With the introduction of a comprehensive cloud-based security services platform, Trend Micro is bringing together everything most companies need to address security up and down the stack.
Trend Micro this week announced Cloud One, a security-as-a-service platform aimed at organizations building applications in the cloud or migrating existing applications to the cloud.
The centerpiece of the solution is workload security, including runtime protection for virtual, physical, cloud and container workloads. This function has built-in automation, including automated discovery and deployment.
The solution also includes these functions:
- Container Image Security with image scanning
- Security for cloud files and object storage services
- Application security including security for serverless functions, APIs and applications
- Cloud network layer IPS security
- Cloud security and compliance posture management
What Trend Micro is essentially doing is unifying security up and down the stack, said Doug Cahill, a senior analyst at ESG.
"Traditionally, there were separate workload protection platforms for cloud and for on-premises systems. Then containers hit and there were separate controls for them. And separate Layer 7 application security controls for web app firewalls," he explained. "That led to one team trying to understand whether or not they have a secure cloud configuration, and another team thinking about container security, and other teams thinking about workload security."
This approach also allows Trend Micro to share its collective defense and situational awareness threat intelligence up and down the stack—something Cahill says is unique.
"They are doing it at the network level, and they are also doing it at the application exploit level through the runtime application self-protection product they acquired sometime back," he said.
Cahill called Cloud One a "Swiss Army knife," as it has something for most organizations. For mature organizations that are further along in the cloud security journey, this represents something of a next-generation approach for web applications.
For companies in an earlier stage of cloud security, the opportunity to start with one or two of the blades in Cloud One makes sense. It provides a built-in roadmap that allows these companies to work with a single vendor on the rest of the journey toward securing the full cloud stack, he added.
Cloud One is the logical next step for Trend Micro. It follows two recent announcements: the acquisition of Cloud Conformity for cloud security posture management, and a partnership with Snyk, a company that focuses on helping developers maintain security while using open-source technology.
Trend Micro's Cloud One platform will be available in the first quarter of 2020 with three services fully integrated: workload security, network security and application security. The other components will be available as stand-alone solutions and integrated into Cloud One by the end of 2020.