approved, blocked, sanctioned, etc…

Entering information into these custom fields requires you to confirm changes for each field individually, a UI improvement could be to add a save or update button to the site instead of doing each field individually.

CloudLock

Application Discovery & Control Feature

An IT Security Specialist at a financial services firm with 1,001-5,000 employees has seen particular value added by CloudLock’s Application Discovery & Control feature;

“We use the Application Discovery & Control feature. With Google’s G Suite, it is very easy for a user to give full control of their Google data to a third party.

For example, when Pokémon Go was first released, it gave the vendor full access to do anything with a user’s Google account and to act as the user. In the wrong hands, this access is far worse than compromised passwords or any standard breach.

With RegEx-based reporting on Google Drive data, we can report any inappropriate or privileged data that should not be stored in Google.”

Scope of Application

A Principal at a tech company with 51-200 employees discusses the need for CloudLock to “increase its scope of application”:

CloudLock’s security consists of eight core security services including content analysis, context analysis, user behavior monitoring, policy automation, central auditing, incident management, encryption management, and security analytics. We have been using it in Google App for work purposes. It depends on API-based, cloud-to-cloud integration.

The API availability from CSP limits their option to integrate and scope for expansion, especially since the cloud service provider’s ecosystem has been growing very fast. I would recommend taking a different approach to integration which is similar to the SkyHigh or Splunk software.”

What else do users share about their experiences with monitoring their IT infrastructure and controls?

Read their latest cloud security reviews to find out.

More user feedback on cloud software:

Amazon Redshift vs. Netezza: What Real Users Say

Box vs. Dropbox: New Enterprise Cloud Storage Reviews

Who are the Best Multicloud Management Software Providers?

Product comparison that may be of interest to you
Cisco Umbrella
  • 109 Reviews
Skyhigh Security
  • 55 Reviews
Share
PeerSpot user
2

2 Comments

DG
Vendor
2018-02-12T12:28:21Z
Feb 12, 2018

Excellent piece.
Well worth looking at WebTitan from TitanHQ as an alternative to OpenDNS

Like(0)
Reply
it_user3396 - PeerSpot reviewer
Real User
Top 5
2017-07-13T13:29:09Z
Jul 13, 2017

Cool. SaaS is a jungle

Like(0)
Reply
Buyer's Guide
Cloud Access Security Brokers (CASB)
October 2024
Download Free Report
Find out what your peers are saying about Cisco, Zscaler, Palo Alto Networks and others in Secure Web Gateways (SWG). Updated: October 2024.
DOWNLOAD NOW
814,763 professionals have used our research since 2012.
Related Questions
RA
Mar 26, 2024
Mar 26, 2024
What are the main differences between Cisco Umbrella and Zscaler Internet Access?
Hi, I am the Director Of Operations at CampusDoor Holdings Inc., a Financial Services Firm with 51-200 employees. What are the main differences between Cisco Umbrella and Zscaler Internet Access? Thanks for the help!
EG
Aug 20, 2023
Aug 20, 2023
Which solution is better: Cisco Umbrella or Palo Alto Networks DNS Security?
Some users may choose Cisco Umbrella over Palo Alto Networks DNS Security because Cisco Umbrella is a cloud-based solution known for its easy deployment and management. It also protects against many threats and provides visibility into DNS traffic. As for the pros and cons of each solution, I've listed them below to help you in deciding which of the two solutions to use: Cisco Umbrella Pros: ...
See 1 answer
Anne Cubarrubia - PeerSpot reviewer
Aug 20, 2023
Some users may choose Cisco Umbrella over Palo Alto Networks DNS Security because Cisco Umbrella is a cloud-based solution known for its easy deployment and management. It also protects against many threats and provides visibility into DNS traffic. As for the pros and cons of each solution, I've listed them below to help you in deciding which of the two solutions to use: Cisco Umbrella Pros: Cloud-based solution Easy to deploy and manage Protects against a wide variety of threats, such as malware, phishing, and ransomware Provides visibility into DNS traffic Cons: Can be expensive for larger organizations Not as customizable as some other solutions Palo Alto Networks DNS Security Pros: Highly customizable Deployment can be done in the cloud or on-premises Provides granular control over DNS traffic Integrates with other Palo Alto Networks security solutions Cons: More complex to deploy and manage than Cisco Umbrella Can be more expensive
Read full answer
Product Comparisons
Go!
Top rated products
Cisco Umbrella
  • 109 Reviews
Skyhigh Security
  • 55 Reviews
CloudLock
  • 5 Reviews
See all products
Related Questions
Mar 26, 2024
What are the main differences between Cisco Umbrella and Zscaler Internet Access?
Aug 20, 2023
Which solution is better: Cisco Umbrella or Palo Alto Networks DNS Security?
Download Free Report
Download our free Cloud Access Security Brokers (CASB) Report and find out what your peers are saying about Cisco, Microsoft, Palo Alto Networks, and more! Updated: October 2024.
DOWNLOAD NOW
814,763 professionals have used our research since 2012.